Merge "Permit functional tests against Swift with Keystone"

2013-03-18 22:03:22 +00:00 · 2013-03-18 22:03:22 +00:00 · a0d5d7f725
commit a0d5d7f725
parent 2c2fc454de 35e07e2982
5 changed files with 84 additions and 58 deletions
--- a/test/functional/swift_test_client.py
+++ b/test/functional/swift_test_client.py
@ -26,6 +26,7 @@ import simplejson as json

 from nose import SkipTest
 from xml.dom import minidom
+from swiftclient import get_auth


 class AuthenticationFailed(Exception):
@ -94,6 +95,7 @@ class Connection(object):
        self.auth_port = int(config['auth_port'])
        self.auth_ssl = config['auth_ssl'] in ('on', 'true', 'yes', '1')
        self.auth_prefix = config.get('auth_prefix', '/')
+        self.auth_version = str(config.get('auth_version', '1'))

        self.account = config.get('account')
        self.username = config['username']
@ -116,38 +118,25 @@ class Connection(object):
            self.storage_token = clone_conn.storage_token
            return

-        if self.account:
-            auth_user = '%s:%s' % (self.account, self.username)
+        if self.auth_version == "1":
+            auth_path = '%sv1.0' % (self.auth_prefix)
+            if self.account:
+                auth_user = '%s:%s' % (self.account, self.username)
+            else:
+                auth_user = self.username
        else:
            auth_user = self.username
-        headers = {
-            'x-auth-user': auth_user,
-            'x-auth-key': self.password,
-        }
+            auth_path = self.auth_prefix
+        auth_scheme = 'https://' if self.auth_ssl else 'http://'
+        auth_netloc = "%s:%d" % (self.auth_host, self.auth_port)
+        auth_url = auth_scheme + auth_netloc + auth_path

-        path = '%sv1.0' % (self.auth_prefix)
-        if self.auth_ssl:
-            connection = httplib.HTTPSConnection(self.auth_host,
-                                                 port=self.auth_port)
-        else:
-            connection = httplib.HTTPConnection(self.auth_host,
-                                                port=self.auth_port)
-        #connection.set_debuglevel(3)
-        connection.request('GET', path, '', headers)
-        response = connection.getresponse()
-        connection.close()
-
-        if response.status == 401:
-            raise AuthenticationFailed()
-
-        if response.status not in (200, 204):
-            raise ResponseError(response)
-
-        for hdr in response.getheaders():
-            if hdr[0].lower() == "x-storage-url":
-                storage_url = hdr[1]
-            elif hdr[0].lower() == "x-auth-token":
-                storage_token = hdr[1]
+        (storage_url, storage_token) = get_auth(auth_url,
+              auth_user, self.password,
+              snet=False,
+              tenant_name=self.account,
+              auth_version=self.auth_version,
+              os_options={})

        if not (storage_url and storage_token):
            raise AuthenticationFailed()
--- a/test/functionalnosetests/swift_testing.py
+++ b/test/functionalnosetests/swift_testing.py
@ -33,8 +33,12 @@ normalized_urls = conf.get('normalized_urls', False)
 swift_test_auth = os.environ.get('SWIFT_TEST_AUTH')
 swift_test_user = [os.environ.get('SWIFT_TEST_USER'), None, None]
 swift_test_key = [os.environ.get('SWIFT_TEST_KEY'), None, None]
+swift_test_tenant = ['', '', '']
+swift_test_perm = ['', '', '']

