gopkg.in/goose.v2@v2.0.1/testservices/identityservice/keypair_test.go (about) 1 package identityservice 2 3 import ( 4 "encoding/json" 5 "fmt" 6 "io/ioutil" 7 "net/http" 8 "strings" 9 10 gc "gopkg.in/check.v1" 11 12 "gopkg.in/goose.v2/testing/httpsuite" 13 ) 14 15 type KeyPairSuite struct { 16 httpsuite.HTTPSuite 17 } 18 19 var _ = gc.Suite(&KeyPairSuite{}) 20 21 func makeKeyPair(user, secret string) (identity *KeyPair) { 22 identity = NewKeyPair() 23 // Ensure that it conforms to the interface 24 var _ IdentityService = identity 25 if user != "" { 26 identity.AddUser(user, secret, "tenant", "default") 27 } 28 return 29 } 30 31 func (s *KeyPairSuite) setupKeyPair(user, secret string) { 32 var identity *KeyPair 33 identity = makeKeyPair(user, secret) 34 identity.SetupHTTP(s.Mux) 35 return 36 } 37 38 func (s *KeyPairSuite) setupKeyPairWithServices(user, secret string, services []Service) { 39 var identity *KeyPair 40 identity = makeKeyPair(user, secret) 41 for _, service := range services { 42 identity.AddService(service) 43 } 44 identity.SetupHTTP(s.Mux) 45 return 46 } 47 48 const authKeyPairTemplate = `{ 49 "auth": { 50 "tenantName": "tenant-something", 51 "apiAccessKeyCredentials": { 52 "accessKey": "%s", 53 "secretKey": "%s" 54 } 55 } 56 }` 57 58 func keyPairAuthRequest(URL, access, secret string) (*http.Response, error) { 59 client := http.DefaultClient 60 body := strings.NewReader(fmt.Sprintf(authKeyPairTemplate, access, secret)) 61 request, err := http.NewRequest("POST", URL+"/tokens", body) 62 request.Header.Set("Content-Type", "application/json") 63 if err != nil { 64 return nil, err 65 } 66 return client.Do(request) 67 } 68 69 func (s *KeyPairSuite) TestNotJSON(c *gc.C) { 70 // We do everything in keyPairAuthRequest, except set the Content-Type 71 s.setupKeyPair("user", "secret") 72 client := http.DefaultClient 73 body := strings.NewReader(fmt.Sprintf(authTemplate, "user", "secret")) 74 request, err := http.NewRequest("POST", s.Server.URL+"/tokens", body) 75 c.Assert(err, gc.IsNil) 76 res, err := client.Do(request) 77 c.Assert(err, gc.IsNil) 78 defer res.Body.Close() 79 CheckErrorResponse(c, res, http.StatusBadRequest, notJSON) 80 } 81 82 func (s *KeyPairSuite) TestBadJSON(c *gc.C) { 83 // We do everything in keyPairAuthRequest, except set the Content-Type 84 s.setupKeyPair("user", "secret") 85 res, err := keyPairAuthRequest(s.Server.URL, `garbage"in`, "secret") 86 c.Assert(err, gc.IsNil) 87 defer res.Body.Close() 88 CheckErrorResponse(c, res, http.StatusBadRequest, notJSON) 89 } 90 91 func (s *KeyPairSuite) TestNoSuchUser(c *gc.C) { 92 s.setupKeyPair("user", "secret") 93 res, err := keyPairAuthRequest(s.Server.URL, "not-user", "secret") 94 c.Assert(err, gc.IsNil) 95 defer res.Body.Close() 96 CheckErrorResponse(c, res, http.StatusUnauthorized, notAuthorized) 97 } 98 99 func (s *KeyPairSuite) TestBadPassword(c *gc.C) { 100 s.setupKeyPair("user", "secret") 101 res, err := keyPairAuthRequest(s.Server.URL, "user", "not-secret") 102 c.Assert(err, gc.IsNil) 103 defer res.Body.Close() 104 CheckErrorResponse(c, res, http.StatusUnauthorized, invalidUser) 105 } 106 107 func (s *KeyPairSuite) TestValidAuthorization(c *gc.C) { 108 compute_url := "http://testing.invalid/compute" 109 s.setupKeyPairWithServices("user", "secret", []Service{ 110 {V2: V2Service{"nova", "compute", []Endpoint{ 111 {PublicURL: compute_url}, 112 }}}}) 113 res, err := keyPairAuthRequest(s.Server.URL, "user", "secret") 114 c.Assert(err, gc.IsNil) 115 defer res.Body.Close() 116 c.Check(res.StatusCode, gc.Equals, http.StatusOK) 117 c.Check(res.Header.Get("Content-Type"), gc.Equals, "application/json") 118 content, err := ioutil.ReadAll(res.Body) 119 c.Assert(err, gc.IsNil) 120 var response AccessResponse 121 err = json.Unmarshal(content, &response) 122 c.Assert(err, gc.IsNil) 123 c.Check(response.Access.Token.Id, gc.NotNil) 124 novaURL := "" 125 for _, service := range response.Access.ServiceCatalog { 126 if service.Type == "compute" { 127 novaURL = service.Endpoints[0].PublicURL 128 break 129 } 130 } 131 c.Assert(novaURL, gc.Equals, compute_url) 132 }