func NewAuthToken(opts *Opts) *AuthToken {
// Init session, session's auth shall be a auto-fetch password
// or token authentication for a service user (have super previlege)
// We will use this service user for:
// 1. validate a normal user token (sent in via request's "X-Auth-Token")
// 2. validate another service token (sent in via request's "X-Service-Token")
// 3. Retrieve revocation list from identity server (not implemented)
params := &types.AuthRequestParams{
Username: opts.Username,
UserId: opts.UserId,
Password: opts.Password,
Token: opts.Token,
DomainName: opts.UserDomainName,
DomainId: opts.UserDomainId,
ProjectName: opts.ProjectName,
ProjectId: opts.ProjectId,
Scope: true,
}
var auth client.Auth
if opts.AuthMethod == "password" {
auth = &client.AuthPassword{Params: params}
} else {
auth = &client.AuthToken{Params: params}
}
s := client.NewSession(&opts.Client, auth)
t := cache.NewTokenCache(opts.MemcacheServers, opts.TokenCacheTime)
return &AuthToken{session: s, cache: t, delayAuthDecision: opts.DelayAuthDecision}
}
func TestUserGet(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/users/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/users/xyz", r.URL.Path)
}
w.Write([]byte(`{
"user": {
"default_project_id": "263fd9",
"description": "John Smith's user",
"domain_id": "1789d1",
"email": "*****@*****.**",
"enabled": true,
"id": "9fe1d3",
"links": {
"self": "https://identity:35357/v3/users/9fe1d3"
},
"name": "jsmith"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
userResource := &User{
Session: session,
}
user, err := userResource.Get("xyz")
if err != nil {
t.Error(err)
}
if user.Id != "9fe1d3" {
t.Errorf("Expected id == %q; got %q", "9fe1d3", user.Id)
}
}
func TestProjectGet(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/projects/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/projects/xyz", r.URL.Path)
}
w.Write([]byte(`{
"project": {
"description": null,
"domain_id": "default",
"enabled": true,
"id": "0c4e939acacf4376bdcd1129f1a054ad",
"links": {
"self": "http://localhost:5000/v3/projects/0c4e939acacf4376bdcd1129f1a054ad"
},
"name": "admin",
"parent_id": null
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
projectResource := &Project{
Session: session,
}
project, err := projectResource.Get("xyz")
if err != nil {
t.Error(err)
}
if project.Id != "0c4e939acacf4376bdcd1129f1a054ad" {
t.Errorf("Expected id == %q; got %q", "default", project.Id)
}
}
func TestCredentialGet(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/credentials/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/credentials/xyz", r.URL.Path)
}
w.Write([]byte(`{
"credential": {
"user_id": "bb5476fd12884539b41d5a88f838d773",
"links": {
"self": "http://localhost:5000/v3/credentials/207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
},
"blob": "{\"access\": \"a42a27755ce6442596b049bd7dd8a563\", \"secret\": \"71faf1d40bb24c82b479b1c6fbbd9f0c\", \"trust_id\": null}",
"project_id": "6e01855f345f4c59812999b5e459137d",
"type": "ec2",
"id": "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
credentialResource := &Credential{
Session: session,
}
credential, err := credentialResource.Get("xyz")
if err != nil {
t.Error(err)
}
if credential.Id != "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7" {
t.Errorf("Expected id == %q; got %q", "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7", credential.Id)
}
}
func TestGroupGet(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/groups/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/groups/xyz", r.URL.Path)
}
w.Write([]byte(`{
"group": {
"domain_id": "default",
"description": "Contract developers",
"id": "c0d675eac29945ad9dfd08aa1bb75751",
"links": {
"self": "http://localhost:5000/v3/groups/c0d675eac29945ad9dfd08aa1bb75751"
},
"name": "Contract developers"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
groupResource := &Group{
Session: session,
}
group, err := groupResource.Get("xyz")
if err != nil {
t.Error(err)
}
if group.Id != "c0d675eac29945ad9dfd08aa1bb75751" {
t.Errorf("Expected id == %q; got %q", "c0d675eac29945ad9dfd08aa1bb75751", group.Id)
}
}
func TestDomainGet(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/domains/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/domains/xyz", r.URL.Path)
}
w.Write([]byte(`{
"domain": {
"description": "Owns users and tenants (i.e. projects) available on Identity API v2.",
"enabled": true,
"id": "default",
"links": {
"self": "http://localhost:5000/v3/domains/default"
},
"name": "Default"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
domainResource := &Domain{
Session: session,
}
domain, err := domainResource.Get("xyz")
if err != nil {
t.Error(err)
}
if domain.Id != "default" {
t.Errorf("Expected id == %q; got %q", "default", domain.Id)
}
}
func TestRegionGet(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/regions/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/regions/xyz", r.URL.Path)
