Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
systemsmanagement:Ardana:8:CentOS
python-keystoneclient
2020-tests-pass.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 2020-tests-pass.patch of Package python-keystoneclient
From bcc00a10a6a5e42f261ad88feaec8019d68f25f8 Mon Sep 17 00:00:00 2001 From: "Bernhard M. Wiedemann" <bwiedemann@suse.de> Date: Thu, 28 Feb 2019 14:06:22 +0100 Subject: [PATCH] Make tests pass in 2020 Without this patch, build failed after 2019-12-31 with Traceback (most recent call last): File "keystoneclient/tests/unit/v3/test_auth.py", line 226, in test_authenticate_success_password_unscoped self.assertRequestBodyIs(json=self.TEST_REQUEST_BODY) File "keystoneclient/tests/unit/utils.py", line 72, in assertRequestBodyIs self.assertEqual(json, val) NOTE: in addition to the orginal backport, this patch adds the following changes. The changes has to be combined into a single patch in order to avoid circular dependencies. 1. fixed bandit complains in keystoneclient/common/cms.py. The literal 'sha256' is the default hash algorithm, not a sensitive password. Marking it as false positive so bandit can stop chirping. 2. combined with cherry pick from commit f2d3fec9b254f9c47e97ddf48e3c5f7614b87f1b to avoid circular dependency. Without combining them, neither backport will pass all the gates since pep8 has switched over to use python3 now. 3. combined with cherry pick from commit b29f478f28c4989156cfe87392cbd308e3f55c1e to avoid circular dependency. Without combining them, neither backport will pass all the gates since bandit will have a false positive on the hash algorithm. Change-Id: I0e44d9896c5970f0ca07438c372aec826aeb5c77 (cherry picked from commit f2d3fec9b254f9c47e97ddf48e3c5f7614b87f1b) (cherry picked from commit acc21ff06154e16de16583fe6994207d689ed054) (cherry picked from commit b29f478f28c4989156cfe87392cbd308e3f55c1e) (cherry picked from commit 9da2e0bdd83d481091814a8c6f40ab3ff39ffa9c) --- keystoneclient/common/cms.py | 2 +- keystoneclient/session.py | 4 ++- .../tests/unit/auth/test_identity_v2.py | 2 +- .../tests/unit/auth/test_identity_v3.py | 2 +- keystoneclient/tests/unit/client_fixtures.py | 28 +++++++++---------- keystoneclient/tests/unit/test_discovery.py | 4 +-- keystoneclient/tests/unit/test_session.py | 2 +- keystoneclient/tests/unit/v2_0/test_auth.py | 4 +-- keystoneclient/tests/unit/v3/test_auth.py | 2 +- 9 files changed, 26 insertions(+), 24 deletions(-) diff --git a/keystoneclient/common/cms.py b/keystoneclient/common/cms.py index 9c3e0bdfb..601d9c92d 100644 --- a/keystoneclient/common/cms.py +++ b/keystoneclient/common/cms.py @@ -38,7 +38,7 @@ PKIZ_PREFIX = 'PKIZ_' PKIZ_CMS_FORM = 'DER' PKI_ASN1_FORM = 'PEM' -DEFAULT_TOKEN_DIGEST_ALGORITHM = 'sha256' +DEFAULT_TOKEN_DIGEST_ALGORITHM = 'sha256' # nosec # The openssl cms command exits with these status codes. diff --git a/keystoneclient/session.py b/keystoneclient/session.py index 9faedacda..d55b01b6f 100644 --- a/keystoneclient/session.py +++ b/keystoneclient/session.py @@ -171,7 +171,9 @@ def _process_header(header): secure_headers = ('authorization', 'x-auth-token', 'x-subject-token', 'x-service-token') if header[0].lower() in secure_headers: - token_hasher = hashlib.sha1() + # hashlib.sha1() bandit nosec, as it is HMAC-SHA1 in + # keystone, which is considered secure (unlike just sha1) + token_hasher = hashlib.sha1() # nosec(lhinds) token_hasher.update(header[1].encode('utf-8')) token_hash = token_hasher.hexdigest() return (header[0], '{SHA1}%s' % token_hash) diff --git a/keystoneclient/tests/unit/auth/test_identity_v2.py b/keystoneclient/tests/unit/auth/test_identity_v2.py index 8ef87c430..a180135c9 100644 --- a/keystoneclient/tests/unit/auth/test_identity_v2.py +++ b/keystoneclient/tests/unit/auth/test_identity_v2.py @@ -84,7 +84,7 @@ def setUp(self): self.TEST_RESPONSE_DICT = { "access": { "token": { - "expires": "2020-01-01T00:00:10.000123Z", + "expires": "2999-01-01T00:00:10.000123Z", "id": self.TEST_TOKEN, "tenant": { "id": self.TEST_TENANT_ID diff --git a/keystoneclient/tests/unit/auth/test_identity_v3.py b/keystoneclient/tests/unit/auth/test_identity_v3.py index 534e99747..776551be0 100644 --- a/keystoneclient/tests/unit/auth/test_identity_v3.py +++ b/keystoneclient/tests/unit/auth/test_identity_v3.py @@ -129,7 +129,7 @@ def setUp(self): "password" ], - "expires_at": "2020-01-01T00:00:10.000123Z", + "expires_at": "2999-01-01T00:00:10.000123Z", "project": { "domain": { "id": self.TEST_DOMAIN_ID, diff --git a/keystoneclient/tests/unit/client_fixtures.py b/keystoneclient/tests/unit/client_fixtures.py index 6da259c9c..cc07726e7 100644 --- a/keystoneclient/tests/unit/client_fixtures.py +++ b/keystoneclient/tests/unit/client_fixtures.py @@ -399,7 +399,7 @@ def setUp(self): 'access': { 'token': { 'id': self.UUID_TOKEN_DEFAULT, - 'expires': '2020-01-01T00:00:10.000123Z', + 'expires': '2999-01-01T00:00:10.000123Z', 'tenant': { 'id': 'tenant_id1', 'name': 'tenant_name1', @@ -420,7 +420,7 @@ def setUp(self): 'access': { 'token': { 'id': self.VALID_DIABLO_TOKEN, - 'expires': '2020-01-01T00:00:10.000123Z', + 'expires': '2999-01-01T00:00:10.000123Z', 'tenantId': 'tenant_id1', }, 'user': { @@ -437,7 +437,7 @@ def setUp(self): 'access': { 'token': { 'id': self.UUID_TOKEN_UNSCOPED, - 'expires': '2020-01-01T00:00:10.000123Z', + 'expires': '2999-01-01T00:00:10.000123Z', }, 'user': { 'id': 'user_id1', @@ -453,7 +453,7 @@ def setUp(self): 'access': { 'token': { 'id': 'valid-token', - 'expires': '2020-01-01T00:00:10.000123Z', + 'expires': '2999-01-01T00:00:10.000123Z', 'tenant': { 'id': 'tenant_id1', 'name': 'tenant_name1', @@ -474,7 +474,7 @@ def setUp(self): 'token': { 'bind': {'kerberos': self.KERBEROS_BIND}, 'id': self.UUID_TOKEN_BIND, - 'expires': '2020-01-01T00:00:10.000123Z', + 'expires': '2999-01-01T00:00:10.000123Z', 'tenant': { 'id': 'tenant_id1', 'name': 'tenant_name1', @@ -496,7 +496,7 @@ def setUp(self): 'token': { 'bind': {'FOO': 'BAR'}, 'id': self.UUID_TOKEN_UNKNOWN_BIND, - 'expires': '2020-01-01T00:00:10.000123Z', + 'expires': '2999-01-01T00:00:10.000123Z', 'tenant': { 'id': 'tenant_id1', 'name': 'tenant_name1', @@ -515,7 +515,7 @@ def setUp(self): }, self.v3_UUID_TOKEN_DEFAULT: { 'token': { - 'expires_at': '2020-01-01T00:00:10.000123Z', + 'expires_at': '2999-01-01T00:00:10.000123Z', 'methods': ['password'], 'user': { 'id': 'user_id1', @@ -542,7 +542,7 @@ def setUp(self): }, self.v3_UUID_TOKEN_UNSCOPED: { 'token': { - 'expires_at': '2020-01-01T00:00:10.000123Z', + 'expires_at': '2999-01-01T00:00:10.000123Z', 'methods': ['password'], 'user': { 'id': 'user_id1', @@ -556,7 +556,7 @@ def setUp(self): }, self.v3_UUID_TOKEN_DOMAIN_SCOPED: { 'token': { - 'expires_at': '2020-01-01T00:00:10.000123Z', + 'expires_at': '2999-01-01T00:00:10.000123Z', 'methods': ['password'], 'user': { 'id': 'user_id1', @@ -581,7 +581,7 @@ def setUp(self): 'access': { 'token': { 'id': self.SIGNED_TOKEN_SCOPED_KEY, - 'expires': '2020-01-01T00:00:10.000123Z', + 'expires': '2999-01-01T00:00:10.000123Z', }, 