Fixed typos; bug fix in auth db upgrade; renamed a couple things to better reflect their new usage; updated docs

This commit is contained in:
gholt 2010-09-05 19:53:08 -07:00
parent 0066ed02d7
commit 235c0e9bd5
5 changed files with 84 additions and 87 deletions
bin
doc/source
swift
auth
common/middleware
test/unit/auth

@ -31,7 +31,7 @@ if __name__ == '__main__':
'auth server (default: %s).' % default_conf) 'auth server (default: %s).' % default_conf)
parser.add_option('-a', '--admin', dest='admin', action='store_true', parser.add_option('-a', '--admin', dest='admin', action='store_true',
default=False, help='Give the user administrator access; otherwise ' default=False, help='Give the user administrator access; otherwise '
'the user will only have access to container specifically allowed ' 'the user will only have access to containers specifically allowed '
'with ACLs.') 'with ACLs.')
args = argv[1:] args = argv[1:]
if not args: if not args:

@ -532,12 +532,9 @@ good idea what to do on other environments.
#. Check that `st` works: `st -A http://127.0.0.1:11000/v1.0 -U test:tester -K testing stat` #. Check that `st` works: `st -A http://127.0.0.1:11000/v1.0 -U test:tester -K testing stat`
#. `swift-auth-add-user --admin test2 tester2 testing2` #. `swift-auth-add-user --admin test2 tester2 testing2`
#. `swift-auth-add-user test tester3 testing3` #. `swift-auth-add-user test tester3 testing3`
#. Create `/etc/swift/func_test.conf`:: #. `cp ~/swift/trunk/test/functional/sample.conf /etc/swift/func_test.conf`
cp ~/swift/trunk/test/functional/sample.conf /etc/swift/func_test.conf
#. `cd ~/swift/trunk; ./.functests` (Note: functional tests will first delete #. `cd ~/swift/trunk; ./.functests` (Note: functional tests will first delete
everything in the configured account.) everything in the configured accounts.)
#. `cd ~/swift/trunk; ./.probetests` (Note: probe tests will reset your #. `cd ~/swift/trunk; ./.probetests` (Note: probe tests will reset your
environment as they call `resetswift` for each test.) environment as they call `resetswift` for each test.)

@ -108,8 +108,8 @@ class AuthController(object):
self.conn.execute('SELECT admin FROM account LIMIT 1') self.conn.execute('SELECT admin FROM account LIMIT 1')
except sqlite3.OperationalError, err: except sqlite3.OperationalError, err:
if str(err) == 'no such column: admin': if str(err) == 'no such column: admin':
self.conn.execute( self.conn.execute("ALTER TABLE account ADD COLUMN admin TEXT")
"ALTER TABLE account ADD COLUMN admin TEXT DEFAULT 't'") self.conn.execute("UPDATE account SET admin = 't'")
self.conn.execute('''CREATE TABLE IF NOT EXISTS account ( self.conn.execute('''CREATE TABLE IF NOT EXISTS account (
account TEXT, url TEXT, cfaccount TEXT, account TEXT, url TEXT, cfaccount TEXT,
user TEXT, password TEXT, admin TEXT)''') user TEXT, password TEXT, admin TEXT)''')
@ -248,25 +248,22 @@ class AuthController(object):
(repr(token), repr(rv), time() - begin)) (repr(token), repr(rv), time() - begin))
return rv return rv
def create_account(self, new_account, new_user, new_password, def create_user(self, account, user, password, admin=False):
admin=False):
""" """
Handles the create_account call for developers, used to request Handles the create_user call for developers, used to request a user be
an account be created both on a Swift cluster and in the auth server added in the auth server database. If the account does not yet exist,
database. it will be created on the Swift cluster and the details recorded in the
auth server database.
This will make ReST requests to the Swift cluster's account servers The url for the storage account is constructed now and stored
to have an account created on its side. The resulting account hash separately to support changing the configuration file's
along with the URL to use to access the account, the account name, the default_cluster_url for directing new accounts to a different Swift
user name, and the password is recorded in the auth server's database. cluster while still supporting old accounts going to the Swift clusters
The url is constructed now and stored separately to support changing they were created on.
the configuration file's default_cluster_url for directing new accounts
to a different Swift cluster while still supporting old accounts going
to the Swift clusters they were created on.
