keystoneauth1.fixture package

Submodules

keystoneauth1.fixture.discovery module

class keystoneauth1.fixture.discovery.DiscoveryList(href=None, v2=True, v3=True, v2_id=None, v3_id=None, v2_status=None, v2_updated=None, v2_html=True, v2_pdf=True, v3_status=None, v3_updated=None, v3_json=True, v3_xml=True)

Bases: dict

A List of version elements.

Creates a correctly structured list of identity service endpoints for use in testing with discovery.

Parameters
  • href (string) – The url that this should be based at.

  • v2 (bool) – Add a v2 element.

  • v3 (bool) – Add a v3 element.

  • v2_status (string) – The status to use for the v2 element.

  • v2_updated (DateTime) – The update time to use for the v2 element.

  • v2_html (bool) – True to add a html link to the v2 element.

  • v2_pdf (bool) – True to add a pdf link to the v2 element.

  • v3_status (string) – The status to use for the v3 element.

  • v3_updated (DateTime) – The update time to use for the v3 element.

  • v3_json (bool) – True to add a html link to the v2 element.

  • v3_xml (bool) – True to add a pdf link to the v2 element.

TEST_URL = 'http://keystone.host:5000/'
add_microversion(href, id, **kwargs)

Add a microversion version to the list.

The parameters are the same as MicroversionDiscovery.

add_nova_microversion(href, id, **kwargs)

Add a nova microversion version to the list.

The parameters are the same as NovaMicroversionDiscovery.

add_v2(href, **kwargs)

Add a v2 version to the list.

The parameters are the same as V2Discovery.

add_v3(href, **kwargs)

Add a v3 version to the list.

The parameters are the same as V3Discovery.

add_version(version)

Add a new version structure to the list.

Parameters

version (dict) – A new version structure to add to the list.

property versions
class keystoneauth1.fixture.discovery.V2Discovery(href, id=None, html=True, pdf=True, **kwargs)

Bases: keystoneauth1.fixture.discovery.DiscoveryBase

A Version element for a V2 identity service endpoint.

Provides some default values and helper methods for creating a v2.0 endpoint version structure. Clients should use this instead of creating their own structures.

Parameters
  • href (string) – The url that this entry should point to.

  • id (string) – The version id that should be reported. (optional) Defaults to ‘v2.0’.

  • html (bool) – Add HTML describedby links to the structure.

  • pdf (bool) – Add PDF describedby links to the structure.

add_html_description()

Add the HTML described by links.

The standard structure includes a link to a HTML document with the API specification. Add it to this entry.

add_pdf_description()

Add the PDF described by links.

The standard structure includes a link to a PDF document with the API specification. Add it to this entry.

class keystoneauth1.fixture.discovery.V3Discovery(href, id=None, json=True, xml=True, **kwargs)

Bases: keystoneauth1.fixture.discovery.DiscoveryBase

A Version element for a V3 identity service endpoint.

Provides some default values and helper methods for creating a v3 endpoint version structure. Clients should use this instead of creating their own structures.

Parameters
  • href – The url that this entry should point to.

  • id (string) – The version id that should be reported. (optional) Defaults to ‘v3.0’.

  • json (bool) – Add JSON media-type elements to the structure.

  • xml (bool) – Add XML media-type elements to the structure.

add_json_media_type()

Add the JSON media-type links.

The standard structure includes a list of media-types that the endpoint supports. Add JSON to the list.

add_xml_media_type()

Add the XML media-type links.

The standard structure includes a list of media-types that the endpoint supports. Add XML to the list.

class keystoneauth1.fixture.discovery.VersionDiscovery(href, id, **kwargs)

Bases: keystoneauth1.fixture.discovery.DiscoveryBase

A Version element for non-keystone services without microversions.

Provides some default values and helper methods for creating a microversion endpoint version structure. Clients should use this instead of creating their own structures.

Parameters
  • href (string) – The url that this entry should point to.

  • id (string) – The version id that should be reported.

keystoneauth1.fixture.exception module

exception keystoneauth1.fixture.exception.FixtureValidationError

Bases: Exception

The token you created is not legitimate.

