Created
June 6, 2016 22:14
-
-
Save BenjamenMeyer/4b25fb4cae71a78bf068019d38d11005 to your computer and use it in GitHub Desktop.
Example Mimic Token Validation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| import json | |
| import requests | |
| def get_creds(ad): | |
| resp = requests.post( | |
| 'http://localhost:8900/identity/v2.0/tokens', | |
| data=json.dumps(ad) | |
| ) | |
| if resp.status_code == 200: | |
| return resp.json() | |
| else: | |
| raise RuntimeError('Failed to get token from Mimic Identity: {0} => {1}'.format(resp.status_code, resp.content)) | |
| def validate_token(service_data, user_data): | |
| service_token = service_data['access']['token']['id'] | |
| token_to_validate = user_data['access']['token']['id'] | |
| tenant_id_to_validate = user_data['access']['token']['tenant']['id'] | |
| resp = requests.get( | |
| 'http://localhost:8900/identity/v2.0/tokens/{0}'.format(token_to_validate), | |
| headers={ | |
| 'x-auth-token': service_token | |
| } | |
| ) | |
| if resp.status_code == 200: | |
| auth_data = resp.json() | |
| returned_token = auth_data['access']['token']['id'] | |
| if returned_token != token_to_validate: | |
| raise RuntimeError('Mimic failed to match up the token: {0} != {1}\nUser Data: {2}\nService Data: {3}\nValidation Data: {4}'.format(returned_token, token_to_validate, user_data, service_data, auth_data)) | |
| returned_tenant_id = auth_data['access']['token']['tenant']['id'] | |
| if returned_tenant_id != tenant_id_to_validate: | |
| raise RuntimeError('Mimic failed to match up the tenant-id: {0} != {1}\nUser Data: {2}\nService Data: {3}\nValidation Data: {4}'.format(returned_tenant_id, tenant_id_to_validate, user_data, service_data, auth_data)) | |
| return auth_data | |
| else: | |
| raise RuntimeError('Failed to get token validation info: {0} => {1}'.format(resp.status_code, resp.content)) | |
| # 1. Get an Auth Token from Mimic | |
| auth_data_user = { | |
| "auth": { | |
| "RAX-KSKEY:apiKeyCredentials": { | |
| "username": "validator", | |
| "apiKey": "stoplight" | |
| } | |
| } | |
| } | |
| auth_data_service = { | |
| "auth": { | |
| "RAX-KSKEY:apiKeyCredentials": { | |
| "username": "myMimoServer", | |
| "apiKey": "the-terminator" | |
| } | |
| } | |
| } | |
| authed_user = get_creds(auth_data_user) | |
| authed_service = get_creds(auth_data_service) | |
| # 2. Try to validate the user's token via the service | |
| # This fails with the tenantid's not matching. | |
| validated_user_info = validate_token(authed_service, authed_user) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This failed on line 40. Running against https://github.com/BenjamenMeyer/mimic/tree/enhancement_internal-external_urls with https://github.com/BenjamenMeyer/mimic/tree/enhancement_cloudbackup_service merged into it.
Above is written against https://developer.rackspace.com/docs/cloud-identity/v2/developer-guide/#validate-token