Merge "Add identity providers integration tests"
diff --git a/keystone_tempest_plugin/clients.py b/keystone_tempest_plugin/clients.py
new file mode 100644
index 0000000..35d4455
--- /dev/null
+++ b/keystone_tempest_plugin/clients.py
@@ -0,0 +1,28 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from keystone_tempest_plugin.services.identity.v3 import (
+ identity_providers_client)
+
+from tempest import clients
+
+
+class Manager(clients.Manager):
+
+ def __init__(self, credentials, service=None):
+ super(Manager, self).__init__(credentials, service)
+
+ self.identity_providers_client = (
+ identity_providers_client.IdentityProvidersClient(
+ self.auth_provider))
diff --git a/keystone_tempest_plugin/services/identity/__init__.py b/keystone_tempest_plugin/services/identity/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/keystone_tempest_plugin/services/identity/__init__.py
diff --git a/keystone_tempest_plugin/services/identity/clients.py b/keystone_tempest_plugin/services/identity/clients.py
new file mode 100644
index 0000000..f796cd7
--- /dev/null
+++ b/keystone_tempest_plugin/services/identity/clients.py
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest import config
+from tempest.lib.common import rest_client
+
+
+CONF = config.CONF
+
+# We only use the identity catalog type
+SERVICE_TYPE = 'identity'
+
+
+class Identity(rest_client.RestClient):
+ """Tempest REST client for keystone."""
+
+ # Used by the superclass to build the correct URL paths
+ api_version = 'v3'
+
+ def __init__(self, auth_provider):
+ super(Identity, self).__init__(
+ auth_provider,
+ SERVICE_TYPE,
+ CONF.identity.region,
+ endpoint_type='adminURL')
diff --git a/keystone_tempest_plugin/services/identity/v3/__init__.py b/keystone_tempest_plugin/services/identity/v3/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/keystone_tempest_plugin/services/identity/v3/__init__.py
diff --git a/keystone_tempest_plugin/services/identity/v3/identity_providers_client.py b/keystone_tempest_plugin/services/identity/v3/identity_providers_client.py
new file mode 100644
index 0000000..38d35df
--- /dev/null
+++ b/keystone_tempest_plugin/services/identity/v3/identity_providers_client.py
@@ -0,0 +1,79 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import json
+
+from tempest.lib.common import rest_client
+
+from keystone_tempest_plugin.services.identity import clients
+
+
+class IdentityProvidersClient(clients.Identity):
+
+ subpath = 'OS-FEDERATION/identity_providers'
+
+ def _build_path(self, idp_id=None):
+ return '%s/%s' % (self.subpath, idp_id) if idp_id else self.subpath
+
+ def create_identity_provider(self, idp_id, **kwargs):
+ """Create an identity provider.
+
+ :param str idp_id: The ID to be used to create the Identity Provider.
+ :param kwargs: All optional attributes: description (str), enabled
+ (boolean) and remote_ids (list).
+ """
+ put_body = json.dumps({'identity_provider': kwargs})
+ url = self._build_path(idp_id)
+ resp, body = self.put(url, put_body)
+ self.expected_success(201, resp.status)
+ body = json.loads(body)
+ idp = rest_client.ResponseBody(resp, body)
+ return idp
+
+ def list_identity_providers(self):
+ """List the identity providers."""
+ url = self._build_path()
+ resp, body = self.get(url)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return rest_client.ResponseBody(resp, body)
+
+ def show_identity_provider(self, idp_id):
+ """Get an identity provider."""
+ url = self._build_path(idp_id)
+ resp, body = self.get(url)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return rest_client.ResponseBody(resp, body)
+
+ def delete_identity_provider(self, idp_id):
+ """Delete an identity provider."""
+ url = self._build_path(idp_id)
+ resp, body = self.delete(url)
+ self.expected_success(204, resp.status)
+ return rest_client.ResponseBody(resp, body)
+
+ def update_identity_provider(self, idp_id, **kwargs):
+ """Update an identity provider.
+
+ :param str idp_id: The ID from the Identity Provider to be updated.
+ :param kwargs: All optional attributes to update: description (str),
+ enabled (boolean) and remote_ids (list).
+ """
+ patch_body = json.dumps({'identity_provider': kwargs})
+ url = self._build_path(idp_id)
+ resp, body = self.patch(url, patch_body)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return rest_client.ResponseBody(resp, body)
diff --git a/keystone_tempest_plugin/tests/api/identity/__init__.py b/keystone_tempest_plugin/tests/api/identity/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/keystone_tempest_plugin/tests/api/identity/__init__.py
diff --git a/keystone_tempest_plugin/tests/api/identity/base.py b/keystone_tempest_plugin/tests/api/identity/base.py
new file mode 100644
index 0000000..ceefee0
--- /dev/null
+++ b/keystone_tempest_plugin/tests/api/identity/base.py
@@ -0,0 +1,36 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.common import credentials_factory as common_creds
+from tempest import test
+
+from keystone_tempest_plugin import clients
+
+
+class BaseIdentityTest(test.BaseTestCase):
+
+ # The version of the identity that will be used in the tests.
+ identity_version = 'v3'
+
+ # NOTE(rodrigods): for now, all tests are in the admin scope, if
+ # necessary, another class can be created to handle non-admin tests.