The data contained in the token that was generated is not valid and would not have been returned from a keystone server. You should not do testing with this token.

keystoneauth1.fixture.hooks module

Custom hooks for betamax and keystoneauth.

Module providing a set of hooks specially designed for interacting with clouds and keystone authentication.

author

Yolanda Robla

keystoneauth1.fixture.hooks.mask_fixture_values(nested, prev_key)
keystoneauth1.fixture.hooks.pre_record_hook(interaction, cassette)

Hook to mask saved data.

This hook will be triggered before saving the interaction, and will perform two tasks: - mask user, project and password in the saved data - set token expiration time to an inifinite time.

keystoneauth1.fixture.keystoneauth_betamax module

A fixture to wrap the session constructor for use with Betamax.

class keystoneauth1.fixture.keystoneauth_betamax.BetamaxFixture(cassette_name, cassette_library_dir=None, serializer=None, record=False, pre_record_hook=<function pre_record_hook>, serializer_name=None, request_matchers=None)

Bases: fixtures.fixture.Fixture

property serializer_name

Determine the name of the selected serializer.

If a class was specified, use the name attribute to generate this, otherwise, use the serializer_name parameter from __init__.

Returns

Name of the serializer

Return type

str

setUp()

Prepare the Fixture for use.

This should not be overridden. Concrete fixtures should implement _setUp. Overriding of setUp is still supported, just not recommended.

After setUp has completed, the fixture will have one or more attributes which can be used (these depend totally on the concrete subclass).

Raises

MultipleExceptions if _setUp fails. The last exception captured within the MultipleExceptions will be a SetupError exception.

Returns

None.

Changed in 1.3

The recommendation to override setUp has been reversed - before 1.3, setUp() should be overridden, now it should not be.

Changed in 1.3.1

BaseException is now caught, and only subclasses of Exception are wrapped in MultipleExceptions.

keystoneauth1.fixture.plugin module

class keystoneauth1.fixture.plugin.LoadingFixture(token=None, endpoint=None, user_id=None, project_id=None)

Bases: fixtures.fixture.Fixture

A fixture that will stub out all plugin loading calls.

When using keystoneauth plugins loaded from config, CLI or elsewhere it is often difficult to handle the plugin parts in tests because we don’t have a reasonable default.

This fixture will create a TestPlugin that will be returned for all calls to plugin loading so you can simply bypass the authentication steps and return something well known.

Parameters
  • token (str) – The token to include in authenticated requests.

  • endpoint (str) – The endpoint to respond to service lookups with.

  • user_id (str) – The user_id to report for the authenticated user.

  • project_id (str) – The project_id to report for the authenticated user.

MOCK_POINT = 'keystoneauth1.loading.base.get_plugin_loader'
create_plugin()
get_endpoint(path=None, **kwargs)

Utility function to get the endpoint the plugin would return.

This function is provided as a convenience so you can do comparisons in your tests. Overriding it will not affect the endpoint returned by the plugin.

Parameters

path (str) – The path to append to the plugin endpoint.

get_plugin_loader(auth_type)
setUp()

Prepare the Fixture for use.

This should not be overridden. Concrete fixtures should implement _setUp. Overriding of setUp is still supported, just not recommended.

After setUp has completed, the fixture will have one or more attributes which can be used (these depend totally on the concrete subclass).

Raises

MultipleExceptions if _setUp fails. The last exception captured within the MultipleExceptions will be a SetupError exception.

Returns

None.

Changed in 1.3

The recommendation to override setUp has been reversed - before 1.3, setUp() should be overridden, now it should not be.

Changed in 1.3.1

BaseException is now caught, and only subclasses of Exception are wrapped in MultipleExceptions.

class keystoneauth1.fixture.plugin.TestPlugin(token=None, endpoint=None, user_id=None, project_id=None)

Bases: keystoneauth1.plugin.BaseAuthPlugin

A simple plugin that returns what you gave it for testing.

When testing services that use authentication plugins you often want to stub out the authentication calls and focus on the important part of your service. This plugin acts like a real keystoneauth plugin and returns known standard values without having to stub out real keystone responses.

