github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/acceptance/openstack/identity/v3/fed_providers_test.go (about) 1 package v3 2 3 import ( 4 "os" 5 "testing" 6 7 "github.com/opentelekomcloud/gophertelekomcloud/acceptance/clients" 8 "github.com/opentelekomcloud/gophertelekomcloud/acceptance/tools" 9 "github.com/opentelekomcloud/gophertelekomcloud/openstack/identity/v3/federation/mappings" 10 "github.com/opentelekomcloud/gophertelekomcloud/openstack/identity/v3/federation/protocols" 11 "github.com/opentelekomcloud/gophertelekomcloud/openstack/identity/v3/federation/providers" 12 th "github.com/opentelekomcloud/gophertelekomcloud/testhelper" 13 ) 14 15 func TestFederatedProviderLifecycle(t *testing.T) { 16 if os.Getenv("OS_TENANT_ADMIN") == "" { 17 t.Skip("Requires iam:identityProviders:createIdentityProvider permission") 18 } 19 20 client, err := clients.NewIdentityV3AdminClient() 21 th.AssertNoErr(t, err) 22 23 cOpts := providers.CreateOpts{ 24 ID: tools.RandomString("test-", 5), 25 Description: tools.RandomString("This is ", 30), 26 Enabled: true, 27 } 28 29 provider, err := providers.Create(client, cOpts).Extract() 30 th.AssertNoErr(t, err) 31 32 t.Cleanup(func() { 33 err = providers.Delete(client, provider.ID).ExtractErr() 34 th.AssertNoErr(t, err) 35 }) 36 37 th.AssertEquals(t, cOpts.Enabled, provider.Enabled) 38 39 got, err := providers.Get(client, provider.ID).Extract() 40 th.AssertNoErr(t, err) 41 th.AssertDeepEquals(t, provider, got) 42 43 pages, err := providers.List(client).AllPages() 44 th.AssertNoErr(t, err) 45 46 providerList, err := providers.ExtractProviders(pages) 47 th.AssertNoErr(t, err) 48 found := false 49 for _, p := range providerList { 50 if p.ID == provider.ID { 51 found = true 52 break 53 } 54 } 55 if !found { 56 t.Fatalf("created provider not found in the list") 57 } 58 59 iFalse := false 60 uOpts := providers.UpdateOpts{ 61 Enabled: &iFalse, 62 } 63 updated, err := providers.Update(client, provider.ID, uOpts).Extract() 64 th.AssertNoErr(t, err) 65 th.AssertEquals(t, false, updated.Enabled) 66 67 got2, err := providers.Get(client, provider.ID).Extract() 68 th.AssertNoErr(t, err) 69 th.AssertDeepEquals(t, updated, got2) 70 71 mappingCreateOpts := mappings.CreateOpts{ 72 Rules: []mappings.RuleOpts{ 73 { 74 Local: []mappings.LocalRuleOpts{ 75 { 76 User: &mappings.UserOpts{ 77 Name: "{0}", 78 }, 79 }, 80 { 81 Groups: "[\"admin\",\"manager\"]", 82 }, 83 }, 84 Remote: []mappings.RemoteRuleOpts{ 85 { 86 Type: "uid", 87 }, 88 }, 89 }, 90 }, 91 } 92 93 mappingName := tools.RandomString("muh", 3) 94 mapping, err := mappings.Create(client, mappingName, mappingCreateOpts).Extract() 95 th.AssertNoErr(t, err) 96 97 protocolsCreateOpts := protocols.CreateOpts{ 98 MappingID: mapping.ID, 99 } 100 101 _, err = protocols.Create(client, provider.ID, "oidc", protocolsCreateOpts).Extract() 102 th.AssertNoErr(t, err) 103 104 nClient, err := clients.NewIdentityV30AdminClient() 105 th.AssertNoErr(t, err) 106 107 signingKey := "{\"keys\":[{\"kty\":\"RSA\",\"e\":\"AQAB\",\"use\":\"sig\",\"n\":\"example\",\"kid\":\"kid_example\",\"alg\":\"RS256\"}]}" 108 109 oidc, err := providers.CreateOIDC(nClient, providers.CreateOIDCOpts{ 110 IdpIp: provider.ID, 111 AccessMode: "program", 112 IdpUrl: "https://accounts.example.com", 113 ClientId: "client_id_example", 114 SigningKey: signingKey, 115 }) 116 th.AssertNoErr(t, err) 117 th.AssertEquals(t, oidc.AccessMode, "program") 118 119 updatedOidc, err := providers.UpdateOIDC(nClient, providers.UpdateOIDCOpts{ 120 IdpIp: provider.ID, 121 ClientId: "new_client_id", 122 }) 123 th.AssertNoErr(t, err) 124 th.AssertEquals(t, updatedOidc.ClientId, "new_client_id") 125 126 getOIDC, err := providers.GetOIDC(nClient, provider.ID) 127 th.AssertNoErr(t, err) 128 tools.PrintResource(t, getOIDC) 129 }