1// +build acceptance 2 3package v3 4 5import ( 6 "testing" 7 8 "github.com/gophercloud/gophercloud/acceptance/clients" 9 "github.com/gophercloud/gophercloud/acceptance/tools" 10 "github.com/gophercloud/gophercloud/openstack" 11 "github.com/gophercloud/gophercloud/openstack/identity/v3/credentials" 12 "github.com/gophercloud/gophercloud/openstack/identity/v3/extensions/ec2tokens" 13 "github.com/gophercloud/gophercloud/openstack/identity/v3/tokens" 14 th "github.com/gophercloud/gophercloud/testhelper" 15) 16 17func TestCredentialsCRUD(t *testing.T) { 18 client, err := clients.NewIdentityV3Client() 19 th.AssertNoErr(t, err) 20 21 ao, err := openstack.AuthOptionsFromEnv() 22 th.AssertNoErr(t, err) 23 24 authOptions := tokens.AuthOptions{ 25 Username: ao.Username, 26 Password: ao.Password, 27 DomainName: ao.DomainName, 28 DomainID: ao.DomainID, 29 // We need a scope to get the token roles list 30 Scope: tokens.Scope{ 31 ProjectID: ao.TenantID, 32 ProjectName: ao.TenantName, 33 DomainID: ao.DomainID, 34 DomainName: ao.DomainName, 35 }, 36 } 37 token, err := tokens.Create(client, &authOptions).Extract() 38 th.AssertNoErr(t, err) 39 tools.PrintResource(t, token) 40 41 user, err := tokens.Get(client, token.ID).ExtractUser() 42 th.AssertNoErr(t, err) 43 tools.PrintResource(t, user) 44 45 project, err := tokens.Get(client, token.ID).ExtractProject() 46 th.AssertNoErr(t, err) 47 tools.PrintResource(t, project) 48 49 createOpts := credentials.CreateOpts{ 50 ProjectID: project.ID, 51 Type: "ec2", 52 UserID: user.ID, 53 Blob: "{\"access\":\"181920\",\"secret\":\"secretKey\"}", 54 } 55 56 // Create a credential 57 credential, err := credentials.Create(client, createOpts).Extract() 58 th.AssertNoErr(t, err) 59 60 // Delete a credential 61 defer credentials.Delete(client, credential.ID) 62 tools.PrintResource(t, credential) 63 64 th.AssertEquals(t, credential.Blob, createOpts.Blob) 65 th.AssertEquals(t, credential.Type, createOpts.Type) 66 th.AssertEquals(t, credential.UserID, createOpts.UserID) 67 th.AssertEquals(t, credential.ProjectID, createOpts.ProjectID) 68 69 // Get a credential 70 getCredential, err := credentials.Get(client, credential.ID).Extract() 71 th.AssertNoErr(t, err) 72 tools.PrintResource(t, getCredential) 73 74 th.AssertEquals(t, getCredential.Blob, createOpts.Blob) 75 th.AssertEquals(t, getCredential.Type, createOpts.Type) 76 th.AssertEquals(t, getCredential.UserID, createOpts.UserID) 77 th.AssertEquals(t, getCredential.ProjectID, createOpts.ProjectID) 78 79 updateOpts := credentials.UpdateOpts{ 80 ProjectID: project.ID, 81 Type: "ec2", 82 UserID: user.ID, 83 Blob: "{\"access\":\"181920\",\"secret\":\"mySecret\"}", 84 } 85 86 // Update a credential 87 updateCredential, err := credentials.Update(client, credential.ID, updateOpts).Extract() 88 th.AssertNoErr(t, err) 89 tools.PrintResource(t, updateCredential) 90 91 th.AssertEquals(t, updateCredential.Blob, updateOpts.Blob) 92} 93 94func TestCredentialsValidateS3(t *testing.T) { 95 client, err := clients.NewIdentityV3Client() 96 th.AssertNoErr(t, err) 97 98 ao, err := openstack.AuthOptionsFromEnv() 99 th.AssertNoErr(t, err) 100 101 authOptions := tokens.AuthOptions{ 102 Username: ao.Username, 103 Password: ao.Password, 104 DomainName: ao.DomainName, 105 DomainID: ao.DomainID, 106 // We need a scope to get the token roles list 107 Scope: tokens.Scope{ 108 ProjectID: ao.TenantID, 109 ProjectName: ao.TenantName, 110 DomainID: ao.DomainID, 111 DomainName: ao.DomainName, 112 }, 113 } 114 token, err := tokens.Create(client, &authOptions).Extract() 115 th.AssertNoErr(t, err) 116 tools.PrintResource(t, token) 117 118 user, err := tokens.Get(client, token.ID).ExtractUser() 119 th.AssertNoErr(t, err) 120 tools.PrintResource(t, user) 121 122 project, err := tokens.Get(client, token.ID).ExtractProject() 123 th.AssertNoErr(t, err) 124 tools.PrintResource(t, project) 125 126 createOpts := credentials.CreateOpts{ 127 ProjectID: project.ID, 128 Type: "ec2", 129 UserID: user.ID, 130 Blob: "{\"access\":\"181920\",\"secret\":\"secretKey\"}", 131 } 132 133 // Create a credential 134 credential, err := credentials.Create(client, createOpts).Extract() 135 th.AssertNoErr(t, err) 136 137 // Delete a credential 138 defer credentials.Delete(client, credential.ID) 139 tools.PrintResource(t, credential) 140 141 th.AssertEquals(t, credential.Blob, createOpts.Blob) 142 th.AssertEquals(t, credential.Type, createOpts.Type) 143 th.AssertEquals(t, credential.UserID, createOpts.UserID) 144 th.AssertEquals(t, credential.ProjectID, createOpts.ProjectID) 145 146 opts := ec2tokens.AuthOptions{ 147 Access: "181920", 148 Secret: "secretKey", 149 // auth will fail if this is not s3 150 Service: "s3", 151 } 152 153 // Validate a credential 154 token, err = ec2tokens.ValidateS3Token(client, &opts).Extract() 155 th.AssertNoErr(t, err) 156 tools.PrintResource(t, token) 157} 158