Merge "Remove six library"
diff --git a/keystone_tempest_plugin/config.py b/keystone_tempest_plugin/config.py
index d3e3c02..25964a8 100644
--- a/keystone_tempest_plugin/config.py
+++ b/keystone_tempest_plugin/config.py
@@ -58,6 +58,12 @@
default='federated_domain',
help='The domain name where the "mapping_group_name" is '
'created.'),
+ # TODO(cmurphy): remove this option and set to true when all supported
+ # branches support the openstack_groups feature
+ cfg.BoolOpt('enable_k2k_groups_mapping',
+ default=False,
+ help='Whether to test support for openstack_groups in the K2K '
+ 'SAML assertion (lp#1687593)'),
# Protocol
cfg.StrOpt('protocol_id',
diff --git a/keystone_tempest_plugin/tests/api/identity/v3/test_service_providers.py b/keystone_tempest_plugin/tests/api/identity/v3/test_service_providers.py
index a6522f9..47a1c09 100644
--- a/keystone_tempest_plugin/tests/api/identity/v3/test_service_providers.py
+++ b/keystone_tempest_plugin/tests/api/identity/v3/test_service_providers.py
@@ -194,13 +194,18 @@
enabled_sps.append(sp_id)
# Create some disabled service providers
+ disabled_sps = []
for _ in range(2):
sp_id = data_utils.rand_uuid_hex()
self._create_sp(sp_id, fixtures.sp_ref(enabled=False))
+ disabled_sps.append(sp_id)
sps_in_token_ids = [
sp['id'] for sp in
self.sps_client.get_service_providers_in_token()]
- # Should be equal to the enabled_sps list
- self.assertItemsEqual(enabled_sps, sps_in_token_ids)
+ for enabled_sp in enabled_sps:
+ self.assertIn(enabled_sp, sps_in_token_ids)
+
+ for disabled_sp in disabled_sps:
+ self.assertNotIn(disabled_sp, sps_in_token_ids)
diff --git a/keystone_tempest_plugin/tests/scenario/test_federated_authentication.py b/keystone_tempest_plugin/tests/scenario/test_federated_authentication.py
index 43d4531..b152116 100644
--- a/keystone_tempest_plugin/tests/scenario/test_federated_authentication.py
+++ b/keystone_tempest_plugin/tests/scenario/test_federated_authentication.py
@@ -119,9 +119,9 @@
self._setup_protocol()
def _str_from_xml(self, xml, path):
- l = xml.xpath(path, namespaces=self.ECP_SAML2_NAMESPACES)
- self.assertEqual(1, len(l))
- return l[0]
+ item = xml.xpath(path, namespaces=self.ECP_SAML2_NAMESPACES)
+ self.assertEqual(1, len(item))
+ return item[0]
def _get_sp_authn_request(self):
resp = self.saml2_client.send_service_provider_request(
@@ -222,6 +222,26 @@
def setUp(self):
super(TestK2KFederatedAuthentication, self).setUp()
self._setup_sp()
+ user_id = self.keystone_manager.identity_providers_client.user_id
+ idp_info = self.idps_client.show_identity_provider(self.idp_id)
+ domain_id = idp_info['identity_provider']['domain_id']
+ project_id = self.keystone_manager.identity_providers_client.tenant_id
+ group = self.keystone_manager.groups_client.create_group(
+ name=data_utils.rand_uuid_hex(), domain_id=domain_id)
+ role = self.keystone_manager.roles_v3_client.create_role(
+ name=data_utils.rand_uuid_hex(), project_id=project_id)
+
+ self.keystone_manager.roles_v3_client.create_group_role_on_project(
+ group_id=group['group']['id'], project_id=project_id,
+ role_id=role['role']['id'])
+ self.keystone_manager.groups_client.add_group_user(
+ group_id=group['group']['id'], user_id=user_id)
+ self.addCleanup(
+ self.keystone_manager.groups_client.delete_group,
+ group['group']['id'])
+ self.addCleanup(
+ self.keystone_manager.roles_v3_client.delete_role,
+ role['role']['id'])
def _setup_settings(self):
super(TestK2KFederatedAuthentication, self)._setup_settings()
@@ -239,6 +259,34 @@
self.sp_url = '%s://%s/Shibboleth.sso/SAML2/ECP' % (url.scheme,
url.netloc)
+ def _setup_mapping(self):
+ if not CONF.fed_scenario.enable_k2k_groups_mapping:
+ super(TestK2KFederatedAuthentication, self)._setup_mapping()
+ return
+ self.mapping_id = data_utils.rand_uuid_hex()
+ rules = [{
+ 'local': [
+ {
+ 'user': {'name': self.mapping_user_name}
+ },
+ {
+ 'groups': '{1}'
+ }
+ ],
+ 'remote': [
+ {
+ 'type': self.mapping_remote_type
+ },
+ {
+ "type": 'openstack_groups'
+ }
+ ]
+ }]
+ mapping_ref = {'rules': rules}
+ self.mappings_client.create_mapping_rule(self.mapping_id, mapping_ref)
+ self.addCleanup(
+ self.mappings_client.delete_mapping_rule, self.mapping_id)
+
def _setup_sp(self):
self.sps_client.create_service_provider(self.sp_id,
sp_url=self.sp_url,
diff --git a/test-requirements.txt b/test-requirements.txt
index 4b13fd1..16165e0 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -2,7 +2,7 @@
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
-hacking>=1.1.0,<1.2.0 # Apache-2.0
+hacking>=3.0,<3.1.0;python_version>='3.5' # Apache-2.0
sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
openstackdocstheme>=1.18.1 # Apache-2.0