Add service providers integration tests
This patch adds the tests for the Service Provider API (part of
the Federated Identity API).
To run the tests install keystone and run (in tempest):
$ tox -e all-plugin -- keystone
Change-Id: I6d6f44736e4187dd2a500c7c0b6715e52296a9b3
diff --git a/keystone_tempest_plugin/services/identity/clients.py b/keystone_tempest_plugin/services/identity/clients.py
index f796cd7..d8c8692 100644
--- a/keystone_tempest_plugin/services/identity/clients.py
+++ b/keystone_tempest_plugin/services/identity/clients.py
@@ -34,3 +34,30 @@
SERVICE_TYPE,
CONF.identity.region,
endpoint_type='adminURL')
+
+
+class Federation(Identity):
+ """Tempest REST client for keystone's Federated Identity API."""
+
+ subpath_prefix = 'OS-FEDERATION'
+ subpath_suffix = None
+
+ def _build_path(self, entity_id=None):
+ subpath = '%s/%s' % (self.subpath_prefix, self.subpath_suffix)
+ return '%s/%s' % (subpath, entity_id) if entity_id else subpath
+
+ def _delete(self, entity_id, **kwargs):
+ url = self._build_path(entity_id)
+ return super(Federation, self).delete(url, **kwargs)
+
+ def _get(self, entity_id=None, **kwargs):
+ url = self._build_path(entity_id)
+ return super(Federation, self).get(url, **kwargs)
+
+ def _patch(self, entity_id, body, **kwargs):
+ url = self._build_path(entity_id)
+ return super(Federation, self).patch(url, body, **kwargs)
+
+ def _put(self, entity_id, body, **kwargs):
+ url = self._build_path(entity_id)
+ return super(Federation, self).put(url, body, **kwargs)
diff --git a/keystone_tempest_plugin/services/identity/v3/identity_providers_client.py b/keystone_tempest_plugin/services/identity/v3/identity_providers_client.py
index 38d35df..3f2544f 100644
--- a/keystone_tempest_plugin/services/identity/v3/identity_providers_client.py
+++ b/keystone_tempest_plugin/services/identity/v3/identity_providers_client.py
@@ -19,12 +19,9 @@
from keystone_tempest_plugin.services.identity import clients
-class IdentityProvidersClient(clients.Identity):
+class IdentityProvidersClient(clients.Federation):
- subpath = 'OS-FEDERATION/identity_providers'
-
- def _build_path(self, idp_id=None):
- return '%s/%s' % (self.subpath, idp_id) if idp_id else self.subpath
+ subpath_suffix = 'identity_providers'
def create_identity_provider(self, idp_id, **kwargs):
"""Create an identity provider.
@@ -34,33 +31,28 @@
(boolean) and remote_ids (list).
"""
put_body = json.dumps({'identity_provider': kwargs})
- url = self._build_path(idp_id)
- resp, body = self.put(url, put_body)
+ resp, body = self._put(idp_id, put_body)
self.expected_success(201, resp.status)
body = json.loads(body)
- idp = rest_client.ResponseBody(resp, body)
- return idp
+ return rest_client.ResponseBody(resp, body)
def list_identity_providers(self):
"""List the identity providers."""
- url = self._build_path()
- resp, body = self.get(url)
+ resp, body = self._get()
self.expected_success(200, resp.status)
body = json.loads(body)
return rest_client.ResponseBody(resp, body)
def show_identity_provider(self, idp_id):
"""Get an identity provider."""
- url = self._build_path(idp_id)
- resp, body = self.get(url)
+ resp, body = self._get(idp_id)
self.expected_success(200, resp.status)
body = json.loads(body)
return rest_client.ResponseBody(resp, body)
def delete_identity_provider(self, idp_id):
"""Delete an identity provider."""
- url = self._build_path(idp_id)
- resp, body = self.delete(url)
+ resp, body = self._delete(idp_id)
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
@@ -72,8 +64,7 @@
enabled (boolean) and remote_ids (list).
"""
patch_body = json.dumps({'identity_provider': kwargs})
- url = self._build_path(idp_id)
- resp, body = self.patch(url, patch_body)
+ resp, body = self._patch(idp_id, patch_body)
self.expected_success(200, resp.status)
body = json.loads(body)
return rest_client.ResponseBody(resp, body)
diff --git a/keystone_tempest_plugin/services/identity/v3/service_providers_client.py b/keystone_tempest_plugin/services/identity/v3/service_providers_client.py
new file mode 100644
index 0000000..65ec9cc
--- /dev/null
+++ b/keystone_tempest_plugin/services/identity/v3/service_providers_client.py
@@ -0,0 +1,89 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from oslo_serialization import jsonutils
+
+from tempest.lib.common import rest_client
+
+from keystone_tempest_plugin.services.identity import clients
+
+
+class ServiceProvidersClient(clients.Federation):
+
+ subpath_suffix = 'service_providers'
+
+ def create_service_provider(self, sp_id, **kwargs):
+ """Create a service provider.
+
+ :param str sp_id: The ID to be used to create the Service Provider.
+ :param kwargs: Extra attributes. Mandatory: auth_url (str) and sp_url
+ (str). Optional: description (str), enabled (boolean)
+ and relay_state_prefix (str).
+ """
+ put_body = jsonutils.dumps({'service_provider': kwargs})
+ resp, body = self._put(sp_id, put_body)
+ self.expected_success(201, resp.status)
+ body = jsonutils.loads(body)
+ return rest_client.ResponseBody(resp, body)
+
+ def list_service_providers(self):
+ """List the service providers."""
+ resp, body = self._get()
+ self.expected_success(200, resp.status)
+ body = jsonutils.loads(body)
+ return rest_client.ResponseBody(resp, body)
+
+ def show_service_provider(self, sp_id):
+ """Get a service provider."""
+ resp, body = self._get(sp_id)
+ self.expected_success(200, resp.status)
+ body = jsonutils.loads(body)
+ return rest_client.ResponseBody(resp, body)
+
+ def delete_service_provider(self, sp_id):
+ """Delete a service provider."""
+ resp, body = self._delete(sp_id)
+ self.expected_success(204, resp.status)
+ return rest_client.ResponseBody(resp, body)
+
+ def update_service_provider(self, sp_id, **kwargs):
+ """Update a service provider.
+
+ :param str sp_id: The ID of the Service Provider to be updated.
+ :param kwargs: All attributes to be updated: auth_url (str) and sp_url
+ (str), description (str), enabled (boolean) and
+ relay_state_prefix (str).
+ """
+ patch_body = jsonutils.dumps({'service_provider': kwargs})
+ resp, body = self._patch(sp_id, patch_body)
+ self.expected_success(200, resp.status)
+ body = jsonutils.loads(body)
+ return rest_client.ResponseBody(resp, body)
+
+ def get_service_providers_in_token(self):
+ """Get the service providers list present in the token.
+
+ Only enabled service providers are displayed in the token.
+ """
+ # First we force the auth_data update via the set_auth() command
+ # in the auth_provider
+ self.auth_provider.set_auth()
+
+ # Now we can retrieve the updated auth_data
+ auth_data = self.auth_provider.get_auth()[1]
+ try:
+ return auth_data['service_providers']
+ except KeyError:
+ # no service providers in token
+ return []