# vim: tabstop=4 shiftwidth=4 softtabstop=4

# Copyright 2011 OpenStack, LLC
# All Rights Reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

"""Functional test case against the OpenStack Nova API server"""

import httplib2
import json
import uuid

from kong import keystone
from kong import tests


class TestKeystoneAuth(tests.FunctionalTest):

    def setUp(self):
        super(TestKeystoneAuth, self).setUp()

        api_version = self.keystone['apiver']
        if api_version != 'v2.0':
            raise ValueError("Must use Identity API v2.0")

        args = (self.keystone['service_host'],
            self.keystone['service_port'],
                api_version)

        self.base_url = "http://%s:%s/%s/tokens" % args

        self.user = self.keystone['user']
        self.password = self.keystone['password']
        self.tenant_id = self.keystone['tenant_id']

    def test_can_get_token(self):
        headers = {'content-type': 'application/json'}

        body = {
            "auth": {
                "passwordCredentials":{
                    "username": self.user,
                    "password": self.password,
                },
                "tenantId": self.tenant_id,
            },
        }

        http = httplib2.Http()
        response, content = http.request(self.base_url, 'POST',
                                         headers=headers,
                                         body=json.dumps(body))

        self.assertEqual(response.status, 200)
        res_body = json.loads(content)
        self.assertTrue(res_body['access']['token']['id'])
        self.assertTrue(res_body['access']['token']['tenant']['id'],
            self.tenant_id)
        self.assertTrue(res_body['access']['user']['name'],
            self.user)
    test_can_get_token.tags = ['auth']

    def test_bad_user(self):
        headers = {'content-type': 'application/json'}

        body = {
            "auth": {
                "passwordCredentials": {
                    "username": str(uuid.uuid4()),
                    "password": self.password,
                },
                "tenantId": self.tenant_id,
            },
        }

        http = httplib2.Http()
        response, content = http.request(self.base_url, 'POST',
                                         headers=headers,
                                         body=json.dumps(body))

        self.assertEqual(response.status, 401)
    test_bad_user.tags = ['auth']

    def test_bad_password(self):
        headers = {'content-type': 'application/json'}

        body = {
            "auth": {
                "passwordCredentials": {
                    "username": self.user,
                    "password": str(uuid.uuid4()),
                },
                "tenantId": self.tenant_id,
            },
        }

        http = httplib2.Http()
        response, content = http.request(self.base_url, 'POST',
                                         headers=headers,
                                         body=json.dumps(body))

        self.assertEqual(response.status, 401)
    test_bad_password.tags = ['auth']

    def test_bad_tenant_id(self):
        headers = {'content-type': 'application/json'}

        body = {
            "auth": {
                "passwordCredentials": {
                    "username": self.user,
                    "password": self.password,
                },
                "tenantId": str(uuid.uuid4()),
            },
        }

        http = httplib2.Http()
        response, content = http.request(self.base_url, 'POST',
                                         headers=headers,
                                         body=json.dumps(body))

        self.assertEqual(response.status, 401)
    test_bad_tenant_id.tags = ['auth']


class TestKeystoneAuthWithNova(tests.FunctionalTest):

    def setUp(self):
        super(TestKeystoneAuthWithNova, self).setUp()
        args = (self.nova['host'], self.nova['port'],
                self.nova['ver'], self.nova['project'])
        self.base_url = "http://%s:%s/%s/%s" % args

        self.keystone_api = keystone.API(self.keystone['service_host'],
                                         self.keystone['service_port'])

    def _get_token(self):
        user = self.keystone['user']
        password = self.keystone['password']
        tenant_id = self.keystone['tenant_id']
        return self.keystone_api.get_token(user, password, tenant_id)

    def test_good_token(self):
        http = httplib2.Http()
        url = '%s/flavors' % self.base_url
        headers = {'x-auth-token': self._get_token()}
        response, content = http.request(url, 'GET', headers=headers)
        self.assertEqual(response.status, 200)
    test_good_token.tags = ['nova', 'auth']

    def test_bad_token(self):
        http = httplib2.Http()
        url = '%s/flavors' % self.base_url
        headers = {'x-auth-token': str(uuid.uuid4())}
        response, content = http.request(url, 'GET', headers=headers)
        self.assertEqual(response.status, 401)
    test_bad_token.tags = ['nova', 'auth']

    def test_no_token(self):
        http = httplib2.Http()
        url = '%s/flavors' % self.base_url
        headers = {'x-auth-token': str(uuid.uuid4())}
        response, content = http.request(url, 'GET', headers=headers)
        self.assertEqual(response.status, 401)
    test_no_token.tags = ['nova', 'auth']

    def test_no_header(self):
        http = httplib2.Http()
        url = '%s/flavors' % self.base_url
        response, content = http.request(url, 'GET')
        self.assertEqual(response.status, 401)
    test_no_header.tags = ['nova', 'auth']