github.com/vnpaycloud-console/gophercloud/v2@v2.0.5/internal/acceptance/openstack/identity/v3/oauth1_test.go (about) 1 //go:build acceptance || identity || oauth1 2 3 package v3 4 5 import ( 6 "context" 7 "testing" 8 9 "github.com/vnpaycloud-console/gophercloud/v2" 10 "github.com/vnpaycloud-console/gophercloud/v2/internal/acceptance/clients" 11 "github.com/vnpaycloud-console/gophercloud/v2/internal/acceptance/tools" 12 "github.com/vnpaycloud-console/gophercloud/v2/openstack" 13 "github.com/vnpaycloud-console/gophercloud/v2/openstack/identity/v3/oauth1" 14 "github.com/vnpaycloud-console/gophercloud/v2/openstack/identity/v3/tokens" 15 th "github.com/vnpaycloud-console/gophercloud/v2/testhelper" 16 ) 17 18 func TestOAuth1CRUD(t *testing.T) { 19 clients.RequireAdmin(t) 20 21 client, err := clients.NewIdentityV3Client() 22 th.AssertNoErr(t, err) 23 24 ao, err := openstack.AuthOptionsFromEnv() 25 th.AssertNoErr(t, err) 26 27 authOptions := tokens.AuthOptions{ 28 Username: ao.Username, 29 UserID: ao.UserID, 30 Password: ao.Password, 31 DomainName: ao.DomainName, 32 DomainID: ao.DomainID, 33 Scope: tokens.Scope{ 34 ProjectID: ao.TenantID, 35 ProjectName: ao.TenantName, 36 DomainID: ao.DomainID, 37 DomainName: ao.DomainName, 38 }, 39 } 40 tokenRes := tokens.Create(context.TODO(), client, &authOptions) 41 token, err := tokenRes.Extract() 42 th.AssertNoErr(t, err) 43 tools.PrintResource(t, token) 44 45 user, err := tokenRes.ExtractUser() 46 th.AssertNoErr(t, err) 47 tools.PrintResource(t, user) 48 49 roles, err := tokenRes.ExtractRoles() 50 th.AssertNoErr(t, err) 51 tools.PrintResource(t, roles) 52 53 project, err := tokenRes.ExtractProject() 54 th.AssertNoErr(t, err) 55 tools.PrintResource(t, project) 56 57 // Create a consumer 58 createConsumerOpts := oauth1.CreateConsumerOpts{ 59 Description: "My test consumer", 60 } 61 // NOTE: secret is available only in create response 62 consumer, err := oauth1.CreateConsumer(context.TODO(), client, createConsumerOpts).Extract() 63 th.AssertNoErr(t, err) 64 65 // Delete a consumer 66 defer oauth1.DeleteConsumer(context.TODO(), client, consumer.ID) 67 tools.PrintResource(t, consumer) 68 69 th.AssertEquals(t, consumer.Description, createConsumerOpts.Description) 70 71 // Update a consumer 72 updateConsumerOpts := oauth1.UpdateConsumerOpts{ 73 Description: "", 74 } 75 updatedConsumer, err := oauth1.UpdateConsumer(context.TODO(), client, consumer.ID, updateConsumerOpts).Extract() 76 th.AssertNoErr(t, err) 77 tools.PrintResource(t, updatedConsumer) 78 th.AssertEquals(t, updatedConsumer.ID, consumer.ID) 79 th.AssertEquals(t, updatedConsumer.Description, updateConsumerOpts.Description) 80 81 // Get a consumer 82 getConsumer, err := oauth1.GetConsumer(context.TODO(), client, consumer.ID).Extract() 83 th.AssertNoErr(t, err) 84 tools.PrintResource(t, getConsumer) 85 th.AssertEquals(t, getConsumer.ID, consumer.ID) 86 th.AssertEquals(t, getConsumer.Description, updateConsumerOpts.Description) 87 88 // List consumers 89 consumersPages, err := oauth1.ListConsumers(client).AllPages(context.TODO()) 90 th.AssertNoErr(t, err) 91 consumers, err := oauth1.ExtractConsumers(consumersPages) 92 th.AssertNoErr(t, err) 93 th.AssertEquals(t, consumers[0].ID, updatedConsumer.ID) 94 th.AssertEquals(t, consumers[0].Description, updatedConsumer.Description) 95 96 // test HMACSHA1 and PLAINTEXT signature methods 97 for _, method := range []oauth1.SignatureMethod{oauth1.HMACSHA1, oauth1.PLAINTEXT} { 98 oauth1MethodTest(t, client, consumer, method, user, project, roles) 99 } 100 } 101 102 func oauth1MethodTest(t *testing.T, client *gophercloud.ServiceClient, consumer *oauth1.Consumer, method oauth1.SignatureMethod, user *tokens.User, project *tokens.Project, roles []tokens.Role) { 103 // Request a token 104 requestTokenOpts := oauth1.RequestTokenOpts{ 105 OAuthConsumerKey: consumer.ID, 106 OAuthConsumerSecret: consumer.Secret, 107 OAuthSignatureMethod: method, 108 RequestedProjectID: project.ID, 109 } 110 requestToken, err := oauth1.RequestToken(context.TODO(), client, requestTokenOpts).Extract() 111 th.AssertNoErr(t, err) 