:param new_account: The name for the new account :param account: The name for the new account
:param new_user: The name for the new user :param user: The name for the new user
:param new_password: The password for the new account :param password: The password for the new account
:param admin: If true, the user will be granted full access to the :param admin: If true, the user will be granted full access to the
account; otherwise, another user will have to add the account; otherwise, another user will have to add the
user to the ACLs for containers to grant access. user to the ACLs for containers to grant access.
@ -275,21 +272,21 @@ class AuthController(object):
already exists, or storage url if successful already exists, or storage url if successful
""" """
begin = time() begin = time()
if not all((new_account, new_user, new_password)): if not all((account, user, password)):
return False return False
with self.get_conn() as conn: with self.get_conn() as conn:
row = conn.execute( row = conn.execute(
'SELECT url FROM account WHERE account = ? AND user = ?', 'SELECT url FROM account WHERE account = ? AND user = ?',
(new_account, new_user)).fetchone() (account, user)).fetchone()
if row: if row:
self.logger.info( self.logger.info(
'ALREADY EXISTS create_account(%s, %s, _, %s) [%.02f]' % 'ALREADY EXISTS create_user(%s, %s, _, %s) [%.02f]' %
(repr(new_account), repr(new_user), repr(admin), (repr(account), repr(user), repr(admin),
time() - begin)) time() - begin))
return 'already exists' return 'already exists'
row = conn.execute( row = conn.execute(
'SELECT url, cfaccount FROM account WHERE account = ?', 'SELECT url, cfaccount FROM account WHERE account = ?',
(new_account,)).fetchone() (account,)).fetchone()
if row: if row:
url = row[0] url = row[0]
account_hash = row[1] account_hash = row[1]
@ -297,20 +294,20 @@ class AuthController(object):
account_hash = self.add_storage_account() account_hash = self.add_storage_account()
if not account_hash: if not account_hash:
self.logger.info( self.logger.info(
'FAILED create_account(%s, %s, _, %s) [%.02f]' % 'FAILED create_user(%s, %s, _, %s) [%.02f]' %
(repr(new_account), repr(new_user), repr(admin), (repr(account), repr(user), repr(admin),
time() - begin)) time() - begin))
return False return False
url = self.default_cluster_url.rstrip('/') + '/' + account_hash url = self.default_cluster_url.rstrip('/') + '/' + account_hash
conn.execute('''INSERT INTO account conn.execute('''INSERT INTO account
(account, url, cfaccount, user, password, admin) (account, url, cfaccount, user, password, admin)
VALUES (?, ?, ?, ?, ?, ?)''', VALUES (?, ?, ?, ?, ?, ?)''',
(new_account, url, account_hash, new_user, new_password, (account, url, account_hash, user, password,
admin and 't' or '')) admin and 't' or ''))
conn.commit() conn.commit()
self.logger.info( self.logger.info(
'SUCCESS create_account(%s, %s, _, %s) = %s [%.02f]' % 'SUCCESS create_user(%s, %s, _, %s) = %s [%.02f]' %
(repr(new_account), repr(new_user), repr(admin), repr(url), (repr(account), repr(user), repr(admin), repr(url),
time() - begin)) time() - begin))
return url return url
@ -342,8 +339,10 @@ class AuthController(object):
Valid URL paths: Valid URL paths:
* GET /token/<token> * GET /token/<token>
If the HTTP equest returns with a 204, then the token is valid, If the HTTP request returns with a 204, then the token is valid, the
and the TTL of the token will be available in the X-Auth-Ttl header. TTL of the token will be available in the X-Auth-Ttl header, and a
comma separated list of the "groups" the user belongs to will be in the
X-Auth-Groups header.