+ credential_type = 'identity_admin'
+
+ @classmethod
+ def setup_clients(cls):
+ super(BaseIdentityTest, cls).setup_clients()
+ credentials = common_creds.get_configured_credentials(
+ cls.credential_type, identity_version=cls.identity_version)
+ cls.keystone_manager = clients.Manager(credentials=credentials)
+ cls.idps_client = cls.keystone_manager.identity_providers_client
diff --git a/keystone_tempest_plugin/tests/api/identity/v3/__init__.py b/keystone_tempest_plugin/tests/api/identity/v3/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/keystone_tempest_plugin/tests/api/identity/v3/__init__.py
diff --git a/keystone_tempest_plugin/tests/api/identity/v3/fixtures.py b/keystone_tempest_plugin/tests/api/identity/v3/fixtures.py
new file mode 100644
index 0000000..351320b
--- /dev/null
+++ b/keystone_tempest_plugin/tests/api/identity/v3/fixtures.py
@@ -0,0 +1,28 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.lib.common.utils import data_utils
+
+
+def idp_ref(enabled=None, remote_ids=None):
+ ref = {
+ 'description': data_utils.rand_uuid_hex(),
+ }
+ if enabled is not None:
+ ref['enabled'] = enabled
+
+ if remote_ids:
+ ref['remote_ids'] = remote_ids
+
+ return ref
diff --git a/keystone_tempest_plugin/tests/api/identity/v3/test_identity_providers.py b/keystone_tempest_plugin/tests/api/identity/v3/test_identity_providers.py
new file mode 100644
index 0000000..5e1e2cf
--- /dev/null
+++ b/keystone_tempest_plugin/tests/api/identity/v3/test_identity_providers.py
@@ -0,0 +1,116 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.lib.common.utils import data_utils
+from tempest.lib import decorators
+
+from keystone_tempest_plugin.tests.api.identity import base
+from keystone_tempest_plugin.tests.api.identity.v3 import fixtures
+
+
+class IndentityProvidersTest(base.BaseIdentityTest):
+
+ def _assert_identity_provider_attributes(self, idp, idp_id, idp_ref=None):
+ self.assertIn('id', idp)
+ self.assertEqual(idp_id, idp['id'])
+
+ # Check the optional attributes have been set
+ self.assertIn('description', idp)
+ self.assertIn('enabled', idp)
+ self.assertIn('remote_ids', idp)
+
+ if idp_ref:
+ self.assertEqual(idp_ref['description'], idp['description'])
+
+ if 'enabled' in idp_ref:
+ self.assertEqual(idp_ref['enabled'], idp['enabled'])
+
+ if 'remote_ids' in idp_ref:
+ self.assertItemsEqual(idp_ref['remote_ids'], idp['remote_ids'])
+
+ def _create_idp(self, idp_id, idp_ref):
+ idp = self.idps_client.create_identity_provider(
+ idp_id, **idp_ref)['identity_provider']
+ self.addCleanup(
+ self.idps_client.delete_identity_provider, idp_id)
+ return idp
+
+ @decorators.idempotent_id('09450910-b816-4150-8513-a2fd4628a0c3')
+ def test_identity_provider_create(self):
+ idp_id = data_utils.rand_uuid_hex()
+ idp_ref = fixtures.idp_ref()
+ idp = self._create_idp(idp_id, idp_ref)
+
+ # The identity provider is disabled by default
+ idp_ref['enabled'] = False
+
+ # The remote_ids attribute should be set to an empty list by default
+ idp_ref['remote_ids'] = []
+
+ self._assert_identity_provider_attributes(idp, idp_id, idp_ref)
+
+ @decorators.idempotent_id('f430a337-545d-455e-bb6c-cb0fdf4be5c1')
+ def test_identity_provider_create_with_enabled_true(self):
+ idp_id = data_utils.rand_uuid_hex()
+ idp_ref = fixtures.idp_ref(enabled=True)
+ idp = self._create_idp(idp_id, idp_ref)
+
+ self._assert_identity_provider_attributes(idp, idp_id, idp_ref)
+
+ @decorators.idempotent_id('238e6163-d600-4f59-9982-c621f057221d')
+ def test_identity_provider_create_with_remote_ids(self):
+ idp_id = data_utils.rand_uuid_hex()
+ remote_ids = [data_utils.rand_uuid_hex(), data_utils.rand_uuid_hex()]
+ idp_ref = fixtures.idp_ref(remote_ids=remote_ids)
+ idp = self._create_idp(idp_id, idp_ref)
+
+ self._assert_identity_provider_attributes(idp, idp_id, idp_ref)
+
+ @decorators.idempotent_id('8a7817ad-27f8-436b-9cbe-46aa20989beb')
+ def test_identity_provider_get(self):
+ idp_id = data_utils.rand_uuid_hex()
+ idp_create = self._create_idp(idp_id, fixtures.idp_ref())
+
+ idp_get = self.idps_client.show_identity_provider(
+ idp_id)['identity_provider']
+ self._assert_identity_provider_attributes(idp_get, idp_id, idp_create)
+
+ @decorators.idempotent_id('cbfe5de9-c58a-4810-950c-2acdf985879d')
+ def test_identity_provider_list(self):
+ idp_ids = []
+ for _ in range(3):
+ idp_id = data_utils.rand_uuid_hex()
+ self._create_idp(idp_id, fixtures.idp_ref())
+ idp_ids.append(idp_id)
+
+ idp_list = self.idps_client.list_identity_providers()[
+ 'identity_providers']
+ fetched_ids = [fetched_idp['id'] for fetched_idp in idp_list]
+
+ for idp_id in idp_ids:
+ self.assertIn(idp_id, fetched_ids)
+
+ @decorators.idempotent_id('36a0d9f0-9517-4139-85d0-f78d905aece5')
+ def test_identity_provider_update(self):
+ idp_id = data_utils.rand_uuid_hex()
+ idp = self._create_idp(idp_id, fixtures.idp_ref(enabled=True))
+
+ # The identity provider should be enabled
+ self.assertTrue(idp['enabled'])
+
+ idp = self.idps_client.update_identity_provider(
+ idp_id, enabled=False)['identity_provider']
+
+ # The identity provider should be disabled
+ self.assertFalse(idp['enabled'])