 if conf:
+    swift_test_auth_version = str(conf.get('auth_version', '1'))
+
    swift_test_auth = 'http'
    if conf.get('auth_ssl', 'no').lower() in ('yes', 'true', 'on', '1'):
        swift_test_auth = 'https'
@ -42,26 +46,48 @@ if conf:
        conf['auth_prefix'] = '/'
    try:
        swift_test_auth += \
-                '://%(auth_host)s:%(auth_port)s%(auth_prefix)sv1.0' % conf
+                '://%(auth_host)s:%(auth_port)s%(auth_prefix)s' % conf
    except KeyError:
        pass  # skip
-    if 'account' in conf:
-        swift_test_user[0] = '%(account)s:%(username)s' % conf
+
+    if swift_test_auth_version == "1":
+        swift_test_auth += 'v1.0'
+
+        if 'account' in conf:
+            swift_test_user[0] = '%(account)s:%(username)s' % conf
+        else:
+            swift_test_user[0] = '%(username)s' % conf
+        swift_test_key[0] = conf['password']
+        try:
+            swift_test_user[1] = '%s%s' % \
+               ('%s:' % conf['account2'] if 'account2' in conf else '',
+                conf['username2'])
+            swift_test_key[1] = conf['password2']
+        except KeyError, err:
+            pass  # old conf, no second account tests can be run
+        try:
+            swift_test_user[2] = '%s%s' % ('%s:' % conf['account'] if 'account'
+                                           in conf else '', conf['username3'])
+            swift_test_key[2] = conf['password3']
+        except KeyError, err:
+            pass  # old conf, no third account tests can be run
+
+        for _ in range(3):
+            swift_test_perm[_] = swift_test_user[_]
+
    else:
-        swift_test_user[0] = '%(username)s' % conf
-    swift_test_key[0] = conf['password']
-    try:
-        swift_test_user[1] = '%s%s' % ('%s:' % conf['account2'] if 'account2'
-                                       in conf else '', conf['username2'])
+        swift_test_user[0] = conf['username']
+        swift_test_tenant[0] = conf['account']
+        swift_test_key[0] = conf['password']
+        swift_test_user[1] = conf['username2']
+        swift_test_tenant[1] = conf['account2']
        swift_test_key[1] = conf['password2']
-    except KeyError, err:
-        pass  # old conf, no second account tests can be run
-    try:
-        swift_test_user[2] = '%s%s' % ('%s:' % conf['account'] if 'account'
-                                       in conf else '', conf['username3'])
+        swift_test_user[2] = conf['username3']
+        swift_test_tenant[2] = conf['account']
        swift_test_key[2] = conf['password3']
-    except KeyError, err:
-        pass  # old conf, no third account tests can be run
+
+        for _ in range(3):
+            swift_test_perm[_] = swift_test_tenant[_] + ':' + swift_test_user[_]

 skip = not all([swift_test_auth, swift_test_user[0], swift_test_key[0]])
 if skip:
@ -112,7 +138,11 @@ def retry(func, *args, **kwargs):
            if not url[use_account] or not token[use_account]:
                url[use_account], token[use_account] = \
                    get_auth(swift_test_auth, swift_test_user[use_account],
-                             swift_test_key[use_account])
+                             swift_test_key[use_account],
+                             snet=False,
+                             tenant_name=swift_test_tenant[use_account],
+                             auth_version=swift_test_auth_version,
+                             os_options={})
                parsed[use_account] = conn[use_account] = None
            if not parsed[use_account] or not conn[use_account]:
                parsed[use_account], conn[use_account] = \
--- a/test/functionalnosetests/test_container.py
+++ b/test/functionalnosetests/test_container.py
@ -24,7 +24,7 @@ from swift.common.constraints import MAX_META_COUNT, MAX_META_NAME_LENGTH, \
    MAX_META_OVERALL_SIZE, MAX_META_VALUE_LENGTH

 from swift_testing import check_response, retry, skip, skip2, skip3, \
-                          swift_test_user, web_front_end
+                          swift_test_perm, web_front_end