'user': { 'id': 'user_id1', @@ -599,7 +599,7 @@ def setUp(self): 'access': { 'token': { 'id': self.SIGNED_TOKEN_UNSCOPED_KEY, - 'expires': '2020-01-01T00:00:10.000123Z', + 'expires': '2999-01-01T00:00:10.000123Z', }, 'user': { 'id': 'user_id1', @@ -613,7 +613,7 @@ def setUp(self): }, self.SIGNED_v3_TOKEN_SCOPED_KEY: { 'token': { - 'expires_at': '2020-01-01T00:00:10.000123Z', + 'expires_at': '2999-01-01T00:00:10.000123Z', 'methods': ['password'], 'user': { 'id': 'user_id1', @@ -642,7 +642,7 @@ def setUp(self): 'token': { 'bind': {'kerberos': self.KERBEROS_BIND}, 'methods': ['password'], - 'expires_at': '2020-01-01T00:00:10.000123Z', + 'expires_at': '2999-01-01T00:00:10.000123Z', 'user': { 'id': 'user_id1', 'name': 'user_name1', @@ -669,7 +669,7 @@ def setUp(self): self.v3_UUID_TOKEN_UNKNOWN_BIND: { 'token': { 'bind': {'FOO': 'BAR'}, - 'expires_at': '2020-01-01T00:00:10.000123Z', + 'expires_at': '2999-01-01T00:00:10.000123Z', 'methods': ['password'], 'user': { 'id': 'user_id1', diff --git a/keystoneclient/tests/unit/test_discovery.py b/keystoneclient/tests/unit/test_discovery.py index f9d5dbfac..6f85ea9c5 100644 --- a/keystoneclient/tests/unit/test_discovery.py +++ b/keystoneclient/tests/unit/test_discovery.py @@ -87,7 +87,7 @@ V2_AUTH_RESPONSE = jsonutils.dumps({ "access": { "token": { - "expires": "2020-01-01T00:00:10.000123Z", + "expires": "2999-01-01T00:00:10.000123Z", "id": 'fakeToken', "tenant": { "id": '1' @@ -113,7 +113,7 @@ "password" ], - "expires_at": "2020-01-01T00:00:10.000123Z", + "expires_at": "2999-01-01T00:00:10.000123Z", "project": { "domain": { "id": '1', diff --git a/keystoneclient/tests/unit/test_session.py b/keystoneclient/tests/unit/test_session.py index 27d224d0f..e0d9b2868 100644 --- a/keystoneclient/tests/unit/test_session.py +++ b/keystoneclient/tests/unit/test_session.py @@ -266,7 +266,7 @@ def test_binary_data_not_in_debug_output(self): # elements to make sure that all joins are appropriately # handled (any join of unicode and byte strings should # raise a UnicodeDecodeError) - session.post(unicode(self.TEST_URL), data=data) + session.post(six.text_type(self.TEST_URL), data=data) self.assertNotIn('my data', self.logger.output) diff --git a/keystoneclient/tests/unit/v2_0/test_auth.py b/keystoneclient/tests/unit/v2_0/test_auth.py index 64f2ea03d..b73352471 100644 --- a/keystoneclient/tests/unit/v2_0/test_auth.py +++ b/keystoneclient/tests/unit/v2_0/test_auth.py @@ -28,7 +28,7 @@ def setUp(self): self.TEST_RESPONSE_DICT = { "access": { "token": { - "expires": "2020-01-01T00:00:10.000123Z", + "expires": "2999-01-01T00:00:10.000123Z", "id": self.TEST_TOKEN, "tenant": { "id": self.TEST_TENANT_ID @@ -61,7 +61,7 @@ def test_authenticate_success_expired(self): # Build a new response TEST_TOKEN = "abcdef" - resp_b['access']['token']['expires'] = '2020-01-01T00:00:10.000123Z' + resp_b['access']['token']['expires'] = '2999-01-01T00:00:10.000123Z' resp_b['access']['token']['id'] = TEST_TOKEN # return expired first, and then the new response diff --git a/keystoneclient/tests/unit/v3/test_auth.py b/keystoneclient/tests/unit/v3/test_auth.py index 6549080f3..9f8797703 100644 --- a/keystoneclient/tests/unit/v3/test_auth.py +++ b/keystoneclient/tests/unit/v3/test_auth.py @@ -28,7 +28,7 @@ def setUp(self): "password" ], - "expires_at": "2020-01-01T00:00:10.000123Z", + "expires_at": "2999-01-01T00:00:10.000123Z", "project": { "domain": { "id": self.TEST_DOMAIN_ID,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor