commit 47a5e98ae94529eb2a95ffe2dd40f42a9da7d138
author Ade Lee <alee@redhat.com> Tue Nov 15 16:34:30 2022 +0000
committer Ade Lee <alee@redhat.com> Wed Mar 01 11:17:04 2023 +0100
tree 4aa0c703b184b9fe215eb8db0a19f6e139c74e7b
parent 7f43a203803248854f8213c91ae61c04d33d57f3

Add keystone oidc tests

This adds tests to test getting a token (scoped and unscoped) when
keystone is configured to use oidc for authentication.  The oidc
provider is keycloak.  This is based in very large part on Kristi's
work in [1] and [2].

[1] https://github.com/knikolla/devstack-plugin-oidc
[2] https://github.com/CCI-MOC/onboarding-tools

Co-Authored-By: David Wilde <dwilde@redhat.com>
Change-Id: I1772b65f1cc3830ac293a800a79d044a6ab69d65

keystone_tempest_plugin/config.py

diff --git a/keystone_tempest_plugin/config.py b/keystone_tempest_plugin/config.py
index 2d4d189..ae93471 100644
--- a/keystone_tempest_plugin/config.py
+++ b/keystone_tempest_plugin/config.py
@@ -47,6 +47,14 @@
                help='Password used to login in the Identity Provider'),
     cfg.StrOpt('idp_ecp_url',
                help='Identity Provider SAML2/ECP URL'),
+    cfg.StrOpt('idp_oidc_url',
+               help='Identity Provider OIDC URL'),
+
+    # client id (oidc)
+    cfg.StrOpt('idp_client_id',
+               help='Identity Provider Client ID'),
+    cfg.StrOpt('idp_client_secret',
+               help='Identity Provider Client Secret'),
 
     # Mapping rules
     cfg.StrOpt('mapping_remote_type',
@@ -72,5 +80,6 @@
     # Protocol
     cfg.StrOpt('protocol_id',
                default='mapped',
-               help='The Protocol ID')
+               help='The Protocol ID'),
+
 ]