:param request: webob.Request object :param request: webob.Request object
""" """
@ -359,7 +358,7 @@ class AuthController(object):
if validation[3]: # admin access to a cfaccount if validation[3]: # admin access to a cfaccount
groups.append(validation[3]) groups.append(validation[3])
return HTTPNoContent(headers={'X-Auth-TTL': validation[0], return HTTPNoContent(headers={'X-Auth-TTL': validation[0],
'X-Auth-User': ','.join(groups)}) 'X-Auth-Groups': ','.join(groups)})
def handle_add_user(self, request): def handle_add_user(self, request):
""" """
@ -387,7 +386,7 @@ class AuthController(object):
if 'X-Auth-User-Key' not in request.headers: if 'X-Auth-User-Key' not in request.headers:
return HTTPBadRequest('X-Auth-User-Key is required') return HTTPBadRequest('X-Auth-User-Key is required')
password = request.headers['x-auth-user-key'] password = request.headers['x-auth-user-key']
storage_url = self.create_account(account_name, user_name, password, storage_url = self.create_user(account_name, user_name, password,
request.headers.get('x-auth-user-admin') == 'true') request.headers.get('x-auth-user-admin') == 'true')
if storage_url == 'already exists': if storage_url == 'already exists':
return HTTPBadRequest(storage_url) return HTTPBadRequest(storage_url)

@ -39,19 +39,20 @@ class DevAuth(object):
""" """
Accepts a standard WSGI application call, authenticating the request Accepts a standard WSGI application call, authenticating the request
and installing callback hooks for authorization and ACL header and installing callback hooks for authorization and ACL header
validation. validation. For an authenticated request, REMOTE_USER will be set to a
comma separated list of the user's groups.
""" """
user = None groups = None
token = env.get('HTTP_X_AUTH_TOKEN', env.get('HTTP_X_STORAGE_TOKEN')) token = env.get('HTTP_X_AUTH_TOKEN', env.get('HTTP_X_STORAGE_TOKEN'))
if token: if token:
memcache_client = cache_from_env(env) memcache_client = cache_from_env(env)
key = 'devauth/%s' % token key = 'devauth/%s' % token
cached_auth_data = memcache_client.get(key) cached_auth_data = memcache_client.get(key)
if cached_auth_data: if cached_auth_data:
start, expiration, user = cached_auth_data start, expiration, groups = cached_auth_data
if time() - start > expiration: if time() - start > expiration:
user = None groups = None
if not user: if not groups:
with Timeout(self.timeout): with Timeout(self.timeout):
conn = http_connect(self.auth_host, self.auth_port, 'GET', conn = http_connect(self.auth_host, self.auth_port, 'GET',
'/token/%s' % token, ssl=self.ssl) '/token/%s' % token, ssl=self.ssl)
@ -61,10 +62,10 @@ class DevAuth(object):
if resp.status // 100 != 2: if resp.status // 100 != 2:
return HTTPUnauthorized()(env, start_response) return HTTPUnauthorized()(env, start_response)
expiration = float(resp.getheader('x-auth-ttl')) expiration = float(resp.getheader('x-auth-ttl'))
user = resp.getheader('x-auth-user') groups = resp.getheader('x-auth-groups')
memcache_client.set(key, (time(), expiration, user), memcache_client.set(key, (time(), expiration, groups),
timeout=expiration) timeout=expiration)
env['REMOTE_USER'] = user env['REMOTE_USER'] = groups
env['swift.authorize'] = self.authorize env['swift.authorize'] = self.authorize
env['swift.clean_acl'] = clean_acl env['swift.clean_acl'] = clean_acl
return self.app(env, start_response) return self.app(env, start_response)

@ -106,7 +106,7 @@ class TestAuthServer(unittest.TestCase):
def test_validate_token_non_existant_token(self): def test_validate_token_non_existant_token(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing',).split('/')[-1] 'test', 'tester', 'testing',).split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -117,7 +117,7 @@ class TestAuthServer(unittest.TestCase):
def test_validate_token_good(self): def test_validate_token_good(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing',).split('/')[-1] 'test', 'tester', 'testing',).split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -132,7 +132,7 @@ class TestAuthServer(unittest.TestCase):
try: try:
auth_server.time = lambda: 1 auth_server.time = lambda: 1
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account('test', 'tester', cfaccount = self.controller.create_user('test', 'tester',
'testing').split('/')[-1] 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -146,24 +146,24 @@ class TestAuthServer(unittest.TestCase):
finally: finally:
auth_server.time = orig_time auth_server.time = orig_time
def test_create_account_no_new_account(self): def test_create_user_no_new_account(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
result = self.controller.create_account('', 'tester', 'testing') result = self.controller.create_user('', 'tester', 'testing')
self.assertFalse(result) self.assertFalse(result)
def test_create_account_no_new_user(self): def test_create_user_no_new_user(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
result = self.controller.create_account('test', '', 'testing') result = self.controller.create_user('test', '', 'testing')
