1// +build acceptance
2
3package v3
4
5import (
6	"testing"
7
8	"github.com/gophercloud/gophercloud/acceptance/clients"
9	"github.com/gophercloud/gophercloud/acceptance/tools"
10	"github.com/gophercloud/gophercloud/openstack"
11	"github.com/gophercloud/gophercloud/openstack/identity/v3/credentials"
12	"github.com/gophercloud/gophercloud/openstack/identity/v3/extensions/ec2tokens"
13	"github.com/gophercloud/gophercloud/openstack/identity/v3/tokens"
14	th "github.com/gophercloud/gophercloud/testhelper"
15)
16
17func TestCredentialsCRUD(t *testing.T) {
18	client, err := clients.NewIdentityV3Client()
19	th.AssertNoErr(t, err)
20
21	ao, err := openstack.AuthOptionsFromEnv()
22	th.AssertNoErr(t, err)
23
24	authOptions := tokens.AuthOptions{
25		Username:   ao.Username,
26		Password:   ao.Password,
27		DomainName: ao.DomainName,
28		DomainID:   ao.DomainID,
29		// We need a scope to get the token roles list
30		Scope: tokens.Scope{
31			ProjectID:   ao.TenantID,
32			ProjectName: ao.TenantName,
33			DomainID:    ao.DomainID,
34			DomainName:  ao.DomainName,
35		},
36	}
37	token, err := tokens.Create(client, &authOptions).Extract()
38	th.AssertNoErr(t, err)
39	tools.PrintResource(t, token)
40
41	user, err := tokens.Get(client, token.ID).ExtractUser()
42	th.AssertNoErr(t, err)
43	tools.PrintResource(t, user)
44
45	project, err := tokens.Get(client, token.ID).ExtractProject()
46	th.AssertNoErr(t, err)
47	tools.PrintResource(t, project)
48
49	createOpts := credentials.CreateOpts{
50		ProjectID: project.ID,
51		Type:      "ec2",
52		UserID:    user.ID,
53		Blob:      "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
54	}
55
56	// Create a credential
57	credential, err := credentials.Create(client, createOpts).Extract()
58	th.AssertNoErr(t, err)
59
60	// Delete a credential
61	defer credentials.Delete(client, credential.ID)
62	tools.PrintResource(t, credential)
63
64	th.AssertEquals(t, credential.Blob, createOpts.Blob)
65	th.AssertEquals(t, credential.Type, createOpts.Type)
66	th.AssertEquals(t, credential.UserID, createOpts.UserID)
67	th.AssertEquals(t, credential.ProjectID, createOpts.ProjectID)
68
69	// Get a credential
70	getCredential, err := credentials.Get(client, credential.ID).Extract()
71	th.AssertNoErr(t, err)
72	tools.PrintResource(t, getCredential)
73
74	th.AssertEquals(t, getCredential.Blob, createOpts.Blob)
75	th.AssertEquals(t, getCredential.Type, createOpts.Type)
76	th.AssertEquals(t, getCredential.UserID, createOpts.UserID)
77	th.AssertEquals(t, getCredential.ProjectID, createOpts.ProjectID)
78
79	updateOpts := credentials.UpdateOpts{
80		ProjectID: project.ID,
81		Type:      "ec2",
82		UserID:    user.ID,
83		Blob:      "{\"access\":\"181920\",\"secret\":\"mySecret\"}",
84	}
85
86	// Update a credential
87	updateCredential, err := credentials.Update(client, credential.ID, updateOpts).Extract()
88	th.AssertNoErr(t, err)
89	tools.PrintResource(t, updateCredential)
90
91	th.AssertEquals(t, updateCredential.Blob, updateOpts.Blob)
92}
93
94func TestCredentialsValidateS3(t *testing.T) {
95	client, err := clients.NewIdentityV3Client()
96	th.AssertNoErr(t, err)
97
98	ao, err := openstack.AuthOptionsFromEnv()
99	th.AssertNoErr(t, err)
100
101	authOptions := tokens.AuthOptions{
102		Username:   ao.Username,
103		Password:   ao.Password,
104		DomainName: ao.DomainName,
105		DomainID:   ao.DomainID,
106		// We need a scope to get the token roles list
107		Scope: tokens.Scope{
108			ProjectID:   ao.TenantID,
109			ProjectName: ao.TenantName,
110			DomainID:    ao.DomainID,
111			DomainName:  ao.DomainName,
112		},
113	}
114	token, err := tokens.Create(client, &authOptions).Extract()
115	th.AssertNoErr(t, err)
116	tools.PrintResource(t, token)
117
118	user, err := tokens.Get(client, token.ID).ExtractUser()
119	th.AssertNoErr(t, err)
120	tools.PrintResource(t, user)
121
122	project, err := tokens.Get(client, token.ID).ExtractProject()
123	th.AssertNoErr(t, err)
124	tools.PrintResource(t, project)
125
126	createOpts := credentials.CreateOpts{
127		ProjectID: project.ID,
128		Type:      "ec2",
129		UserID:    user.ID,
130		Blob:      "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
131	}
132
133	// Create a credential
134	credential, err := credentials.Create(client, createOpts).Extract()
135	th.AssertNoErr(t, err)
136
137	// Delete a credential
138	defer credentials.Delete(client, credential.ID)
139	tools.PrintResource(t, credential)
140
141	th.AssertEquals(t, credential.Blob, createOpts.Blob)
142	th.AssertEquals(t, credential.Type, createOpts.Type)
143	th.AssertEquals(t, credential.UserID, createOpts.UserID)
144	th.AssertEquals(t, credential.ProjectID, createOpts.ProjectID)
145
146	opts := ec2tokens.AuthOptions{
147		Access: "181920",
148		Secret: "secretKey",
149		// auth will fail if this is not s3
150		Service: "s3",
151	}
152
153	// Validate a credential
154	token, err = ec2tokens.ValidateS3Token(client, &opts).Extract()
155	th.AssertNoErr(t, err)
156	tools.PrintResource(t, token)
157}
158