112 tools.PrintResource(t, requestToken) 113 114 // Authorize token 115 authorizeTokenOpts := oauth1.AuthorizeTokenOpts{ 116 Roles: []oauth1.Role{ 117 // test role by ID 118 {ID: roles[0].ID}, 119 }, 120 } 121 if len(roles) > 1 { 122 // test role by name 123 authorizeTokenOpts.Roles = append(authorizeTokenOpts.Roles, oauth1.Role{Name: roles[1].Name}) 124 } 125 authToken, err := oauth1.AuthorizeToken(context.TODO(), client, requestToken.OAuthToken, authorizeTokenOpts).Extract() 126 th.AssertNoErr(t, err) 127 tools.PrintResource(t, authToken) 128 129 // Create access token 130 accessTokenOpts := oauth1.CreateAccessTokenOpts{ 131 OAuthConsumerKey: consumer.ID, 132 OAuthConsumerSecret: consumer.Secret, 133 OAuthToken: requestToken.OAuthToken, 134 OAuthTokenSecret: requestToken.OAuthTokenSecret, 135 OAuthVerifier: authToken.OAuthVerifier, 136 OAuthSignatureMethod: method, 137 } 138 139 accessToken, err := oauth1.CreateAccessToken(context.TODO(), client, accessTokenOpts).Extract() 140 th.AssertNoErr(t, err) 141 defer oauth1.RevokeAccessToken(context.TODO(), client, user.ID, accessToken.OAuthToken) 142 143 tools.PrintResource(t, accessToken) 144 145 // Get access token 146 getAccessToken, err := oauth1.GetAccessToken(context.TODO(), client, user.ID, accessToken.OAuthToken).Extract() 147 th.AssertNoErr(t, err) 148 149 tools.PrintResource(t, getAccessToken) 150 151 th.AssertEquals(t, getAccessToken.ID, accessToken.OAuthToken) 152 th.AssertEquals(t, getAccessToken.ConsumerID, consumer.ID) 153 th.AssertEquals(t, getAccessToken.AuthorizingUserID, user.ID) 154 th.AssertEquals(t, getAccessToken.ProjectID, project.ID) 155 156 // List access tokens 157 accessTokensPages, err := oauth1.ListAccessTokens(client, user.ID).AllPages(context.TODO()) 158 th.AssertNoErr(t, err) 159 160 accessTokens, err := oauth1.ExtractAccessTokens(accessTokensPages) 161 th.AssertNoErr(t, err) 162 163 tools.PrintResource(t, accessTokens) 164 th.AssertDeepEquals(t, accessTokens[0], *getAccessToken) 165 166 // List access token roles 167 accessTokenRolesPages, err := oauth1.ListAccessTokenRoles(client, user.ID, accessToken.OAuthToken).AllPages(context.TODO()) 168 th.AssertNoErr(t, err) 169 170 accessTokenRoles, err := oauth1.ExtractAccessTokenRoles(accessTokenRolesPages) 171 th.AssertNoErr(t, err) 172 173 tools.PrintResource(t, accessTokenRoles) 174 175 for _, atr := range accessTokenRoles { 176 var found bool 177 for _, role := range roles { 178 if atr.ID == role.ID { 179 found = true 180 } 181 } 182 th.AssertEquals(t, found, true) 183 } 184 185 // Get access token role 186 getAccessTokenRole, err := oauth1.GetAccessTokenRole(context.TODO(), client, user.ID, accessToken.OAuthToken, roles[0].ID).Extract() 187 th.AssertNoErr(t, err) 188 tools.PrintResource(t, getAccessTokenRole) 189 190 var found bool 191 for _, atr := range accessTokenRoles { 192 if atr.ID == getAccessTokenRole.ID { 193 found = true 194 } 195 } 196 th.AssertEquals(t, found, true) 197 198 // Test auth using OAuth1 199 newClient, err := clients.NewIdentityV3UnauthenticatedClient() 200 th.AssertNoErr(t, err) 201 202 // Opts to auth using an oauth1 credential 203 authOptions := &oauth1.AuthOptions{ 204 OAuthConsumerKey: consumer.ID, 205 OAuthConsumerSecret: consumer.Secret, 206 OAuthToken: accessToken.OAuthToken, 207 OAuthTokenSecret: accessToken.OAuthTokenSecret, 208 OAuthSignatureMethod: method, 209 } 210 err = openstack.AuthenticateV3(context.TODO(), newClient.ProviderClient, authOptions, gophercloud.EndpointOpts{}) 211 th.AssertNoErr(t, err) 212 213 // Test OAuth1 token extract 214 var token struct { 215 tokens.Token 216 oauth1.TokenExt 217 } 218 tokenRes := tokens.Get(context.TODO(), newClient, newClient.ProviderClient.TokenID) 219 err = tokenRes.ExtractInto(&token) 220 th.AssertNoErr(t, err) 221 oauth1Roles, err := tokenRes.ExtractRoles() 222 th.AssertNoErr(t, err) 223 tools.PrintResource(t, token) 224 tools.PrintResource(t, oauth1Roles) 225 th.AssertEquals(t, token.OAuth1.ConsumerID, consumer.ID) 226 th.AssertEquals(t, token.OAuth1.AccessTokenID, accessToken.OAuthToken) 227 }