self.assertFalse(result) self.assertFalse(result)
def test_create_account_no_new_password(self): def test_create_user_no_new_password(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
result = self.controller.create_account('test', 'tester', '') result = self.controller.create_user('test', 'tester', '')
self.assertFalse(result) self.assertFalse(result)
def test_create_account_good(self): def test_create_user_good(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test', 'tester', 'testing') url = self.controller.create_user('test', 'tester', 'testing')
self.assert_(url) self.assert_(url)
self.assertEquals('/'.join(url.split('/')[:-1]), self.assertEquals('/'.join(url.split('/')[:-1]),
self.controller.default_cluster_url.rstrip('/'), repr(url)) self.controller.default_cluster_url.rstrip('/'), repr(url))
@ -176,7 +176,7 @@ class TestAuthServer(unittest.TestCase):
def test_recreate_accounts_one(self): def test_recreate_accounts_one(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
self.controller.create_account('test', 'tester', 'testing') self.controller.create_user('test', 'tester', 'testing')
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
rv = self.controller.recreate_accounts() rv = self.controller.recreate_accounts()
self.assertEquals(rv.split()[0], '1', repr(rv)) self.assertEquals(rv.split()[0], '1', repr(rv))
@ -184,13 +184,13 @@ class TestAuthServer(unittest.TestCase):
def test_recreate_accounts_several(self): def test_recreate_accounts_several(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
self.controller.create_account('test1', 'tester', 'testing') self.controller.create_user('test1', 'tester', 'testing')
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
self.controller.create_account('test2', 'tester', 'testing') self.controller.create_user('test2', 'tester', 'testing')
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
self.controller.create_account('test3', 'tester', 'testing') self.controller.create_user('test3', 'tester', 'testing')
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
self.controller.create_account('test4', 'tester', 'testing') self.controller.create_user('test4', 'tester', 'testing')
auth_server.http_connect = fake_http_connect(201, 201, 201, auth_server.http_connect = fake_http_connect(201, 201, 201,
201, 201, 201, 201, 201, 201,
201, 201, 201, 201, 201, 201,
@ -201,7 +201,7 @@ class TestAuthServer(unittest.TestCase):
def test_recreate_accounts_one_fail(self): def test_recreate_accounts_one_fail(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test', 'tester', 'testing') url = self.controller.create_user('test', 'tester', 'testing')
cfaccount = url.split('/')[-1] cfaccount = url.split('/')[-1]
auth_server.http_connect = fake_http_connect(500, 500, 500) auth_server.http_connect = fake_http_connect(500, 500, 500)
rv = self.controller.recreate_accounts() rv = self.controller.recreate_accounts()
@ -211,16 +211,16 @@ class TestAuthServer(unittest.TestCase):
def test_recreate_accounts_several_fail(self): def test_recreate_accounts_several_fail(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test1', 'tester', 'testing') url = self.controller.create_user('test1', 'tester', 'testing')
cfaccounts = [url.split('/')[-1]] cfaccounts = [url.split('/')[-1]]
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test2', 'tester', 'testing') url = self.controller.create_user('test2', 'tester', 'testing')
cfaccounts.append(url.split('/')[-1]) cfaccounts.append(url.split('/')[-1])
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test3', 'tester', 'testing') url = self.controller.create_user('test3', 'tester', 'testing')
cfaccounts.append(url.split('/')[-1]) cfaccounts.append(url.split('/')[-1])
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test4', 'tester', 'testing') url = self.controller.create_user('test4', 'tester', 'testing')
cfaccounts.append(url.split('/')[-1]) cfaccounts.append(url.split('/')[-1])
auth_server.http_connect = fake_http_connect(500, 500, 500, auth_server.http_connect = fake_http_connect(500, 500, 500,
500, 500, 500, 500, 500, 500,
@ -233,16 +233,16 @@ class TestAuthServer(unittest.TestCase):
def test_recreate_accounts_several_fail_some(self): def test_recreate_accounts_several_fail_some(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test1', 'tester', 'testing') url = self.controller.create_user('test1', 'tester', 'testing')
cfaccounts = [url.split('/')[-1]] cfaccounts = [url.split('/')[-1]]
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test2', 'tester', 'testing') url = self.controller.create_user('test2', 'tester', 'testing')
cfaccounts.append(url.split('/')[-1]) cfaccounts.append(url.split('/')[-1])
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test3', 'tester', 'testing') url = self.controller.create_user('test3', 'tester', 'testing')
cfaccounts.append(url.split('/')[-1]) cfaccounts.append(url.split('/')[-1])
