From f04d5dcf60cc2f5f0aa1f38323f52c7ed874d687 Mon Sep 17 00:00:00 2001 From: rahu3180 Date: Wed, 20 Mar 2019 10:18:46 -0700 Subject: [PATCH 1/3] Small step at a time --- otter/auth.py | 6 +++--- otter/test/test_auth.py | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/otter/auth.py b/otter/auth.py index 720b9a8d3..63ad2ab6b 100644 --- a/otter/auth.py +++ b/otter/auth.py @@ -261,11 +261,11 @@ def authenticate_tenant(self, tenant_id, log=None): see :meth:`IAuthenticator.authenticate_tenant` """ auth = partial(self._auth_me, log=log) - - d = user_for_tenant(self._admin_url, + d = auth() + d.addCallback(lambda ignore: user_for_tenant(self._admin_url, self._identity_admin_user, self._identity_admin_password, - tenant_id, log=log) + tenant_id, log=log)) def impersonate(user): iud = impersonate_user(self._admin_url, diff --git a/otter/test/test_auth.py b/otter/test/test_auth.py index e80dbfe5c..a6d2ee5f4 100644 --- a/otter/test/test_auth.py +++ b/otter/test/test_auth.py @@ -548,12 +548,12 @@ def test_authenticate_tenant_retries_impersonates_first_user(self): succeed({'access': {'token': {'id': 'impersonation_token'}}})] self.successResultOf(self.ia.authenticate_tenant(111111, self.log)) self.impersonate_user.assert_has_calls( - [mock.call(self.admin_url, None, 'test_user', log=self.log), + [mock.call(self.admin_url, 'auth-token', 'test_user', log=self.log), mock.call(self.admin_url, 'auth-token', 'test_user', log=self.log)]) - self.authenticate_user.assert_called_once_with(self.url, self.user, + self.authenticate_user.assert_called_with(self.url, self.user, self.password, log=self.log) - self.log.msg.assert_called_once_with('Getting new identity admin token') + self.log.msg.assert_called_with('Getting new identity admin token') def test_authenticate_tenant_gets_endpoints_for_the_impersonation_token(self): """ @@ -575,12 +575,12 @@ def test_authenticate_tenant_retries_getting_endpoints_for_the_impersonation_tok succeed({'endpoints': [{'name': 'anEndpoint', 'type': 'anType'}]})] self.successResultOf(self.ia.authenticate_tenant(111111, log=self.log)) self.endpoints_for_token.assert_has_calls( - [mock.call(self.admin_url, None, 'impersonation_token', log=self.log), + [mock.call(self.admin_url, 'auth-token', 'impersonation_token', log=self.log), mock.call(self.admin_url, 'auth-token', 'impersonation_token', log=self.log)]) - self.authenticate_user.assert_called_once_with(self.url, self.user, + self.authenticate_user.assert_called_with(self.url, self.user, self.password, log=self.log) - self.log.msg.assert_called_once_with('Getting new identity admin token') + self.log.msg.assert_called_with('Getting new identity admin token') def test_authenticate_tenant_returns_impersonation_token_and_endpoint_list(self): """ From 2ea897db258b6bbee527342df57b1030b2cdb9f7 Mon Sep 17 00:00:00 2001 From: rahu3180 Date: Thu, 28 Mar 2019 08:31:40 -0700 Subject: [PATCH 2/3] checking if getting tokens --- otter/auth.py | 6 +++--- otter/test/test_auth.py | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/otter/auth.py b/otter/auth.py index 63ad2ab6b..47de3904d 100644 --- a/otter/auth.py +++ b/otter/auth.py @@ -264,7 +264,7 @@ def authenticate_tenant(self, tenant_id, log=None): d = auth() d.addCallback(lambda ignore: user_for_tenant(self._admin_url, self._identity_admin_user, - self._identity_admin_password, + self._identity_admin_password, self._token, tenant_id, log=log)) def impersonate(user): @@ -371,7 +371,7 @@ def endpoints_for_token(auth_endpoint, identity_admin_token, user_token, return d -def user_for_tenant(auth_endpoint, username, password, tenant_id, log=None): +def user_for_tenant(auth_endpoint, username, password, token, tenant_id, log=None): """ Use a super secret API to get the special actual username for a tenant id. @@ -384,7 +384,7 @@ def user_for_tenant(auth_endpoint, username, password, tenant_id, log=None): """ d = treq.get( append_segments(auth_endpoint.replace('v2.0', 'v1.1'), 'mosso', str(tenant_id)), - auth=(username, password), + headers=headers(token), allow_redirects=False, log=log) d.addCallback(check_success, [301]) diff --git a/otter/test/test_auth.py b/otter/test/test_auth.py index a6d2ee5f4..45d0badba 100644 --- a/otter/test/test_auth.py +++ b/otter/test/test_auth.py @@ -36,7 +36,7 @@ ) from otter.effect_dispatcher import get_simple_dispatcher from otter.test.utils import SameJSON, iMock, mock_log, patch -from otter.util.http import APIError, UpstreamError +from otter.util.http import APIError, UpstreamError, headers expected_headers = {'accept': ['application/json'], @@ -303,14 +303,14 @@ def test_user_for_tenant(self): self.treq.json_content.return_value = succeed(response_body) self.treq.get.return_value = succeed(response) - d = user_for_tenant('http://identity/v2.0', 'username', 'password', + d = user_for_tenant('http://identity/v2.0', 'username', 'password', 'auth-token', 111111, log=self.log) self.assertEqual(self.successResultOf(d), 'ausername') self.treq.get.assert_called_once_with( 'http://identity/v1.1/mosso/111111', - auth=('username', 'password'), + headers=headers('auth-token'), allow_redirects=False, log=self.log) def test_user_for_tenant_propagates_errors(self): @@ -321,7 +321,7 @@ def test_user_for_tenant_propagates_errors(self): self.treq.content.return_value = succeed('error_body') self.treq.get.return_value = succeed(response) - d = user_for_tenant('http://identity/v2.0', 'username', 'password', + d = user_for_tenant('http://identity/v2.0', 'username', 'password', 'auth-token', 111111) failure = self.failureResultOf(d) @@ -509,7 +509,7 @@ def test_authenticate_tenant_gets_user_for_specified_tenant(self): """ self.successResultOf(self.ia.authenticate_tenant(111111)) self.user_for_tenant.assert_called_once_with(self.admin_url, self.user, - self.password, 111111, + self.password, 'auth-token', 111111, log=None) self.user_for_tenant.reset_mock() @@ -517,7 +517,7 @@ def test_authenticate_tenant_gets_user_for_specified_tenant(self): self.successResultOf(self.ia.authenticate_tenant(111111, log=self.log)) self.user_for_tenant.assert_called_once_with(self.admin_url, self.user, - self.password, 111111, + self.password, 'auth-token', 111111, log=self.log) def test_authenticate_tenant_impersonates_first_user(self): From ab0e4e3242988b711624f278c02f3e18859d7fe6 Mon Sep 17 00:00:00 2001 From: rahu3180 Date: Thu, 28 Mar 2019 09:03:21 -0700 Subject: [PATCH 3/3] Update wrt test3 and major fix --- otter/auth.py | 17 ++++++++--------- otter/test/test_auth.py | 17 ++++++++--------- 2 files changed, 16 insertions(+), 18 deletions(-) diff --git a/otter/auth.py b/otter/auth.py index 47de3904d..f20e1c1c3 100644 --- a/otter/auth.py +++ b/otter/auth.py @@ -262,10 +262,9 @@ def authenticate_tenant(self, tenant_id, log=None): """ auth = partial(self._auth_me, log=log) d = auth() - d.addCallback(lambda ignore: user_for_tenant(self._admin_url, - self._identity_admin_user, - self._identity_admin_password, self._token, - tenant_id, log=log)) + d.addCallback(lambda ignore: user_for_tenant(self._admin_url, self._identity_admin_user, + self._token, + log=log)) def impersonate(user): iud = impersonate_user(self._admin_url, @@ -371,7 +370,7 @@ def endpoints_for_token(auth_endpoint, identity_admin_token, user_token, return d -def user_for_tenant(auth_endpoint, username, password, token, tenant_id, log=None): +def user_for_tenant(auth_endpoint, username, token, log=None): """ Use a super secret API to get the special actual username for a tenant id. @@ -383,14 +382,14 @@ def user_for_tenant(auth_endpoint, username, password, token, tenant_id, log=Non :return: Username of the magical identity:user-admin user for the tenantid. """ d = treq.get( - append_segments(auth_endpoint.replace('v2.0', 'v1.1'), 'mosso', str(tenant_id)), + append_segments(auth_endpoint, 'users')+'?name='+str(username), headers=headers(token), allow_redirects=False, log=log) - d.addCallback(check_success, [301]) - d.addErrback(wrap_upstream_error, 'identity', 'mosso', auth_endpoint) + d.addCallback(check_success, [200, 203]) + d.addErrback(wrap_upstream_error, 'identity', 'users', auth_endpoint) d.addCallback(treq.json_content) - d.addCallback(lambda user: user['user']['id']) + d.addCallback(lambda user: user['user']['username']) return d diff --git a/otter/test/test_auth.py b/otter/test/test_auth.py index 45d0badba..fcac11e7b 100644 --- a/otter/test/test_auth.py +++ b/otter/test/test_auth.py @@ -299,17 +299,17 @@ def test_user_for_tenant(self): the list of users for a given tenant. """ response = mock.Mock(code=200) - response_body = {'user': {'id': 'ausername'}} + response_body = {'user': {'username': 'username'}} self.treq.json_content.return_value = succeed(response_body) self.treq.get.return_value = succeed(response) - d = user_for_tenant('http://identity/v2.0', 'username', 'password', 'auth-token', - 111111, log=self.log) + d = user_for_tenant('http://identity/v2.0', 'username', 'auth-token', + log=self.log) - self.assertEqual(self.successResultOf(d), 'ausername') + self.assertEqual(self.successResultOf(d), 'username') self.treq.get.assert_called_once_with( - 'http://identity/v1.1/mosso/111111', + 'http://identity/v2.0/users?name=username', headers=headers('auth-token'), allow_redirects=False, log=self.log) @@ -321,8 +321,7 @@ def test_user_for_tenant_propagates_errors(self): self.treq.content.return_value = succeed('error_body') self.treq.get.return_value = succeed(response) - d = user_for_tenant('http://identity/v2.0', 'username', 'password', 'auth-token', - 111111) + d = user_for_tenant('http://identity/v2.0', 'username', 'auth-token') failure = self.failureResultOf(d) self.assertTrue(failure.check(UpstreamError)) @@ -509,7 +508,7 @@ def test_authenticate_tenant_gets_user_for_specified_tenant(self): """ self.successResultOf(self.ia.authenticate_tenant(111111)) self.user_for_tenant.assert_called_once_with(self.admin_url, self.user, - self.password, 'auth-token', 111111, + 'auth-token', log=None) self.user_for_tenant.reset_mock() @@ -517,7 +516,7 @@ def test_authenticate_tenant_gets_user_for_specified_tenant(self): self.successResultOf(self.ia.authenticate_tenant(111111, log=self.log)) self.user_for_tenant.assert_called_once_with(self.admin_url, self.user, - self.password, 'auth-token', 111111, + 'auth-token', log=self.log) def test_authenticate_tenant_impersonates_first_user(self):