 class TestContainer(unittest.TestCase):
@ -397,8 +397,8 @@ class TestContainer(unittest.TestCase):
        # Make the container accessible by the second account
        def post(url, token, parsed, conn):
            conn.request('POST', parsed.path + '/' + self.name, '',
-                {'X-Auth-Token': token, 'X-Container-Read': swift_test_user[1],
-                 'X-Container-Write': swift_test_user[1]})
+                {'X-Auth-Token': token, 'X-Container-Read': swift_test_perm[1],
+                 'X-Container-Write': swift_test_perm[1]})
            return check_response(conn)
        resp = retry(post)
        resp.read()
@ -465,7 +465,8 @@ class TestContainer(unittest.TestCase):
        # Now make the container also writeable by the second account
        def post(url, token, parsed, conn):
            conn.request('POST', parsed.path + '/' + self.name, '',
-                {'X-Auth-Token': token, 'X-Container-Write': swift_test_user[1]})
+                {'X-Auth-Token': token,
+                 'X-Container-Write': swift_test_perm[1]})
            return check_response(conn)
        resp = retry(post)
        resp.read()
@ -502,7 +503,7 @@ class TestContainer(unittest.TestCase):
        # Make the container accessible by the third account
        def post(url, token, parsed, conn):
            conn.request('POST', parsed.path + '/' + self.name, '',
-               {'X-Auth-Token': token, 'X-Container-Read': swift_test_user[2]})
+               {'X-Auth-Token': token, 'X-Container-Read': swift_test_perm[2]})
            return check_response(conn)
        resp = retry(post)
        resp.read()
@ -523,7 +524,7 @@ class TestContainer(unittest.TestCase):
        def post(url, token, parsed, conn):
            conn.request('POST', parsed.path + '/' + self.name, '',
                         {'X-Auth-Token': token,
-                          'X-Container-Write': swift_test_user[2]})
+                          'X-Container-Write': swift_test_perm[2]})
            return check_response(conn)
        resp = retry(post)
        resp.read()
--- a/test/functionalnosetests/test_object.py
+++ b/test/functionalnosetests/test_object.py
@ -23,7 +23,7 @@ from swift.common.constraints import MAX_META_COUNT, MAX_META_NAME_LENGTH, \
    MAX_META_OVERALL_SIZE, MAX_META_VALUE_LENGTH

 from swift_testing import check_response, retry, skip, skip3, \
-    swift_test_user, web_front_end
+    swift_test_perm, web_front_end
 from test import get_config


@ -220,8 +220,8 @@ class TestObject(unittest.TestCase):
            conn.request('PUT', '%s/%s' % (parsed.path,
                                           shared_container), '',
                         {'X-Auth-Token': token,
-                         'X-Container-Read': swift_test_user[2],
-                         'X-Container-Write': swift_test_user[2]})
+                          'X-Container-Read': swift_test_perm[2],
+                          'X-Container-Write': swift_test_perm[2]})
            return check_response(conn)
        resp = retry(put)
        resp.read()
@ -419,8 +419,8 @@ class TestObject(unittest.TestCase):
            # Grant access to the third account
            def post(url, token, parsed, conn):
                conn.request('POST', '%s/%s' % (parsed.path, self.container),
-                    '', {'X-Auth-Token': token, 'X-Container-Read':
-                    swift_test_user[2]})
+                    '', {'X-Auth-Token': token,
+                         'X-Container-Read': swift_test_perm[2]})
                return check_response(conn)
            resp = retry(post)
            resp.read()
@ -494,8 +494,8 @@ class TestObject(unittest.TestCase):
            # Grant access to the third account
            def post(url, token, parsed, conn):
                conn.request('POST', '%s/%s' % (parsed.path, acontainer),
-                    '', {'X-Auth-Token': token, 'X-Container-Read':
-                    swift_test_user[2]})
+                    '', {'X-Auth-Token': token,
+                         'X-Container-Read': swift_test_perm[2]})
                return check_response(conn)
            resp = retry(post)
            resp.read()
--- a/test/sample.conf
+++ b/test/sample.conf
@ -4,6 +4,12 @@ auth_host = 127.0.0.1
 auth_port = 8080
 auth_ssl = no
 auth_prefix = /auth/
+## sample config for Swift with Keystone
+#auth_version = 2
+#auth_host = localhost
+#auth_port = 5000
+#auth_ssl = no
+#auth_prefix = /v2.0/

 # Primary functional test account (needs admin access to the account)
 account = test