}
w.Write([]byte(`{
"region": {
"description": "My subregion 3",
"id": "RegionThree",
"links": {
"self": "http://localhost:5000/v3/regions/RegionThree"
},
"parent_region_id": "RegionOne"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
regionResource := &Region{
Session: session,
}
region, err := regionResource.Get("xyz")
if err != nil {
t.Error(err)
}
if region.Id != "RegionThree" {
t.Errorf("Expected id == %q; got %q", "RegionThree", region.Id)
}
}
func TestRoleGet(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/roles/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/roles/xyz", r.URL.Path)
}
w.Write([]byte(`{
"role": {
"id": "1e443fa8cee3482a8a2b6954dd5c8f12",
"links": {
"self": "http://localhost:5000/v3/roles/1e443fa8cee3482a8a2b6954dd5c8f12"
},
"name": "Developer"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
roleResource := &Role{
Session: session,
}
role, err := roleResource.Get("xyz")
if err != nil {
t.Error(err)
}
if role.Id != "1e443fa8cee3482a8a2b6954dd5c8f12" {
t.Errorf("Expected id == %q; got %q", "1e443fa8cee3482a8a2b6954dd5c8f12", role.Id)
}
}
func TestUserChangePassword(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.POST {
t.Errorf("Expected method %q; got %q", requests.POST, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/users/xyz/password" {
t.Errorf("Expected 'url' == %q; got %q", "/users/xyz/password", r.URL.Path)
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
if string(body) != `{"user":{"password":"******","original_password":"******"}}` {
t.Errorf("Expected auth request body == %q; got %q",
`{"user":{"password":"******","original_password":"******"}}`,
string(body))
}
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
userResource := &User{
Session: session,
}
err := userResource.ChangePassword("xyz", "123", "456")
if err != nil {
t.Error(err)
}
}
func TestUserDelete(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.DELETE {
t.Errorf("Expected method %q; got %q", requests.DELETE, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/users/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/users/xyz", r.URL.Path)
}
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
userResource := &User{
Session: session,
}
err := userResource.Delete("xyz")
if err != nil {
t.Error(err)
}
}
func TestGroupList(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
//test query parameter
q := r.URL.Query()
if q.Get("domain_id") != "default" {
t.Errorf("Expected 'domain_id' == %q; got %q", "default", q.Get("domain_id"))
}
w.Write([]byte(`{
"links": {
"self": "http://localhost:5000/v3/groups",
"previous": null,
"next": null
},
"groups": [
{
"domain_id": "default",
"description": "non-admin group",
"id": "96372bbb152f475aa37e9a76a25a029c",
"links": {
"self": "http://localhost:5000/v3/groups/96372bbb152f475aa37e9a76a25a029c"
},
"name": "nonadmins"
},
{
"domain_id": "default",
"description": "openstack admin group",
"id": "9ce0ad4e58a84d7a97b92f7955d10c92",
"links": {
"self": "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92"
},
"name": "admins"
}
]
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
groupResource := &Group{
Session: session,
}
groups, err := groupResource.List("default", "")
if err != nil {
t.Error(err)
}
if groups.Links["self"] != "http://localhost:5000/v3/groups" {
t.Errorf("Expect groups.Links[self] == %q; got %q", "http://localhost:5000/v3/groups", groups.Links["self"])
}
if groups.Groups[0].Id != "96372bbb152f475aa37e9a76a25a029c" {
t.Errorf("Expect groups.Groups[0].Id == %q; got %q", "96372bbb152f475aa37e9a76a25a029c", groups.Groups[0].Id)
}
if groups.Groups[1].Links["self"] != "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92" {
t.Errorf("Expect groups.Groups[1].Links[self] == %q; got %q", "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92", groups.Groups[1].Links["self"])
}
}
func TestGroupListUsers(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/groups/xyz/users" {
t.Errorf("Expected 'url' == %q; got %q", "/groups/xyz/users", r.URL.Path)
}
q := r.URL.Query()
if q.Get("domain_id") != "default" {
t.Errorf("Expected 'domain_id' == %q; got %q", "default", q.Get("domain_id"))
}
w.Write([]byte(`{
"users": [
{
"name": "admin",
"links": {
"self": "http://localhost:5000/v3/users/fff603a0829d41e48bc0dd0d72ad61ce"
},
"domain_id": "default",
"enabled": true,
"email": null,
"id": "fff603a0829d41e48bc0dd0d72ad61ce"
}
],
"links": {
"self": "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92/users",
"previous": null,
"next": null
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
groupResource := &Group{
Session: session,
}
users, err := groupResource.ListUsers("xyz", "default", "", "", "true")
if err != nil {
t.Error(err)
}
if users.Links["self"] != "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92/users" {