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test4', 'tester', 'testing') url = self.controller.create_user('test4', 'tester', 'testing')
cfaccounts.append(url.split('/')[-1]) cfaccounts.append(url.split('/')[-1])
auth_server.http_connect = fake_http_connect(500, 500, 500, auth_server.http_connect = fake_http_connect(500, 500, 500,
201, 201, 201, 201, 201, 201,
@ -263,7 +263,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_SOSO_missing_headers(self): def test_auth_SOSO_missing_headers(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -279,7 +279,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_SOSO_bad_account(self): def test_auth_SOSO_bad_account(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/testbad/auth', res = self.controller.handle_auth(Request.blank('/v1/testbad/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -294,7 +294,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_SOSO_bad_user(self): def test_auth_SOSO_bad_user(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -309,7 +309,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_SOSO_bad_password(self): def test_auth_SOSO_bad_password(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -324,7 +324,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_SOSO_good(self): def test_auth_SOSO_good(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -336,7 +336,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_SOSO_good_Mosso_headers(self): def test_auth_SOSO_good_Mosso_headers(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -348,7 +348,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_SOSO_bad_Mosso_headers(self): def test_auth_SOSO_bad_Mosso_headers(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing',).split('/')[-1] 'test', 'tester', 'testing',).split('/')[-1]
res = self.controller.handle_auth(Request.blank('/v1/test/auth', res = self.controller.handle_auth(Request.blank('/v1/test/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -368,7 +368,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_Mosso_missing_headers(self): def test_auth_Mosso_missing_headers(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/auth', res = self.controller.handle_auth(Request.blank('/auth',
environ={'REQUEST_METHOD': 'GET'})) environ={'REQUEST_METHOD': 'GET'}))
@ -384,7 +384,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_Mosso_bad_header_format(self): def test_auth_Mosso_bad_header_format(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/auth', res = self.controller.handle_auth(Request.blank('/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -399,7 +399,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_Mosso_bad_account(self): def test_auth_Mosso_bad_account(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/auth', res = self.controller.handle_auth(Request.blank('/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -414,7 +414,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_Mosso_bad_user(self): def test_auth_Mosso_bad_user(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/auth', res = self.controller.handle_auth(Request.blank('/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -429,7 +429,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_Mosso_bad_password(self): def test_auth_Mosso_bad_password(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/auth', res = self.controller.handle_auth(Request.blank('/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -444,7 +444,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_Mosso_good(self): def test_auth_Mosso_good(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/auth', res = self.controller.handle_auth(Request.blank('/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -456,7 +456,7 @@ class TestAuthServer(unittest.TestCase):
def test_auth_Mosso_good_SOSO_header_names(self): def test_auth_Mosso_good_SOSO_header_names(self):
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
cfaccount = self.controller.create_account( cfaccount = self.controller.create_user(
'test', 'tester', 'testing').split('/')[-1] 'test', 'tester', 'testing').split('/')[-1]
res = self.controller.handle_auth(Request.blank('/auth', res = self.controller.handle_auth(Request.blank('/auth',
environ={'REQUEST_METHOD': 'GET'}, environ={'REQUEST_METHOD': 'GET'},
@ -473,9 +473,9 @@ class TestAuthServer(unittest.TestCase):
logger.logger.addHandler(log_handler) logger.logger.addHandler(log_handler)
try: try:
auth_server.http_connect = fake_http_connect(201, 201, 201) auth_server.http_connect = fake_http_connect(201, 201, 201)
url = self.controller.create_account('test', 'tester', 'testing') url = self.controller.create_user('test', 'tester', 'testing')
self.assertEquals(log.getvalue().rsplit(' ', 1)[0], self.assertEquals(log.getvalue().rsplit(' ', 1)[0],
"auth SUCCESS create_account('test', 'tester', _, False) = %s" "auth SUCCESS create_user('test', 'tester', _, False) = %s"
% repr(url)) % repr(url))
log.truncate(0) log.truncate(0)
def start_response(*args): def start_response(*args):