summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--keystoneclient/common/cms.py2
-rw-r--r--keystoneclient/session.py4
-rw-r--r--keystoneclient/tests/unit/auth/test_identity_v2.py2
-rw-r--r--keystoneclient/tests/unit/auth/test_identity_v3.py2
-rw-r--r--keystoneclient/tests/unit/client_fixtures.py28
-rw-r--r--keystoneclient/tests/unit/test_discovery.py4
-rw-r--r--keystoneclient/tests/unit/test_session.py2
-rw-r--r--keystoneclient/tests/unit/v2_0/test_auth.py4
-rw-r--r--keystoneclient/tests/unit/v3/test_auth.py2
9 files changed, 26 insertions, 24 deletions
diff --git a/keystoneclient/common/cms.py b/keystoneclient/common/cms.py
index 9c3e0bd..601d9c9 100644
--- a/keystoneclient/common/cms.py
+++ b/keystoneclient/common/cms.py
@@ -38,7 +38,7 @@ PKI_ASN1_PREFIX = 'MII'
PKIZ_PREFIX = 'PKIZ_'
PKIZ_CMS_FORM = 'DER'
PKI_ASN1_FORM = 'PEM'
-DEFAULT_TOKEN_DIGEST_ALGORITHM = 'sha256'
+DEFAULT_TOKEN_DIGEST_ALGORITHM = 'sha256' # nosec
# The openssl cms command exits with these status codes.
diff --git a/keystoneclient/session.py b/keystoneclient/session.py
index 9faedac..d55b01b 100644
--- a/keystoneclient/session.py
+++ b/keystoneclient/session.py
@@ -171,7 +171,9 @@ class Session(object):
secure_headers = ('authorization', 'x-auth-token',
'x-subject-token', 'x-service-token')
if header[0].lower() in secure_headers:
- token_hasher = hashlib.sha1()
+ # hashlib.sha1() bandit nosec, as it is HMAC-SHA1 in
+ # keystone, which is considered secure (unlike just sha1)
+ token_hasher = hashlib.sha1() # nosec(lhinds)
token_hasher.update(header[1].encode('utf-8'))
token_hash = token_hasher.hexdigest()
return (header[0], '{SHA1}%s' % token_hash)
diff --git a/keystoneclient/tests/unit/auth/test_identity_v2.py b/keystoneclient/tests/unit/auth/test_identity_v2.py
index 8ef87c4..a180135 100644
--- a/keystoneclient/tests/unit/auth/test_identity_v2.py
+++ b/keystoneclient/tests/unit/auth/test_identity_v2.py
@@ -84,7 +84,7 @@ class V2IdentityPlugin(utils.TestCase):
self.TEST_RESPONSE_DICT = {
"access": {
"token": {
- "expires": "2020-01-01T00:00:10.000123Z",
+ "expires": "2999-01-01T00:00:10.000123Z",
"id": self.TEST_TOKEN,
"tenant": {
"id": self.TEST_TENANT_ID
diff --git a/keystoneclient/tests/unit/auth/test_identity_v3.py b/keystoneclient/tests/unit/auth/test_identity_v3.py
index 534e997..776551b 100644
--- a/keystoneclient/tests/unit/auth/test_identity_v3.py
+++ b/keystoneclient/tests/unit/auth/test_identity_v3.py
@@ -129,7 +129,7 @@ class V3IdentityPlugin(utils.TestCase):
"password"
],
- "expires_at": "2020-01-01T00:00:10.000123Z",
+ "expires_at": "2999-01-01T00:00:10.000123Z",
"project": {
"domain": {
"id": self.TEST_DOMAIN_ID,
diff --git a/keystoneclient/tests/unit/client_fixtures.py b/keystoneclient/tests/unit/client_fixtures.py
index 6da259c..cc07726 100644
--- a/keystoneclient/tests/unit/client_fixtures.py
+++ b/keystoneclient/tests/unit/client_fixtures.py
@@ -399,7 +399,7 @@ class Examples(fixtures.Fixture):
'access': {
'token': {
'id': self.UUID_TOKEN_DEFAULT,