t.Errorf("Expect users.Links[self] == %q; got %q", "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92/users", users.Links["self"])
}
}
func TestGroupUpdate(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.PATCH {
t.Errorf("Expected method %q; got %q", requests.PATCH, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/groups/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/groups/xyz", r.URL.Path)
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
tmp := `{
"group": {
"description": "Contract developers 2016",
"name": "Contract developers 2016"
}
}`
tmpStruct := &types.GroupResponse{}
_ = json.Unmarshal([]byte(tmp), tmpStruct)
tmpbytes, _ := json.Marshal(tmpStruct)
if string(body) != string(tmpbytes) {
t.Errorf("Expected auth request body == %q; got %q", string(tmpbytes), string(body))
}
w.Write([]byte(`{
"group": {
"domain_id": "default",
"description": "Contract developers 2016",
"id": "c0d675eac29945ad9dfd08aa1bb75751",
"links": {
"self": "http://localhost:5000/v3/groups/c0d675eac29945ad9dfd08aa1bb75751"
},
"name": "Contract developers 2016"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
groupResource := &Group{
Session: session,
}
group, err := groupResource.Update("xyz", &types.Group{
Description: "Contract developers 2016",
Name: "Contract developers 2016",
})
if err != nil {
t.Error(err)
}
if group.Id != "c0d675eac29945ad9dfd08aa1bb75751" {
t.Errorf("Expect group.Id == %q; got %q", "c0d675eac29945ad9dfd08aa1bb75751", group.Id)
}
}
func TestDomainCreate(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.POST {
t.Errorf("Expected method %q; got %q", requests.POST, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
tmp := `{
"domain": {
"description": "Domain description",
"enabled": true,
"name": "myDomain"
}
}`
tmpStruct := &types.DomainResponse{}
_ = json.Unmarshal([]byte(tmp), tmpStruct)
tmpbytes, _ := json.Marshal(tmpStruct)
if string(body) != string(tmpbytes) {
t.Errorf("Expected auth request body == %q; got %q", string(tmpbytes), string(body))
}
w.Write([]byte(`{
"domain": {
"description": "Domain description",
"enabled": true,
"id": "161718",
"links": {
"self": "http://identity:35357/v3/domains/161718"
},
"name": "myDomain"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
domainResource := &Domain{
Session: session,
}
domain, err := domainResource.Create(&types.Domain{
Description: "Domain description",
Enabled: true,
Name: "myDomain",
})
if err != nil {
t.Error(err)
}
if domain.Id != "161718" {
t.Errorf("Expect domain.Id == %q; got %q", "161718", domain.Id)
}
}
func TestUserListProjects(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/users/xyz/projects" {
t.Errorf("Expected 'url' == %q; got %q", "/users/xyz/projects", r.URL.Path)
}
w.Write([]byte(`{
"projects": [
{
"description": "description of this project",
"domain_id": "161718",
"enabled": true,
"id": "456788",
"parent_id": "212223",
"links": {
"self": "http://identity:35357/v3/projects/456788"
},
"name": "a project name"
},
{
"description": "description of this project",
"domain_id": "161718",
"enabled": true,
"id": "456789",
"parent_id": "212223",
"links": {
"self": "http://identity:35357/v3/projects/456789"
},
"name": "another domain"
}
],
"links": {
"self": "http://identity:35357/v3/users/313233/projects",
"previous": null,
"next": null
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
userResource := &User{
Session: session,
}
projects, err := userResource.ListProjects("xyz")
if err != nil {
t.Error(err)
}
if projects.Links["self"] != "http://identity:35357/v3/users/313233/projects" {
t.Errorf("Expect projects.Links[self] == %q; got %q", "http://identity:35357/v3/users/313233/projects", projects.Links["self"])
}
if projects.Projects[0].Name != "a project name" {
t.Errorf("Expect projects.Projects[0].Name == %q; got %q", "a project name", projects.Projects[0].Name)
}
if projects.Projects[1].Links["self"] != "http://identity:35357/v3/projects/456789" {
t.Errorf("Expect projects.Projects[1].Links[self] == %q; got %q", "http://identity:35357/v3/projects/456789", projects.Projects[1].Links["self"])
}
}
func TestCredentialList(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
//test query parameter
q := r.URL.Query()
if q.Get("user_id") != "xyz" {
t.Errorf("Expected 'user_id' == %q; got %q", "xyz", q.Get("user_id"))
}
w.Write([]byte(`{
"credentials": [
{
"user_id": "bb5476fd12884539b41d5a88f838d773",
"links": {
"self": "http://localhost:5000/v3/credentials/207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
},
"blob": "{\"access\": \"a42a27755ce6442596b049bd7dd8a563\", \"secret\": \"71faf1d40bb24c82b479b1c6fbbd9f0c\", \"trust_id\": null}",
"project_id": "6e01855f345f4c59812999b5e459137d",
"type": "ec2",
"id": "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
},
{
"user_id": "6f556708d04b4ea6bc72d7df2296b71a",
"links": {