Note that this plugin is a BaseAuthPlugin and not a BaseIdentityPlugin. This means it implements the basic plugin interface that services should be using but does not implement get_auth_ref. get_auth_ref should not be relied upon by services because a user could always configure the service to use a non-keystone auth.

Parameters
  • token (str) – The token to include in authenticated requests.

  • endpoint (str) – The endpoint to respond to service lookups with.

  • user_id (str) – The user_id to report for the authenticated user.

  • project_id (str) – The project_id to report for the authenticated user.

auth_type = 'test_plugin'
get_endpoint(session, **kwargs)

Return an endpoint for the client.

There are no required keyword arguments to get_endpoint as a plugin implementation should use best effort with the information available to determine the endpoint. However there are certain standard options that will be generated by the clients and should be used by plugins:

  • service_type: what sort of service is required.

  • service_name: the name of the service in the catalog.

  • interface: what visibility the endpoint should have.

  • region_name: the region the endpoint exists in.

Parameters

session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to.

Returns

The base URL that will be used to talk to the required service or None if not available.

Return type

string

get_project_id(session, **kwargs)

Return the project id that we are authenticated to.

Wherever possible the project id should be inferred from the token however there are certain URLs and other places that require access to the currently authenticated project id.

Parameters

session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls.

Returns

A project identifier or None if one is not available.

Return type

str

get_token(session, **kwargs)

Obtain a token.

How the token is obtained is up to the plugin. If it is still valid it may be re-used, retrieved from cache or invoke an authentication request against a server.

There are no required kwargs. They are passed directly to the auth plugin and they are implementation specific.

Returning None will indicate that no token was able to be retrieved.

This function is misplaced as it should only be required for auth plugins that use the ‘X-Auth-Token’ header. However due to the way plugins evolved this method is required and often called to trigger an authentication request on a new plugin.

When implementing a new plugin it is advised that you implement this method, however if you don’t require the ‘X-Auth-Token’ header override the get_headers method instead.

Parameters

session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls.

Returns

A token to use.

Return type

string

get_user_id(session, **kwargs)

Return a unique user identifier of the plugin.

Wherever possible the user id should be inferred from the token however there are certain URLs and other places that require access to the currently authenticated user id.

Parameters

session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls.

Returns

A user identifier or None if one is not available.

Return type

str

invalidate()

Invalidate the current authentication data.

This should result in fetching a new token on next call.

A plugin may be invalidated if an Unauthorized HTTP response is returned to indicate that the token may have been revoked or is otherwise now invalid.

Returns

True if there was something that the plugin did to invalidate. This means that it makes sense to try again. If nothing happens returns False to indicate give up.

Return type

bool

keystoneauth1.fixture.serializer module

A serializer to emit YAML but with request body in nicely formatted JSON.

class keystoneauth1.fixture.serializer.YamlJsonSerializer

Bases: betamax.serializers.base.BaseSerializer

deserialize(cassette_data)

A method that must be implemented by the Serializer author.

The return value is extremely important. If it is not empty, the dictionary returned must have the following structure:

{
    'http_interactions': [{
        # Interaction
    },
    {
        # Interaction
    }],
    'recorded_with': 'name of recorder'
}
Params str cassette_data

The data serialized as a string which needs to be deserialized.

Returns

dictionary

static generate_cassette_name(cassette_library_dir, cassette_name)
name = 'yamljson'
serialize(cassette_data)

A method that must be implemented by the Serializer author.

Parameters

cassette_data (dict) – A dictionary with two keys: http_interactions, recorded_with.

Returns

Serialized data as a string.

keystoneauth1.fixture.v2 module

class keystoneauth1.fixture.v2.Token(token_id=None, expires=None, issued=None, tenant_id=None, tenant_name=None, user_id=None, user_name=None, trust_id=None, trustee_user_id=None, audit_id=None, audit_chain_id=None)

Bases: dict

A V2 Keystone token that can be used for testing.

This object is designed to allow clients to generate a correct V2 token for use in there test code. It should prevent clients from having to know the correct token format and allow them to test the portions of token handling that matter to them and not copy and paste sample.

add_role(name=None, id=None)
add_service(type, name=None)
property audit_chain_id
property audit_id
property expires
property expires_str
property issued
property issued_str
remove_service(type)
property root
set_bind(name, data)
set_scope(id=None, name=None)
set_trust(id=None, trustee_user_id=None)
property tenant_id
property tenant_name
property token_id
property trust_id
property trustee_user_id
property user_id
property user_name
validate()

keystoneauth1.fixture.v3 module

class keystoneauth1.fixture.v3.Token(expires=None, issued=None, user_id=None, user_name=None, user_domain_id=None, user_domain_name=None, methods=None, project_id=None, project_name=None, project_domain_id=None, project_domain_name=None, domain_id=None, domain_name=None, trust_id=None, trust_impersonation=None, trustee_user_id=None, trustor_user_id=None, application_credential_id=None, application_credential_access_rules=None, oauth_access_token_id=None, oauth_consumer_id=None, audit_id=None, audit_chain_id=None, is_admin_project=None, project_is_domain=None)

Bases: dict

A V3 Keystone token that can be used for testing.

This object is designed to allow clients to generate a correct V3 token for use in there test code. It should prevent clients from having to know the correct token format and allow them to test the portions of token handling that matter to them and not copy and paste sample.

add_role(name=None, id=None)
add_service(type, name=None, id=None)
add_service_provider(sp_id, sp_auth_url, sp_url)
property application_credential_access_rules
property application_credential_id
property audit_chain_id
property audit_id
property domain_id
property domain_name
property expires
property expires_str
property is_admin_project
property issued
property issued_str
property methods
property oauth_access_token_id
property oauth_consumer_id
property project_domain_id
property project_domain_name
property project_id
property project_is_domain
property project_name
remove_service(type)
property role_ids
property role_names
property root
property service_providers
set_application_credential(application_credential_id, access_rules=None)
set_bind(name, data)
set_domain_scope(id=None, name=None)
set_oauth(access_token_id=None, consumer_id=None)
set_project_scope(id=None, name=None, domain_id=None, domain_name=None, is_domain=None)
set_system_scope()
set_trust_scope(id=None, impersonation=False, trustee_user_id=None, trustor_user_id=None)
property system
property trust_id
property trust_impersonation
property trustee_user_id
property trustor_user_id
property user_domain_id
property user_domain_name
property user_id
property user_name
validate()
class keystoneauth1.fixture.v3.V3FederationToken(methods=None, identity_provider=None, protocol=None, groups=None)

Bases: keystoneauth1.fixture.v3.Token

A V3 Keystone Federation token that can be used for testing.

Similar to V3Token, this object is designed to allow clients to generate a correct V3 federation token for use in test code.

FEDERATED_DOMAIN_ID = 'Federated'
add_federation_info_to_user(identity_provider=None, protocol=None, groups=None)

Module contents

Produce keystone compliant structures for use in testing.

They are part of the public API because they may be relied upon to generate test tokens for other clients. However they should never be imported into the main client (keystoneauth or other). Because of this there may be dependencies from this module on libraries that are only available in testing.

class keystoneauth1.fixture.DiscoveryList(href=None, v2=True, v3=True, v2_id=None, v3_id=None, v2_status=None, v2_updated=None, v2_html=True, v2_pdf=True, v3_status=None, v3_updated=None, v3_json=True, v3_xml=True)

Bases: dict

A List of version elements.

Creates a correctly structured list of identity service endpoints for use in testing with discovery.

Parameters
  • href (string) – The url that this should be based at.

  • v2 (bool) – Add a v2 element.

  • v3 (bool) – Add a v3 element.

  • v2_status (string) – The status to use for the v2 element.

  • v2_updated (DateTime) – The update time to use for the v2 element.

  • v2_html (bool) – True to add a html link to the v2 element.

  • v2_pdf (bool) – True to add a pdf link to the v2 element.

  • v3_status (string) – The status to use for the v3 element.

  • v3_updated (DateTime) – The update time to use for the v3 element.

  • v3_json (bool) – True to add a html link to the v2 element.

  • v3_xml (bool) – True to add a pdf link to the v2 element.

TEST_URL = 'http://keystone.host:5000/'
add_microversion(href, id, **kwargs)

Add a microversion version to the list.

The parameters are the same as MicroversionDiscovery.

add_nova_microversion(href, id, **kwargs)

Add a nova microversion version to the list.

The parameters are the same as NovaMicroversionDiscovery.

add_v2(href, **kwargs)

Add a v2 version to the list.

The parameters are the same as V2Discovery.

add_v3(href, **kwargs)

Add a v3 version to the list.

The parameters are the same as V3Discovery.

add_version(version)

Add a new version structure to the list.

Parameters

version (dict) – A new version structure to add to the list.

property versions
exception keystoneauth1.fixture.FixtureValidationError

Bases: Exception

The token you created is not legitimate.

The data contained in the token that was generated is not valid and would not have been returned from a keystone server. You should not do testing with this token.

class keystoneauth1.fixture.LoadingFixture(token=None, endpoint=None, user_id=None, project_id=None)

Bases: fixtures.fixture.Fixture

A fixture that will stub out all plugin loading calls.

When using keystoneauth plugins loaded from config, CLI or elsewhere it is often difficult to handle the plugin parts in tests because we don’t have a reasonable default.

This fixture will create a TestPlugin that will be returned for all calls to plugin loading so you can simply bypass the authentication steps and return something well known.

Parameters
  • token (str) – The token to include in authenticated requests.

  • endpoint (str) – The endpoint to respond to service lookups with.

  • user_id (str) – The user_id to report for the authenticated user.

  • project_id (str) – The project_id to report for the authenticated user.

MOCK_POINT = 'keystoneauth1.loading.base.get_plugin_loader'
create_plugin()
get_endpoint(path=None, **kwargs)

Utility function to get the endpoint the plugin would return.

This function is provided as a convenience so you can do comparisons in your tests. Overriding it will not affect the endpoint returned by the plugin.

Parameters

path (str) – The path to append to the plugin endpoint.

get_plugin_loader(auth_type)
setUp()

Prepare the Fixture for use.

This should not be overridden. Concrete fixtures should implement _setUp. Overriding of setUp is still supported, just not recommended.

After setUp has completed, the fixture will have one or more attributes which can be used (these depend totally on the concrete subclass).

Raises

MultipleExceptions if _setUp fails. The last exception captured within the MultipleExceptions will be a SetupError exception.

Returns

None.

Changed in 1.3

The recommendation to override setUp has been reversed - before 1.3, setUp() should be overridden, now it should not be.

Changed in 1.3.1

BaseException is now caught, and only subclasses of Exception are wrapped in MultipleExceptions.

class keystoneauth1.fixture.TestPlugin(token=None, endpoint=None, user_id=None, project_id=None)

Bases: keystoneauth1.plugin.BaseAuthPlugin

A simple plugin that returns what you gave it for testing.

When testing services that use authentication plugins you often want to stub out the authentication calls and focus on the important part of your service. This plugin acts like a real keystoneauth plugin and returns known standard values without having to stub out real keystone responses.

Note that this plugin is a BaseAuthPlugin and not a BaseIdentityPlugin. This means it implements the basic plugin interface that services should be using but does not implement get_auth_ref. get_auth_ref should not be relied upon by services because a user could always configure the service to use a non-keystone auth.

Parameters
  • token (str) – The token to include in authenticated requests.

  • endpoint (str) – The endpoint to respond to service lookups with.

  • user_id (str) – The user_id to report for the authenticated user.

  • project_id (str) – The project_id to report for the authenticated user.

auth_type = 'test_plugin'
get_endpoint(session, **kwargs)

Return an endpoint for the client.

There are no required keyword arguments to get_endpoint as a plugin implementation should use best effort with the information available to determine the endpoint. However there are certain standard options that will be generated by the clients and should be used by plugins:

  • service_type: what sort of service is required.

  • service_name: the name of the service in the catalog.

  • interface: what visibility the endpoint should have.

  • region_name: the region the endpoint exists in.

Parameters

session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to.

Returns

The base URL that will be used to talk to the required service or None if not available.

Return type

string

get_project_id(session, **kwargs)

Return the project id that we are authenticated to.

Wherever possible the project id should be inferred from the token however there are certain URLs and other places that require access to the currently authenticated project id.

Parameters

session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls.

Returns

A project identifier or None if one is not available.

Return type

str

get_token(session, **kwargs)

Obtain a token.

How the token is obtained is up to the plugin. If it is still valid it may be re-used, retrieved from cache or invoke an authentication request against a server.

There are no required kwargs. They are passed directly to the auth plugin and they are implementation specific.

Returning None will indicate that no token was able to be retrieved.

This function is misplaced as it should only be required for auth plugins that use the ‘X-Auth-Token’ header. However due to the way plugins evolved this method is required and often called to trigger an authentication request on a new plugin.

When implementing a new plugin it is advised that you implement this method, however if you don’t require the ‘X-Auth-Token’ header override the get_headers method instead.

Parameters

session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls.

Returns

A token to use.

Return type

string

get_user_id(session, **kwargs)

Return a unique user identifier of the plugin.

Wherever possible the user id should be inferred from the token however there are certain URLs and other places that require access to the currently authenticated user id.

Parameters

session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls.

Returns

A user identifier or None if one is not available.

Return type

str

invalidate()

Invalidate the current authentication data.

This should result in fetching a new token on next call.

A plugin may be invalidated if an Unauthorized HTTP response is returned to indicate that the token may have been revoked or is otherwise now invalid.

Returns

True if there was something that the plugin did to invalidate. This means that it makes sense to try again. If nothing happens returns False to indicate give up.

Return type

bool

class keystoneauth1.fixture.V2Discovery(href, id=None, html=True, pdf=True, **kwargs)

Bases: keystoneauth1.fixture.discovery.DiscoveryBase

A Version element for a V2 identity service endpoint.

Provides some default values and helper methods for creating a v2.0 endpoint version structure. Clients should use this instead of creating their own structures.

Parameters
  • href (string) – The url that this entry should point to.

  • id (string) – The version id that should be reported. (optional) Defaults to ‘v2.0’.

  • html (bool) – Add HTML describedby links to the structure.

  • pdf (bool) – Add PDF describedby links to the structure.

add_html_description()

Add the HTML described by links.

The standard structure includes a link to a HTML document with the API specification. Add it to this entry.

add_pdf_description()

Add the PDF described by links.

The standard structure includes a link to a PDF document with the API specification. Add it to this entry.

class keystoneauth1.fixture.V3Discovery(href, id=None, json=True, xml=True, **kwargs)

Bases: keystoneauth1.fixture.discovery.DiscoveryBase

A Version element for a V3 identity service endpoint.

Provides some default values and helper methods for creating a v3 endpoint version structure. Clients should use this instead of creating their own structures.

Parameters
  • href – The url that this entry should point to.

  • id (string) – The version id that should be reported. (optional) Defaults to ‘v3.0’.

  • json (bool) – Add JSON media-type elements to the structure.

  • xml (bool) – Add XML media-type elements to the structure.

add_json_media_type()

Add the JSON media-type links.

The standard structure includes a list of media-types that the endpoint supports. Add JSON to the list.

add_xml_media_type()

Add the XML media-type links.

The standard structure includes a list of media-types that the endpoint supports. Add XML to the list.

keystoneauth1.fixture.V2Token

alias of keystoneauth1.fixture.v2.Token

keystoneauth1.fixture.V3Token

alias of keystoneauth1.fixture.v3.Token

class keystoneauth1.fixture.V3FederationToken(methods=None, identity_provider=None, protocol=None, groups=None)

Bases: keystoneauth1.fixture.v3.Token

A V3 Keystone Federation token that can be used for testing.

Similar to V3Token, this object is designed to allow clients to generate a correct V3 federation token for use in test code.

FEDERATED_DOMAIN_ID = 'Federated'
add_federation_info_to_user(identity_provider=None, protocol=None, groups=None)
class keystoneauth1.fixture.VersionDiscovery(href, id, **kwargs)

Bases: keystoneauth1.fixture.discovery.DiscoveryBase

A Version element for non-keystone services without microversions.

Provides some default values and helper methods for creating a microversion endpoint version structure. Clients should use this instead of creating their own structures.

Parameters
  • href (string) – The url that this entry should point to.

  • id (string) – The version id that should be reported.