示例#1
0
func TestServiceToken(t *testing.T) {
	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		switch r.URL.Path {
		case "/auth/tokens":
			if r.Method == "POST" {
				_, _ = ioutil.ReadAll(r.Body)
				defer r.Body.Close()

				w.Header().Set("X-Subject-Token", "servicetoken")
				w.Write([]byte(`{
					"token": {
						"methods": [
							"password"
						],
						"expires_at": "2016-11-06T15:32:17.893769Z",
						"extras": {},
						"user": {
							"domain": {
								"id": "default",
								"name": "Default"
							},
							"id": "423f19a4ac1e4f48bbb4180756e6eb6c",
							"name": "admin"
						},
						"audit_ids": [
							"ZzZwkUflQfygX7pdYDBCQQ"
						],
						"issued_at": "2015-11-06T14:32:17.893797Z"
					}
				}`))
			} else if r.Method == "GET" {
				if r.Header.Get("X-Auth-Token") != "servicetoken" {
					t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "servicetoken", r.Header.Get("X-Auth-Token"))
				}
				if r.Header.Get("X-Subject-Token") != "usertoken" &&
					r.Header.Get("X-Subject-Token") != "myservicetoken" {
					t.Errorf("Expected 'X-Subject-Token' == usertoken or myservicetoken; got %q", r.Header.Get("X-Subject-Token"))
				}

				w.Header().Set("X-Auth-Token", "servicetoken")
				w.Header().Set("X-Subject-Token", r.Header.Get("X-Subject-Token"))
				w.Write([]byte(`{
					"token": {
						"methods": [
							"token"
						],
						"expires_at": "2016-11-05T22:00:11.000000Z",
						"extras": {},
						"user": {
							"domain": {
								"id": "default",
								"name": "Default"
							},
							"id": "10a2e6e717a245d9acad3e5f97aeca3d",
							"name": "testuser"
						},
						"audit_ids": [
							"mAjXQhiYRyKwkB4qygdLVg"
						],
						"issued_at": "2015-11-05T21:00:33.819948Z"
					}
				}`))
			} else {
				t.Errorf("Expected method GET or POST; got %q", r.Method)
			}
		default:
			t.Errorf("Invalid path %q", r.URL.Path)
		}
	}))

	defer ts.Close()

	// Create a middleware and app, test whether the middleware will be able to
	// auto handle service token retrieval and authentication for us.
	opts := Opts{
		AuthMethod:   "password",
		Username:     "******",
		Password:     "******",
		UserDomainId: "default",
		Client: keystoneclient.Opts{
			AuthUrl: ts.URL,
		},
		DelayAuthDecision: true,
		TokenCacheTime:    time.Duration(300) * time.Second,
	}
	authToken := NewAuthToken(&opts)
	handler := router.MiddlewareHandlerChain(router.ContextHandlerFunc(appServiceToken), authToken)
	ts_service := httptest.NewServer(
		//wrap handler into an http handler, also insert t into ctx
		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			ctx := context.Background()
			ctx = context.WithValue(ctx, "test", t)
			handler(ctx, w, r)
		}))
	defer ts_service.Close()

	// create a client and request to ts_service
	client := &http.Client{}
	req, _ := http.NewRequest("GET", ts_service.URL, nil)
	req.Header.Add("X-Auth-Token", "usertoken")
	req.Header.Add("X-Service-Token", "myservicetoken")
	resp, _ := client.Do(req)
	defer resp.Body.Close()

	body, _ := ioutil.ReadAll(resp.Body)
	if string(body) != "Test success!" {
		t.Errorf("Response error, should be Test Success!, got: %v", body)
	}
}
示例#2
0
func TestUserTokenNodelay(t *testing.T) {
	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		switch r.URL.Path {
		case "/auth/tokens":
			if r.Method == "POST" {
				_, _ = ioutil.ReadAll(r.Body)
				defer r.Body.Close()

				w.Header().Set("X-Subject-Token", "servicetoken")
				w.Write([]byte(`{
					"token": {
						"methods": [
							"password"
						],
						"expires_at": "2016-11-06T15:32:17.893769Z",
						"extras": {},
						"user": {
							"domain": {
								"id": "default",
								"name": "Default"
							},
							"id": "423f19a4ac1e4f48bbb4180756e6eb6c",
							"name": "admin"
						},
						"audit_ids": [
							"ZzZwkUflQfygX7pdYDBCQQ"
						],
						"issued_at": "2015-11-06T14:32:17.893797Z"
					}
				}`))
			} else if r.Method == "GET" {
				if r.Header.Get("X-Auth-Token") != "servicetoken" {
					t.Errorf("Expected 'X-Auth-Token' == %q; got %q", "servicetoken", r.Header.Get("X-Auth-Token"))
				}
				if r.Header.Get("X-Subject-Token") != "usertoken" {
					t.Errorf("Expected 'X-Subject-Token' == %q; got %q", "usertoken", r.Header.Get("X-Subject-Token"))
				}
				//return invalid user!
				w.WriteHeader(http.StatusNotFound)
			} else {
				t.Errorf("Expected method GET or POST; got %q", r.Method)
			}
		default:
			t.Errorf("Invalid path %q", r.URL.Path)
		}
	}))

	defer ts.Close()

	// Create a middleware and app, test whether the middleware will be able to
	// auto handle service token retrieval and authentication for us.
	opts := Opts{
		AuthMethod:   "password",
		Username:     "******",
		Password:     "******",
		UserDomainId: "default",
		Client: keystoneclient.Opts{
			AuthUrl: ts.URL,
		},
		DelayAuthDecision: false,
		TokenCacheTime:    time.Duration(300) * time.Second,
	}
	authToken := NewAuthToken(&opts)
	handler := router.MiddlewareHandlerChain(router.ContextHandlerFunc(appUserTokenNodelay), authToken)
	ts_service := httptest.NewServer(
		//wrap handler into an http handler, also insert t into ctx
		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			ctx := context.Background()
			ctx = context.WithValue(ctx, "test", t)
			handler(ctx, w, r)
		}))
	defer ts_service.Close()

	// create a client and request to ts_service
	client := &http.Client{}
	req, _ := http.NewRequest("GET", ts_service.URL, nil)
	req.Header.Add("X-Auth-Token", "usertoken")
	resp, _ := client.Do(req)
	defer resp.Body.Close()

	//because delay cache decision is false, we will get "WWW-Authenticate"
	if resp.Header.Get("WWW-Authenticate") != ts.URL {
		t.Errorf("Response error, should be %v, got: %v", ts.URL, resp.Header.Get("WWW-Authenticate"))
	}
}