"self": "http://localhost:5000/v3/credentials/2441494e52ab6d594a34d74586075cb299489bdd1e9389e3ab06467a4f460609"
},
"blob": "{\"access\": \"7da79ff0aa364e1396f067e352b9b79a\", \"secret\": \"7a18d68ba8834b799d396f3ff6f1e98c\", \"trust_id\": null}",
"project_id": "1a1d14690f3c4ec5bf5f321c5fde3c16",
"type": "ec2",
"id": "2441494e52ab6d594a34d74586075cb299489bdd1e9389e3ab06467a4f460609"
}
],
"links": {
"self": "http://localhost:5000/v3/credentials",
"previous": null,
"next": null
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
credentialResource := &Credential{
Session: session,
}
credentials, err := credentialResource.List("xyz")
if err != nil {
t.Error(err)
}
if credentials.Links["self"] != "http://localhost:5000/v3/credentials" {
t.Errorf("Expect credentials.Links[self] == %q; got %q", "http://localhost:5000/v3/credentials", credentials.Links["self"])
}
if credentials.Credentials[0].Id != "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7" {
t.Errorf("Expect credentials.Credentials[0].Id == %q; got %q", "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7", credentials.Credentials[0].Id)
}
if credentials.Credentials[1].Links["self"] != "http://localhost:5000/v3/credentials/2441494e52ab6d594a34d74586075cb299489bdd1e9389e3ab06467a4f460609" {
t.Errorf("Expect credentials.Credentials[1].Links[self] == %q; got %q", "http://localhost:5000/v3/credentials/2441494e52ab6d594a34d74586075cb299489bdd1e9389e3ab06467a4f460609", credentials.Credentials[1].Links["self"])
}
}
func TestRoleList(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
//test query parameter
q := r.URL.Query()
if q.Get("name") != "test" {
t.Errorf("Expected 'name' == %q; got %q", "test", q.Get("name"))
}
w.Write([]byte(`{
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/roles"
},
"roles": [
{
"id": "5318e65d75574c17bf5339d3df33a5a3",
"links": {
"self": "http://localhost:5000/v3/roles/5318e65d75574c17bf5339d3df33a5a3"
},
"name": "admin"
},
{
"id": "642bcfc75c384fd181adf34d9b2df897",
"links": {
"self": "http://localhost:5000/v3/roles/642bcfc75c384fd181adf34d9b2df897"
},
"name": "anotherrole"
}
]
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
roleResource := &Role{
Session: session,
}
roles, err := roleResource.List("test")
if err != nil {
t.Error(err)
}
if roles.Links["self"] != "http://localhost:5000/v3/roles" {
t.Errorf("Expect roles.Links[self] == %q; got %q", "http://localhost:5000/v3/roles", roles.Links["self"])
}
if roles.Roles[0].Id != "5318e65d75574c17bf5339d3df33a5a3" {
t.Errorf("Expect roles.Roles[0].Id == %q; got %q", "5318e65d75574c17bf5339d3df33a5a3", roles.Roles[0].Id)
}
if roles.Roles[1].Links["self"] != "http://localhost:5000/v3/roles/642bcfc75c384fd181adf34d9b2df897" {
t.Errorf("Expect roles.Roles[1].Links[self] == %q; got %q", "http://localhost:5000/v3/roles/642bcfc75c384fd181adf34d9b2df897", roles.Roles[1].Links["self"])
}
}
func TestRoleAssignments(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/role_assignments" {
t.Errorf("Expected 'url' == %q; got %q", "/role_assignments", r.URL.Path)
}
q := r.URL.Query()
if q.Get("user.id") != "xyz" {
t.Errorf("Expected 'user.id' == %q; got %q", "xyz", q.Get("user.id"))
}
if q.Get("scope.project.id") != "abc" {
t.Errorf("Expected 'scope.project.id' == %q; got %q", "abc", q.Get("scope.project.id"))
}
w.Write([]byte(`{
"role_assignments": [
{
"links": {
"assignment": "http://identity:35357/v3/domains/161718/users/313233/roles/123456"
},
"role": {
"id": "123456"
},
"scope": {
"domain": {
"id": "161718"
}
},
"user": {
"id": "313233"
}
},
{
"group": {
"id": "101112"
},
"links": {
"assignment": "http://identity:35357/v3/projects/456789/groups/101112/roles/123456"
},
"role": {
"id": "123456"
},
"scope": {
"project": {
"id": "456789"
}
}
}
],
"links": {
"self": "http://identity:35357/v3/role_assignments",
"previous": null,
"next": null
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
roleResource := &Role{
Session: session,
}
roles, err := roleResource.Assignments(map[string]string{
"user.id": "xyz",
"scope.project.id": "abc",
"effective": "true",
})
if err != nil {
t.Error(err)
}
if roles.Links["self"] != "http://identity:35357/v3/role_assignments" {
t.Errorf("Expect roles.Links[self] == %q; got %q", "http://identity:35357/v3/role_assignments", roles.Links["self"])
}
if roles.RoleAssignments[0].Role.Id != "123456" {
t.Errorf("Expect roles.RoleAssignments[0].Role.Id == %q; got %q", "123456", roles.RoleAssignments[0].Role.Id)
}
if roles.RoleAssignments[1].Links["assignment"] != "http://identity:35357/v3/projects/456789/groups/101112/roles/123456" {
t.Errorf("Expect roles.RoleAssignments[1].Links[assignment] == %q; got %q", "http://identity:35357/v3/projects/456789/groups/101112/roles/123456", roles.RoleAssignments[1].Links["assignment"])
}
}
func TestRoleUpdate(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.PATCH {
t.Errorf("Expected method %q; got %q", requests.PATCH, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/roles/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/roles/xyz", r.URL.Path)
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
tmp := `{
"role": {
"name": "Developer"
}
}`
tmpStruct := &types.RoleResponse{}
_ = json.Unmarshal([]byte(tmp), tmpStruct)
tmpbytes, _ := json.Marshal(tmpStruct)
if string(body) != string(tmpbytes) {
t.Errorf("Expected auth request body == %q; got %q", string(tmpbytes), string(body))
}
w.Write([]byte(`{
"role": {
"id": "1e443fa8cee3482a8a2b6954dd5c8f12",
"links": {
"self": "http://localhost:5000/v3/roles/1e443fa8cee3482a8a2b6954dd5c8f12"
},
"name": "Developer"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
roleResource := &Role{
Session: session,
}
role, err := roleResource.Update("xyz", &types.Role{
Name: "Developer",
})
if err != nil {
t.Error(err)
}
if role.Id != "1e443fa8cee3482a8a2b6954dd5c8f12" {
t.Errorf("Expect role.Id == %q; got %q", "1e443fa8cee3482a8a2b6954dd5c8f12", role.Id)
}
}
func TestProjectList(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
//test query parameter
q := r.URL.Query()
if q.Get("domain_id") != "default" {
t.Errorf("Expected 'domain_id' == %q; got %q", "default", q.Get("domain_id"))
}
if q.Get("parent_id") != "test" {
t.Errorf("Expected 'parent_id' == %q; got %q", "test", q.Get("parent_id"))
}
if q.Get("name") != "project" {
t.Errorf("Expected 'name' == %q; got %q", "project", q.Get("name"))
}
if q.Get("enabled") != "true" {
t.Errorf("Expected 'enabled' == %q; got %q", "true", q.Get("enabled"))
}
w.Write([]byte(`{
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/projects"
},
"projects": [
{
"description": null,
"domain_id": "default",
"enabled": true,
"id": "0c4e939acacf4376bdcd1129f1a054ad",
"links": {
"self": "http://localhost:5000/v3/projects/0c4e939acacf4376bdcd1129f1a054ad"
},
"name": "admin",
"parent_id": null
},
{
"description": null,
"domain_id": "default",
"enabled": true,
"id": "0cbd49cbf76d405d9c86562e1d579bd3",
"links": {
"self": "http://localhost:5000/v3/projects/0cbd49cbf76d405d9c86562e1d579bd3"
},
"name": "demo",
"parent_id": null
}
]
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
projectResource := &Project{
Session: session,
}
projects, err := projectResource.List("default", "test", "project", "true")
if err != nil {
t.Error(err)
}
if projects.Links["self"] != "http://localhost:5000/v3/projects" {
t.Errorf("Expect projects.Links[self] == %q; got %q", "http://localhost:5000/v3/projects", projects.Links["self"])
}
if projects.Projects[0].Id != "0c4e939acacf4376bdcd1129f1a054ad" {
t.Errorf("Expect projects.Projects[0].Id == %q; got %q", "0c4e939acacf4376bdcd1129f1a054ad", projects.Projects[0].Id)
}
if projects.Projects[1].Links["self"] != "http://localhost:5000/v3/projects/0cbd49cbf76d405d9c86562e1d579bd3" {
t.Errorf("Expect projects.Projects[1].Links[self] == %q; got %q", "http://localhost:5000/v3/projects/0cbd49cbf76d405d9c86562e1d579bd3", projects.Projects[1].Links["self"])
}
}
func TestProjectUpdate(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.PATCH {
t.Errorf("Expected method %q; got %q", requests.PATCH, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/projects/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/projects/xyz", r.URL.Path)
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
tmp := `{
"project": {
"description": "My updated project",
"domain_id": "default",
"enabled": true,
"name": "myUpdatedProject"
}
}`
tmpStruct := &types.ProjectResponse{}
_ = json.Unmarshal([]byte(tmp), tmpStruct)
tmpbytes, _ := json.Marshal(tmpStruct)
if string(body) != string(tmpbytes) {
t.Errorf("Expected auth request body == %q; got %q", string(tmpbytes), string(body))
}
w.Write([]byte(`{
"project": {
"is_domain": true,
"description": "My updated project",
"links": {
"self": "http://localhost:5000/v3/projects/93ebbcc35335488b96ff9cd7d18cbb2e"
},
"extra": {
"is_domain": true
},
"enabled": true,
"id": "93ebbcc35335488b96ff9cd7d18cbb2e",
"parent_id": null,
"domain_id": "default",
"name": "myUpdatedProject"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
projectResource := &Project{
Session: session,
}
project, err := projectResource.Update("xyz", &types.Project{
Description: "My updated project",
DomainId: "default",
Enabled: true,
Name: "myUpdatedProject",
})
if err != nil {
t.Error(err)
}
if project.Id != "93ebbcc35335488b96ff9cd7d18cbb2e" {
t.Errorf("Expect project.Id == %q; got %q", "default", project.Id)
}
if !project.IsDomain {
t.Errorf("Expect is_domain true, got false")
}
if v := project.Extra["is_domain"].(bool); !v {
t.Errorf("Expect extra[is_domain] true, got false")
}
}
func TestList(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
//test query parameter
q := r.URL.Query()
if q.Get("domain_id") != "default" {
t.Errorf("Expected 'domain_id' == %q; got %q", "default", q.Get("domain_id"))
}
if q.Get("enabled") != "true" {
t.Errorf("Expected 'enabled' == %q; got %q", "true", q.Get("enabled"))
}
w.Write([]byte(`{
"links": {
"next": null,
"previous": null,
"self": "http://*****:*****@example.com",
"enabled": true,
"id": "4ab84ab39de54f4d96eaff8f2145a7cd",
"links": {
"self": "http://localhost:5000/v3/users/4ab84ab39de54f4d96eaff8f2145a7cd"
},
"name": "swiftusertest1"
}
]
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
userResource := &User{
Session: session,
}
users, err := userResource.List("default", "", "true")
if err != nil {
t.Error(err)
}
if users.Links["self"] != "http://localhost:5000/v3/users" {
t.Errorf("Expect users.Links[self] == %q; got %q", "http://localhost:5000/v3/users", users.Links["self"])
}
if users.Links["next"] != "" {
t.Errorf("Expect users.Links[next] empty, got %q", users.Links["next"])
}
if users.Links["previous"] != "" {
t.Errorf("Expect users.Links[previous] empty, got %q", users.Links["previous"])
}
if users.Users[0].Name != "glance" {
t.Errorf("Expect users.Users[0].Name == %q; got %q", "glance", users.Users[0].Name)
}
if users.Users[1].Links["self"] != "http://localhost:5000/v3/users/4ab84ab39de54f4d96eaff8f2145a7cd" {
t.Errorf("Expect users.Users[1].Links[self] == %q; got %q", "http://localhost:5000/v3/users/4ab84ab39de54f4d96eaff8f2145a7cd", users.Users[1].Links["self"])
}
}
func TestCredentialUpdate(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.PATCH {
t.Errorf("Expected method %q; got %q", requests.PATCH, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/credentials/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/credentials/xyz", r.URL.Path)
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
if string(body) != `{"credential":{"blob":"{\"access\":\"181920\",\"secret\":\"secretKey\"}","user_id":"bb5476fd12884539b41d5a88f838d773","project_id":"731fc6f265cd486d900f16e84c5cb594","type":"ec2"}}` {
t.Errorf("Expected auth request body == %q; got %q",
`{"credential":{"blob":"{\"access\":\"181920\",\"secret\":\"secretKey\"}","user_id":"bb5476fd12884539b41d5a88f838d773","project_id":"731fc6f265cd486d900f16e84c5cb594","type":"ec2"}}`,
string(body))
}
w.Write([]byte(`{
"credential": {
"user_id": "bb5476fd12884539b41d5a88f838d773",
"links": {
"self": "http://localhost:5000/v3/credentials/3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510"
},
"blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
"project_id": "731fc6f265cd486d900f16e84c5cb594",
"type": "ec2",
"id": "3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
credentialResource := &Credential{
Session: session,
}
blob, _ := json.Marshal(map[string]string{
"access": "181920",
"secret": "secretKey",
})
credential, err := credentialResource.Update("xyz", &types.Credential{
Blob: string(blob),
ProjectId: "731fc6f265cd486d900f16e84c5cb594",
Type: "ec2",
UserId: "bb5476fd12884539b41d5a88f838d773",
})
if err != nil {
t.Error(err)
}
if credential.Id != "3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510" {
t.Errorf("Expect credential.Id == %q; got %q", "3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510", credential.Id)
}
}
func TestRegionUpdate(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.PATCH {
t.Errorf("Expected method %q; got %q", requests.PATCH, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/regions/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/regions/xyz", r.URL.Path)
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
tmp := `{
"region": {
"description": "My subregion 3"
}
}`
tmpStruct := &types.RegionResponse{}
_ = json.Unmarshal([]byte(tmp), tmpStruct)
tmpbytes, _ := json.Marshal(tmpStruct)
if string(body) != string(tmpbytes) {
t.Errorf("Expected auth request body == %q; got %q", string(tmpbytes), string(body))
}
w.Write([]byte(`{
"region": {
"parent_region_id": "RegionOne",
"id": "RegionThree",
"links": {
"self": "http://localhost:5000/v3/regions/RegionThree"
},
"description": "My subregion 3"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
regionResource := &Region{
Session: session,
}
region, err := regionResource.Update("xyz", &types.Region{
Description: "My subregion 3",
})
if err != nil {
t.Error(err)
}
if region.Id != "RegionThree" {
t.Errorf("Expect region.Id == %q; got %q", "RegionThree", region.Id)
}
}
func TestUserUpdate(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.PATCH {
t.Errorf("Expected method %q; got %q", requests.PATCH, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/users/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/users/xyz", r.URL.Path)
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
// should be
//{
// "user": {
// "default_project_id": "263fd9",
// "description": "James Doe user",
// "email": "*****@*****.**",
// "enabled": true,
// }
//}
// But sequence not really defined. We try to know the sequence first, and
// then hard code here.
if string(body) != `{"user":{"default_project_id":"263fd9","email":"*****@*****.**","description":"James Doe user","enabled":true}}` {
t.Errorf("Expected auth request body == %q; got %q",
`{"user":"******":"263fd9","email":"*****@*****.**","description":"James Doe user","enabled":true}}`,
string(body))
}
w.Write([]byte(`{
"user": {
"default_project_id": "263fd9",
"description": "James Doe user",
"domain_id": "1789d1",
"email": "*****@*****.**",
"enabled": true,
"id": "ff4e51",
"links": {
"self": "https://*****:*****@example.com",
Enabled: true,
})
if err != nil {
t.Error(err)
}
if user.Name != "James Doe" {
t.Errorf("Expect user.Name == %q; got %q", "James Doe", user.Name)
}
if user.Links["self"] != "https://identity:35357/v3/users/ff4e51" {
t.Errorf("Expect user.Links[self] == %q; got %q", "https://identity:35357/v3/users/ff4e51", user.Links["self"])
}
}
func TestDomainUpdate(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.PATCH {
t.Errorf("Expected method %q; got %q", requests.PATCH, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/domains/xyz" {
t.Errorf("Expected 'url' == %q; got %q", "/domains/xyz", r.URL.Path)
}
body, _ := ioutil.ReadAll(r.Body)
defer r.Body.Close()
tmp := `{
"domain": {
"description": "Owns users and projects on Identity API v2."
}
}`
tmpStruct := &types.DomainResponse{}
_ = json.Unmarshal([]byte(tmp), tmpStruct)
tmpbytes, _ := json.Marshal(tmpStruct)
if string(body) != string(tmpbytes) {
t.Errorf("Expected auth request body == %q; got %q", string(tmpbytes), string(body))
}
w.Write([]byte(`{
"domain": {
"links": {
"self": "http://localhost:5000/v3/domains/default"
},
"enabled": true,
"description": "Owns users and projects on Identity API v2.",
"name": "Default",
"id": "default"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
domainResource := &Domain{
Session: session,
}
domain, err := domainResource.Update("xyz", &types.Domain{
Description: "Owns users and projects on Identity API v2.",
})
if err != nil {
t.Error(err)
}
if domain.Id != "default" {
t.Errorf("Expect domain.Id == %q; got %q", "default", domain.Id)
}
}
func TestUserListGroups(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.URL.Path != "/users/xyz/groups" {
t.Errorf("Expected 'url' == %q; got %q", "/users/xyz/groups", r.URL.Path)
}
w.Write([]byte(`{
"groups": [
{
"description": "Developers cleared for work on all general projects",
"domain_id": "1789d1",
"id": "ea167b",
"links": {
"self": "https://identity:35357/v3/groups/ea167b"
},
"name": "Developers"
},
{
"description": "Developers cleared for work on secret projects",
"domain_id": "1789d1",
"id": "a62db1",
"links": {
"self": "https://identity:35357/v3/groups/a62db1"
},
"name": "Secure Developers"
}
],
"links": {
"self": "http://identity:35357/v3/users/9fe1d3/groups",
"previous": null,
"next": null
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
userResource := &User{
Session: session,
}
groups, err := userResource.ListGroups("xyz")
if err != nil {
t.Error(err)
}
if groups.Links["self"] != "http://identity:35357/v3/users/9fe1d3/groups" {
t.Errorf("Expect groups.Links[self] == %q; got %q", "http://identity:35357/v3/users/9fe1d3/groups", groups.Links["self"])
}
if groups.Groups[0].Name != "Developers" {
t.Errorf("Expect groups.Groups[0].Name == %q; got %q", "Developers", groups.Groups[0].Name)
}
if groups.Groups[1].Links["self"] != "https://identity:35357/v3/groups/a62db1" {
t.Errorf("Expect groups.Groups[1].Links[self] == %q; got %q", "https://identity:35357/v3/groups/a62db1", groups.Groups[1].Links["self"])
}
}
func TestDomainList(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
//test query parameter
q := r.URL.Query()
if q.Get("enabled") != "true" {
t.Errorf("Expected 'enabled' == %q; got %q", "true", q.Get("enabled"))
}
w.Write([]byte(`{
