-
-
Save notmyname/d3f07ab9f39c30421f15 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/swiftclient/client.py b/swiftclient/client.py | |
index ee80769..bfb4cd2 100644 | |
--- a/swiftclient/client.py | |
+++ b/swiftclient/client.py | |
@@ -219,8 +219,9 @@ def http_connection(*arg, **kwarg): | |
return conn.parsed_url, conn | |
-def get_auth_1_0(url, user, key, snet): | |
- parsed, conn = http_connection(url) | |
+def get_auth_1_0(url, user, key, snet, **kwargs): | |
+ insecure = kwargs.get('insecure', False) | |
+ parsed, conn = http_connection(url, insecure=insecure) | |
method = 'GET' | |
conn.request(method, parsed.path, '', | |
{'X-Auth-User': user, 'X-Auth-Key': key}) | |
@@ -307,11 +308,13 @@ def get_auth(auth_url, user, key, **kwargs): | |
os_options = kwargs.get('os_options', {}) | |
storage_url, token = None, None | |
+ insecure = kwargs.get('insecure', False) | |
if auth_version in ['1.0', '1', 1]: | |
storage_url, token = get_auth_1_0(auth_url, | |
user, | |
key, | |
- kwargs.get('snet')) | |
+ kwargs.get('snet'), | |
+ insecure=insecure) | |
elif auth_version in ['2.0', '2', 2]: | |
# We are allowing to specify a token/storage-url to re-use | |
# without having to re-authenticate. | |
@@ -335,7 +338,6 @@ def get_auth(auth_url, user, key, **kwargs): | |
if (not 'tenant_name' in os_options): | |
raise ClientException('No tenant specified') | |
- insecure = kwargs.get('insecure', False) | |
cacert = kwargs.get('cacert', None) | |
storage_url, token = get_keystoneclient_2_0(auth_url, user, | |
key, os_options, | |
@@ -1101,8 +1103,8 @@ class Connection(object): | |
:param os_options: The OpenStack options which can have tenant_id, | |
auth_token, service_type, endpoint_type, | |
tenant_name, object_storage_url, region_name | |
- :param insecure: Allow to access insecure keystone server. | |
- The keystone's certificate will not be verified. | |
+ :param insecure: Allow to access servers without checking SSL certs. | |
+ The server's certificate will not be verified. | |
:param ssl_compression: Whether to enable compression at the SSL layer. | |
If set to 'False' and the pyOpenSSL library is | |
present an attempt to disable SSL compression | |
diff --git a/tests/test_swiftclient.py b/tests/test_swiftclient.py | |
index 7a9f1f0..4c5928a 100644 | |
--- a/tests/test_swiftclient.py | |
+++ b/tests/test_swiftclient.py | |
@@ -223,11 +223,32 @@ class TestGetAuth(MockHttpTest): | |
auth_version="foo") | |
def test_auth_v1(self): | |
- c.http_connection = self.fake_http_connection(200) | |
+ c.http_connection = self.fake_http_connection(200, auth_v1=True) | |
url, token = c.get_auth('http://www.test.com', 'asdf', 'asdf', | |
auth_version="1.0") | |
- self.assertEqual(url, None) | |
- self.assertEqual(token, None) | |
+ self.assertEqual(url, 'storageURL') | |
+ self.assertEqual(token, 'someauthtoken') | |
+ | |
+ def test_auth_v1_insecure(self): | |
+ c.http_connection = self.fake_http_connection(200, auth_v1=True) | |
+ url, token = c.get_auth('http://www.test.com', 'asdf', 'asdf', | |
+ auth_version='1.0') | |
+ self.assertEqual(url, 'storageURL') | |
+ self.assertEqual(token, 'someauthtoken') | |
+ | |
+ c.http_connection = self.fake_http_connection( | |
+ 200, auth_v1=True, invalid_certificate=True) | |
+ url, token = c.get_auth('http://www.test.com', 'asdf', 'asdf', | |
+ auth_version='1.0', | |
+ insecure=True) | |
+ self.assertEqual(url, 'storageURL') | |
+ self.assertEqual(token, 'someauthtoken') | |
+ | |
+ c.http_connection = self.fake_http_connection( | |
+ 200, auth_v1=True, invalid_certificate=True) | |
+ self.assertRaises(c.ClientException, c.get_auth, | |
+ 'http://www.test.com', 'asdf', 'asdf', | |
+ auth_version='1.0') | |
def test_auth_v2(self): | |
os_options = {'tenant_name': 'asdf'} | |
diff --git a/tests/utils.py b/tests/utils.py | |
index ff2834a..4fef5bd 100644 | |
--- a/tests/utils.py | |
+++ b/tests/utils.py | |
@@ -46,7 +46,8 @@ def fake_http_connect(*code_iter, **kwargs): | |
class FakeConn(object): | |
- def __init__(self, status, etag=None, body='', timestamp='1'): | |
+ def __init__(self, status, etag=None, body='', timestamp='1', | |
+ insecure=False): | |
self.status = status | |
self.reason = 'Fake' | |
self.host = '1.2.3.4' | |
@@ -57,6 +58,7 @@ def fake_http_connect(*code_iter, **kwargs): | |
self.body = body | |
self.timestamp = timestamp | |
self._is_closed = True | |
+ self.insecure_ok = not insecure | |
def connect(self): | |
self._is_closed = False | |
@@ -70,6 +72,9 @@ def fake_http_connect(*code_iter, **kwargs): | |
def getresponse(self): | |
if kwargs.get('raise_exc'): | |
raise Exception('test') | |
+ if kwargs.get('invalid_cert') and self.insecure_ok: | |
+ from swiftclient import client as c | |
+ raise c.ClientException("invalid_certificate") | |
return self | |
def getexpect(self): | |
@@ -100,6 +105,10 @@ def fake_http_connect(*code_iter, **kwargs): | |
headers['content-length'] = '4' | |
if 'headers' in kwargs: | |
headers.update(kwargs['headers']) | |
+ if 'auth_v1' in kwargs: | |
+ headers.update( | |
+ {'x-storage-url': 'storageURL', | |
+ 'x-auth-token': 'someauthtoken'}) | |
return headers.items() | |
def read(self, amt=None): | |
@@ -143,7 +152,8 @@ def fake_http_connect(*code_iter, **kwargs): | |
if status <= 0: | |
raise RequestException() | |
fake_conn = FakeConn(status, etag, body=kwargs.get('body', ''), | |
- timestamp=timestamp) | |
+ timestamp=timestamp, | |
+ insecure=ckwargs.get('insecure')) | |
fake_conn.connect() | |
return fake_conn | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment