diff options
author | wanghong <w.wanghong@huawei.com> | 2014-08-11 15:54:47 +0800 |
---|---|---|
committer | wanghong <w.wanghong@huawei.com> | 2014-09-05 17:29:21 +0800 |
commit | 5835b232519be6a0497ee77316307acb79d9c7b1 (patch) | |
tree | dc1c79af20df55fc3e047abdce44123319d42d6d | |
parent | c9036a00ef3f7c4b9475799d5b713db7a2d94961 (diff) | |
download | keystonemiddleware-5835b232519be6a0497ee77316307acb79d9c7b1.tar.gz |
convert the conf value into correct type
If options are set in paste file e.g. api-paste.ini for nova, all
the option values passed into AuthProtocol.conf are string type.
So, we should convert the conf value into correct type.
Change-Id: I0367cd6b54ee49f5db6541840539e7700f241f87
Closes-Bug: #1353315
-rw-r--r-- | keystonemiddleware/auth_token.py | 26 | ||||
-rw-r--r-- | keystonemiddleware/tests/test_auth_token_middleware.py | 23 |
2 files changed, 48 insertions, 1 deletions
diff --git a/keystonemiddleware/auth_token.py b/keystonemiddleware/auth_token.py index ce60402..f06a7c4 100644 --- a/keystonemiddleware/auth_token.py +++ b/keystonemiddleware/auth_token.py @@ -424,6 +424,27 @@ def _safe_quote(s): return urllib.parse.quote(s) if s == urllib.parse.unquote(s) else s +def _conf_values_type_convert(conf): + """Convert conf values into correct type.""" + if not conf: + return {} + opts = {} + opt_types = dict((o.dest, o.type) for o in _OPTS) + for k, v in six.iteritems(conf): + try: + if v is None: + opts[k] = v + else: + opts[k] = opt_types[k](v) + except KeyError: + opts[k] = v + except ValueError as e: + raise ConfigurationError( + 'Unable to convert the value of %s option into correct ' + 'type: %s' % (k, e)) + return opts + + class InvalidUserToken(Exception): pass @@ -459,7 +480,10 @@ class AuthProtocol(object): def __init__(self, app, conf): self._LOG = logging.getLogger(conf.get('log_name', __name__)) self._LOG.info('Starting keystone auth_token middleware') - self._conf = conf + # NOTE(wanghong): If options are set in paste file, all the option + # values passed into conf are string type. So, we should convert the + # conf value into correct type. + self._conf = _conf_values_type_convert(conf) self._app = app # delay_auth_decision means we still allow unauthenticated requests diff --git a/keystonemiddleware/tests/test_auth_token_middleware.py b/keystonemiddleware/tests/test_auth_token_middleware.py index e2dff21..bb1c0a5 100644 --- a/keystonemiddleware/tests/test_auth_token_middleware.py +++ b/keystonemiddleware/tests/test_auth_token_middleware.py @@ -531,6 +531,29 @@ class GeneralAuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest, self.assertEqual(middleware._token_revocation_list_cache_timeout, datetime.timedelta(seconds=24)) + def test_conf_values_type_convert(self): + conf = { + 'revocation_cache_time': '24', + 'identity_uri': 'https://keystone.example.com:1234', + 'include_service_catalog': '0', + 'nonexsit_option': '0', + } + + middleware = auth_token.AuthProtocol(self.fake_app, conf) + self.assertEqual(datetime.timedelta(seconds=24), + middleware._token_revocation_list_cache_timeout) + self.assertEqual(False, middleware._include_service_catalog) + self.assertEqual('https://keystone.example.com:1234', + middleware._identity_uri) + self.assertEqual('0', middleware._conf['nonexsit_option']) + + def test_conf_values_type_convert_with_wrong_value(self): + conf = { + 'include_service_catalog': '123', + } + self.assertRaises(auth_token.ConfigurationError, + auth_token.AuthProtocol, self.fake_app, conf) + class CommonAuthTokenMiddlewareTest(object): """These tests are run once using v2 tokens and again using v3 tokens.""" |