"domains": [
{
"description": "Used for swift functional testing",
"enabled": true,
"id": "5a75994a383c449184053ff7270c4e91",
"links": {
"self": "http://localhost:5000/v3/domains/5a75994a383c449184053ff7270c4e91"
},
"name": "swift_test"
},
{
"description": "Owns users and tenants (i.e. projects) available on Identity API v2.",
"enabled": true,
"id": "default",
"links": {
"self": "http://localhost:5000/v3/domains/default"
},
"name": "Default"
}
],
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/domains"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
domainResource := &Domain{
Session: session,
}
domains, err := domainResource.List("", "true")
if err != nil {
t.Error(err)
}
if domains.Links["self"] != "http://localhost:5000/v3/domains" {
t.Errorf("Expect domains.Links[self] == %q; got %q", "http://localhost:5000/v3/domains", domains.Links["self"])
}
if domains.Domains[0].Id != "5a75994a383c449184053ff7270c4e91" {
t.Errorf("Expect domains.Domains[0].Id == %q; got %q", "5a75994a383c449184053ff7270c4e91", domains.Domains[0].Id)
}
if domains.Domains[1].Links["self"] != "http://localhost:5000/v3/domains/default" {
t.Errorf("Expect domains.Domains[1].Links[self] == %q; got %q", "http://localhost:5000/v3/domains/default", domains.Domains[1].Links["self"])
}
}
func TestRegionList(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
//test query parameter
q := r.URL.Query()
if q.Get("parent_region_id") != "test" {
t.Errorf("Expected 'enabled' == %q; got %q", "true", q.Get("parent_region_id"))
}
w.Write([]byte(`{
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/regions"
},
"regions": [
{
"description": "",
"id": "RegionOne",
"links": {
"self": "http://localhost:5000/v3/regions/RegionOne"
},
"parent_region_id": null
}
]
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
regionResource := &Region{
Session: session,
}
regions, err := regionResource.List("test")
if err != nil {
t.Error(err)
}
if regions.Links["self"] != "http://localhost:5000/v3/regions" {
t.Errorf("Expect regions.Links[self] == %q; got %q", "http://localhost:5000/v3/regions", regions.Links["self"])
}
if regions.Regions[0].Id != "RegionOne" {
t.Errorf("Expect regions.Regions[0].Id == %q; got %q", "RegionOne", regions.Regions[0].Id)
}
}
func TestGetAccess(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// check method is GET before going to check other features
if r.Method != requests.GET {
t.Errorf("Expected method %q; got %q", requests.GET, r.Method)
}
if r.Header == nil {
t.Errorf("Expected non-nil request Header")
}
if r.Header.Get("User-Agent") != "Dasea Keystone client" {
t.Errorf("Expected 'User-Agent' == %q; got %q", "Dasea Keystone client", r.Header.Get("User-Agent"))
}
if r.Header.Get("X-Auth-Token") != "12345" {
t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "12345", r.Header.Get("X-Auth-Token"))
}
if r.Header.Get("X-Subject-Token") != "67890" {
t.Errorf("Expected 'X-Subject-Token' == %q; got %q", "67890", r.Header.Get("X-Subject-Token"))
}
w.Header().Set("X-Auth-Token", "12345")
w.Header().Set("X-Subject-Token", "67890")
w.Write([]byte(`{
"token": {
"methods": [
"token"
],
"expires_at": "2015-11-05T22:00:11.000000Z",
"extras": {},
"user": {
"domain": {
"id": "default",
"name": "Default"
},
"id": "10a2e6e717a245d9acad3e5f97aeca3d",
"name": "admin"
},
"audit_ids": [
"mAjXQhiYRyKwkB4qygdLVg"
],
"issued_at": "2015-11-05T21:00:33.819948Z"
}
}`))
}))
defer ts.Close()
auth := &client.AuthAccess{
Access: &client.AccessInfo{
Token: "12345",
},
}
session := client.NewSession(&keystoneclient.Opts{AuthUrl: ts.URL}, auth)
authResource := &Auth{
Session: session,
}
access, err := authResource.GetAccessFromToken("67890")
if err != nil {
t.Error(err)
}
if access.Token != "67890" {
t.Errorf("Expect token = %q; got %q", "67890", access.Token)
}
}