- 'expires': '2020-01-01T00:00:10.000123Z',
+ 'expires': '2999-01-01T00:00:10.000123Z',
'tenant': {
'id': 'tenant_id1',
'name': 'tenant_name1',
@@ -420,7 +420,7 @@ class Examples(fixtures.Fixture):
'access': {
'token': {
'id': self.VALID_DIABLO_TOKEN,
- 'expires': '2020-01-01T00:00:10.000123Z',
+ 'expires': '2999-01-01T00:00:10.000123Z',
'tenantId': 'tenant_id1',
},
'user': {
@@ -437,7 +437,7 @@ class Examples(fixtures.Fixture):
'access': {
'token': {
'id': self.UUID_TOKEN_UNSCOPED,
- 'expires': '2020-01-01T00:00:10.000123Z',
+ 'expires': '2999-01-01T00:00:10.000123Z',
},
'user': {
'id': 'user_id1',
@@ -453,7 +453,7 @@ class Examples(fixtures.Fixture):
'access': {
'token': {
'id': 'valid-token',
- 'expires': '2020-01-01T00:00:10.000123Z',
+ 'expires': '2999-01-01T00:00:10.000123Z',
'tenant': {
'id': 'tenant_id1',
'name': 'tenant_name1',
@@ -474,7 +474,7 @@ class Examples(fixtures.Fixture):
'token': {
'bind': {'kerberos': self.KERBEROS_BIND},
'id': self.UUID_TOKEN_BIND,
- 'expires': '2020-01-01T00:00:10.000123Z',
+ 'expires': '2999-01-01T00:00:10.000123Z',
'tenant': {
'id': 'tenant_id1',
'name': 'tenant_name1',
@@ -496,7 +496,7 @@ class Examples(fixtures.Fixture):
'token': {
'bind': {'FOO': 'BAR'},
'id': self.UUID_TOKEN_UNKNOWN_BIND,
- 'expires': '2020-01-01T00:00:10.000123Z',
+ 'expires': '2999-01-01T00:00:10.000123Z',
'tenant': {
'id': 'tenant_id1',
'name': 'tenant_name1',
@@ -515,7 +515,7 @@ class Examples(fixtures.Fixture):
},
self.v3_UUID_TOKEN_DEFAULT: {
'token': {
- 'expires_at': '2020-01-01T00:00:10.000123Z',
+ 'expires_at': '2999-01-01T00:00:10.000123Z',
'methods': ['password'],
'user': {
'id': 'user_id1',
@@ -542,7 +542,7 @@ class Examples(fixtures.Fixture):
},
self.v3_UUID_TOKEN_UNSCOPED: {
'token': {
- 'expires_at': '2020-01-01T00:00:10.000123Z',
+ 'expires_at': '2999-01-01T00:00:10.000123Z',
'methods': ['password'],
'user': {
'id': 'user_id1',
@@ -556,7 +556,7 @@ class Examples(fixtures.Fixture):
},
self.v3_UUID_TOKEN_DOMAIN_SCOPED: {
'token': {
- 'expires_at': '2020-01-01T00:00:10.000123Z',
+ 'expires_at': '2999-01-01T00:00:10.000123Z',
'methods': ['password'],
'user': {
'id': 'user_id1',
@@ -581,7 +581,7 @@ class Examples(fixtures.Fixture):
'access': {
'token': {
'id': self.SIGNED_TOKEN_SCOPED_KEY,
- 'expires': '2020-01-01T00:00:10.000123Z',
+ 'expires': '2999-01-01T00:00:10.000123Z',
},
'user': {
'id': 'user_id1',
@@ -599,7 +599,7 @@ class Examples(fixtures.Fixture):
'access': {
'token': {
'id': self.SIGNED_TOKEN_UNSCOPED_KEY,
- 'expires': '2020-01-01T00:00:10.000123Z',
+ 'expires': '2999-01-01T00:00:10.000123Z',
},
'user': {
'id': 'user_id1',
@@ -613,7 +613,7 @@ class Examples(fixtures.Fixture):
},
self.SIGNED_v3_TOKEN_SCOPED_KEY: {
'token': {
- 'expires_at': '2020-01-01T00:00:10.000123Z',
+ 'expires_at': '2999-01-01T00:00:10.000123Z',
'methods': ['password'],
'user': {
'id': 'user_id1',
@@ -642,7 +642,7 @@ class Examples(fixtures.Fixture):
'token': {
'bind': {'kerberos': self.KERBEROS_BIND},
'methods': ['password'],
- 'expires_at': '2020-01-01T00:00:10.000123Z',
+ 'expires_at': '2999-01-01T00:00:10.000123Z',
'user': {
'id': 'user_id1',
'name': 'user_name1',
@@ -669,7 +669,7 @@ class Examples(fixtures.Fixture):
self.v3_UUID_TOKEN_UNKNOWN_BIND: {
'token': {
'bind': {'FOO': 'BAR'},
- 'expires_at': '2020-01-01T00:00:10.000123Z',
+ 'expires_at': '2999-01-01T00:00:10.000123Z',
'methods': ['password'],
'user': {
'id': 'user_id1',
diff --git a/keystoneclient/tests/unit/test_discovery.py b/keystoneclient/tests/unit/test_discovery.py
index f9d5dbf..6f85ea9 100644
--- a/keystoneclient/tests/unit/test_discovery.py
+++ b/keystoneclient/tests/unit/test_discovery.py
@@ -87,7 +87,7 @@ V2_VERSION.updated_str = UPDATED
V2_AUTH_RESPONSE = jsonutils.dumps({
"access": {
"token": {
- "expires": "2020-01-01T00:00:10.000123Z",
+ "expires": "2999-01-01T00:00:10.000123Z",
"id": 'fakeToken',
"tenant": {
"id": '1'
@@ -113,7 +113,7 @@ V3_AUTH_RESPONSE = jsonutils.dumps({
"password"
],
- "expires_at": "2020-01-01T00:00:10.000123Z",
+ "expires_at": "2999-01-01T00:00:10.000123Z",
"project": {
"domain": {
"id": '1',
diff --git a/keystoneclient/tests/unit/test_session.py b/keystoneclient/tests/unit/test_session.py
index 27d224d..e0d9b28 100644
--- a/keystoneclient/tests/unit/test_session.py
+++ b/keystoneclient/tests/unit/test_session.py
@@ -266,7 +266,7 @@ class SessionTests(utils.TestCase):
# elements to make sure that all joins are appropriately
# handled (any join of unicode and byte strings should
# raise a UnicodeDecodeError)
- session.post(unicode(self.TEST_URL), data=data)
+ session.post(six.text_type(self.TEST_URL), data=data)
self.assertNotIn('my data', self.logger.output)
diff --git a/keystoneclient/tests/unit/v2_0/test_auth.py b/keystoneclient/tests/unit/v2_0/test_auth.py
index 64f2ea0..b733524 100644
--- a/keystoneclient/tests/unit/v2_0/test_auth.py
+++ b/keystoneclient/tests/unit/v2_0/test_auth.py
@@ -28,7 +28,7 @@ class AuthenticateAgainstKeystoneTests(utils.TestCase):
self.TEST_RESPONSE_DICT = {
"access": {
"token": {
- "expires": "2020-01-01T00:00:10.000123Z",
+ "expires": "2999-01-01T00:00:10.000123Z",
"id": self.TEST_TOKEN,
"tenant": {
"id": self.TEST_TENANT_ID
@@ -61,7 +61,7 @@ class AuthenticateAgainstKeystoneTests(utils.TestCase):
# Build a new response
TEST_TOKEN = "abcdef"
- resp_b['access']['token']['expires'] = '2020-01-01T00:00:10.000123Z'
+ resp_b['access']['token']['expires'] = '2999-01-01T00:00:10.000123Z'
resp_b['access']['token']['id'] = TEST_TOKEN
# return expired first, and then the new response
diff --git a/keystoneclient/tests/unit/v3/test_auth.py b/keystoneclient/tests/unit/v3/test_auth.py
index 6549080..9f87977 100644
--- a/keystoneclient/tests/unit/v3/test_auth.py
+++ b/keystoneclient/tests/unit/v3/test_auth.py
@@ -28,7 +28,7 @@ class AuthenticateAgainstKeystoneTests(utils.TestCase):
"password"
],
- "expires_at": "2020-01-01T00:00:10.000123Z",
+ "expires_at": "2999-01-01T00:00:10.000123Z",
"project": {
"domain": {
"id": self.TEST_DOMAIN_ID,
View Lorry Controller Status