This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.

276 lines
6.5 KiB
Raw Normal View History

2018-11-27 15:58:46 +05:30
package keystone
import (
networktypes ""
const dockerCliVersion = "1.37"
const exposedKeystonePort = "5000"
const exposedKeystonePortAdmin = "35357"
const keystoneHost = "http://localhost"
const keystoneURL = keystoneHost + ":" + exposedKeystonePort
const keystoneAdminURL = keystoneHost + ":" + exposedKeystonePortAdmin
const authTokenURL = keystoneURL + "/v3/auth/tokens/"
const userURL = keystoneAdminURL + "/v3/users/"
const groupURL = keystoneAdminURL + "/v3/groups/"
func startKeystoneContainer() string {
ctx := context.Background()
cli, err := client.NewClientWithOpts(client.WithVersion(dockerCliVersion))
if err != nil {
fmt.Printf("Error %v", err)
return ""
imageName := "openio/openstack-keystone"
out, err := cli.ImagePull(ctx, imageName, types.ImagePullOptions{})
if err != nil {
fmt.Printf("Error %v", err)
return ""
io.Copy(os.Stdout, out)
resp, err := cli.ContainerCreate(ctx, &container.Config{
Image: imageName,
}, &container.HostConfig{
PortBindings: nat.PortMap{
"5000/tcp": []nat.PortBinding{
HostIP: "",
HostPort: exposedKeystonePort,
"35357/tcp": []nat.PortBinding{
HostIP: "",
HostPort: exposedKeystonePortAdmin,
}, &networktypes.NetworkingConfig{}, "dex_keystone_test")
if err != nil {
fmt.Printf("Error %v", err)
return ""
if err := cli.ContainerStart(ctx, resp.ID, types.ContainerStartOptions{}); err != nil {
return resp.ID
func cleanKeystoneContainer(ID string) {
ctx := context.Background()
cli, err := client.NewClientWithOpts(client.WithVersion(dockerCliVersion))
if err != nil {
fmt.Printf("Error %v", err)
duration := time.Duration(1)
if err:= cli.ContainerStop(ctx, ID, &duration); err != nil {
fmt.Printf("Error %v", err)
if err:= cli.ContainerRemove(ctx, ID, types.ContainerRemoveOptions{}); err != nil {
fmt.Printf("Error %v", err)
func getAdminToken(admin_name, admin_pass string) (token string) {
client := &http.Client{}
jsonData := LoginRequestData{
Auth: Auth{
Identity: Identity{
Password: Password{
User: User{
Name: admin_name,
Domain: Domain{ID: "default"},
Password: admin_pass,
body, _ := json.Marshal(jsonData)
req, _ := http.NewRequest("POST", authTokenURL, bytes.NewBuffer(body))
req.Header.Set("Content-Type", "application/json")
resp, _ := client.Do(req)
token = resp.Header["X-Subject-Token"][0]
return token
func createUser(token, user_name, user_email, user_pass string) (string){
client := &http.Client{}
createUserData := CreateUserRequest{
CreateUser: CreateUserForm{
Name: user_name,
Email: user_email,
Enabled: true,
Password: user_pass,
Roles: []string{"admin"},
body, _ := json.Marshal(createUserData)
req, _ := http.NewRequest("POST", userURL, bytes.NewBuffer(body))
req.Header.Set("X-Auth-Token", token)
req.Header.Add("Content-Type", "application/json")
resp, _ := client.Do(req)
data, _ := ioutil.ReadAll(resp.Body)
var userResponse = new(UserResponse)
err := json.Unmarshal(data, &userResponse)
if err != nil {
return userResponse.User.ID
func deleteUser(token, id string) {
client := &http.Client{}
deleteUserURI := userURL + id
req, _ := http.NewRequest("DELETE", deleteUserURI, nil)
req.Header.Set("X-Auth-Token", token)
resp, _ := client.Do(req)
func createGroup(token, description, name string) string{
client := &http.Client{}
createGroupData := CreateGroup{
Description: description,
Name: name,
body, _ := json.Marshal(createGroupData)
req, _ := http.NewRequest("POST", groupURL, bytes.NewBuffer(body))
req.Header.Set("X-Auth-Token", token)
req.Header.Add("Content-Type", "application/json")
resp, _ := client.Do(req)
data, _ := ioutil.ReadAll(resp.Body)
var groupResponse = new(GroupID)
err := json.Unmarshal(data, &groupResponse)
if err != nil {
return groupResponse.Group.ID
func addUserToGroup(token, groupId, userId string) {
uri := groupURL + groupId + "/users/" + userId
client := &http.Client{}
req, _ := http.NewRequest("PUT", uri, nil)
req.Header.Set("X-Auth-Token", token)
resp, _ := client.Do(req)
const adminUser = "demo"
const adminPass = "DEMO_PASS"
const invalidPass = "WRONG_PASS"
const testUser = "test_user"
const testPass = "test_pass"
const testEmail = ""
const domain = "default"
func TestIncorrectCredentialsLogin(t *testing.T) {
c := Connector{KeystoneHost: keystoneURL, Domain: domain,
KeystoneUsername: adminUser, KeystonePassword: adminPass}
s := connector.Scopes{OfflineAccess: true, Groups: true}
_, validPW, _ := c.Login(context.Background(), s, adminUser, invalidPass)
if validPW {
func TestValidUserLogin(t *testing.T) {
token := getAdminToken(adminUser, adminPass)
userID := createUser(token, testUser, testEmail, testPass)
c := Connector{KeystoneHost: keystoneURL, Domain: domain,
KeystoneUsername: adminUser, KeystonePassword: adminPass}
s := connector.Scopes{OfflineAccess: true, Groups: true}
_, validPW, _ := c.Login(context.Background(), s, testUser, testPass)
if !validPW {
deleteUser(token, userID)
func TestUseRefreshToken(t *testing.T) {
t.Fatal("Not implemented")
func TestUseRefreshTokenUserDeleted(t *testing.T){
t.Fatal("Not implemented")
func TestUseRefreshTokenGroupsChanged(t *testing.T){
t.Fatal("Not implemented")
func TestMain(m *testing.M) {
dockerID := startKeystoneContainer()
repeats := 10
running := false
for i := 0; i < repeats; i++ {
_, err := http.Get(keystoneURL)
if err == nil {
running = true
time.Sleep(10 * time.Second)
if !running {
fmt.Printf("Failed to start keystone container")
defer cleanKeystoneContainer(dockerID)
// run all tests