Make email addresses optional in external auth if email feature is turned off
Before this change, external auth such as Keystone would fail if a user without an email address tried to login, even if the email feature was disabled.
This commit is contained in:
Joseph Schorr
parent
934cdecbd6
commit
d7f56350a4
18 changed files with 206 additions and 93 deletions
|
|
@ -15,6 +15,10 @@ _PORT_NUMBER = 5001
|
|||
class KeystoneAuthTestsMixin():
|
||||
maxDiff = None
|
||||
|
||||
@property
|
||||
def emails(self):
|
||||
raise NotImplementedError
|
||||
|
||||
def create_app(self):
|
||||
global _PORT_NUMBER
|
||||
_PORT_NUMBER = _PORT_NUMBER + 1
|
||||
|
|
@ -35,10 +39,12 @@ class KeystoneAuthTestsMixin():
|
|||
def getuser(userid):
|
||||
for user in users:
|
||||
if user['username'] == userid:
|
||||
user_data = {}
|
||||
if self.emails:
|
||||
user_data['email'] = userid + '@example.com'
|
||||
|
||||
return json.dumps({
|
||||
'user': {
|
||||
'email': userid + '@example.com',
|
||||
}
|
||||
'user': user_data
|
||||
})
|
||||
|
||||
abort(404)
|
||||
|
|
@ -47,15 +53,19 @@ class KeystoneAuthTestsMixin():
|
|||
def getv3user(userid):
|
||||
for user in users:
|
||||
if user['username'] == userid:
|
||||
user_data = {
|
||||
"domain_id": "default",
|
||||
"enabled": True,
|
||||
"id": user['username'],
|
||||
"links": {},
|
||||
"name": user['username'],
|
||||
}
|
||||
|
||||
if self.emails:
|
||||
user_data['email'] = user['username'] + '@example.com'
|
||||
|
||||
return json.dumps({
|
||||
'user': {
|
||||
"domain_id": "default",
|
||||
"enabled": True,
|
||||
"id": user['username'],
|
||||
"links": {},
|
||||
"name": user['username'],
|
||||
"email": user['username'] + '@example.com',
|
||||
}
|
||||
'user': user_data
|
||||
})
|
||||
|
||||
abort(404)
|
||||
|
|
@ -209,24 +219,54 @@ class KeystoneAuthTestsMixin():
|
|||
def test_cooluser(self):
|
||||
(user, _) = self.keystone.verify_credentials('cooluser', 'password')
|
||||
self.assertEquals(user.username, 'cooluser')
|
||||
self.assertEquals(user.email, 'cooluser@example.com')
|
||||
self.assertEquals(user.email, 'cooluser@example.com' if self.emails else None)
|
||||
|
||||
def test_neatuser(self):
|
||||
(user, _) = self.keystone.verify_credentials('some.neat.user', 'foobar')
|
||||
self.assertEquals(user.username, 'some.neat.user')
|
||||
self.assertEquals(user.email, 'some.neat.user@example.com')
|
||||
self.assertEquals(user.email, 'some.neat.user@example.com' if self.emails else None)
|
||||
|
||||
class KeystoneV2AuthNoEmailTests(KeystoneAuthTestsMixin, LiveServerTestCase):
|
||||
@property
|
||||
def keystone(self):
|
||||
return get_keystone_users(2, self.get_server_url() + '/v2.0/auth',
|
||||
'adminuser', 'adminpass', 'admintenant',
|
||||
requires_email=False)
|
||||
|
||||
@property
|
||||
def emails(self):
|
||||
return False
|
||||
|
||||
class KeystoneV3AuthNoEmailTests(KeystoneAuthTestsMixin, LiveServerTestCase):
|
||||
@property
|
||||
def keystone(self):
|
||||
return get_keystone_users(3, self.get_server_url() + '/v3',
|
||||
'adminuser', 'adminpass', 'admintenant',
|
||||
requires_email=False)
|
||||
@property
|
||||
def emails(self):
|
||||
return False
|
||||
|
||||
class KeystoneV2AuthTests(KeystoneAuthTestsMixin, LiveServerTestCase):
|
||||
@property
|
||||
def keystone(self):
|
||||
return get_keystone_users(2, self.get_server_url() + '/v2.0/auth',
|
||||
'adminuser', 'adminpass', 'admintenant')
|
||||
'adminuser', 'adminpass', 'admintenant',
|
||||
requires_email=True)
|
||||
|
||||
@property
|
||||
def emails(self):
|
||||
return True
|
||||
|
||||
class KeystoneV3AuthTests(KeystoneAuthTestsMixin, LiveServerTestCase):
|
||||
@property
|
||||
def keystone(self):
|
||||
return get_keystone_users(3, self.get_server_url() + '/v3',
|
||||
'adminuser', 'adminpass', 'admintenant')
|
||||
'adminuser', 'adminpass', 'admintenant',
|
||||
requires_email=True)
|
||||
|
||||
def emails(self):
|
||||
return True
|
||||
|
||||
def test_query(self):
|
||||
# Lookup cool.
|
||||
|
|
|
|||
Reference in a new issue