For most OpenStack services the auth_token middleware component is the only direct interaction the service will have with keystone.
It is the piece of the service that validates the token a user presents and relays the stored information.
When testing a service we want to ensure that the middleware is working and presenting the correct information but not actually talking to keystone.
To do this keystonemiddleware provides a fixture that will stub out the interaction with keystone with an existing token.
If all that makes sense to you then at this point I think you mostly just want a code example and you can research anything else you need.
importjsonfromkeystoneauth1importfixtureasksa_fixturefromkeystonemiddlewareimportauth_tokenfromkeystonemiddlewareimportfixtureasksm_fixturefromoslo_contextimportcontextimporttesttoolsimportwebob.decimportwebtest@webob.dec.wsgifydefapp(request):"""A really simple WSGI application that returns some context info."""# don't try to figure out what AuthToken sets, just use a contextctxt=context.RequestContext.from_environ(request.environ,overwrite=False)# return some information from context so we can verify the testresp_body={'project_id':ctxt.tenant,'user_id':ctxt.user,'auth_token':ctxt.auth_token}returnwebob.Response(json.dumps(resp_body),status_code=200,content_type='application/json')classTests(testtools.TestCase):@staticmethoddefload_app():# load your wsgi app here, wrapped in auth_token middlewarereturnauth_token.AuthProtocol(app,{})@staticmethoddefcreate_token():"""Create a fake token that will be used in testing"""# Creates a project scoped V3 token, with 1 entry in the catalogtoken=ksa_fixture.V3Token()token.set_project_scope()s=token.add_service('identity')s.add_standard_endpoints(public='http://example.com/identity/public',admin='http://example.com/identity/admin',internal='http://example.com/identity/internal',region='RegionOne')returntokendefsetUp(self):super(Tests,self).setUp()# create our app. webtest gives us a callable interface to itself.app=webtest.TestApp(self.load_app())# stub out auth_token middlewareself.auth_token_fixture=self.useFixture(ksm_fixture.AuthTokenFixture())# create a token, mock it and save it and the ID for later useself.token=self.create_token()self.token_id=self.auth_token_fixture.add_token(self.token)deftest_auth_token_params(self):# make a request with the stubbed out token_id and unpack the responsebody=self.app.get('/',headers={'X-Auth-Token':self.token_id}).json# ensure that the information in our stubbed token made it to the appself.assertEqual(self.token_id,body['auth_token'])self.assertEqual(self.token.project_id,body['project_id'])self.assertEqual(self.token.user_id,body['user_id'])
The important pieces are:
Webtest is a useful testing library emulating a wsgi layer so you can make requests.
ksa_fixture.V3Token is a helper that builds the correct raw data layout for a V3 token.
AuthTokenFixture is doing the mocking and returning the token data.
RequestContext.from_environ takes the information auth_token sets into headers and loads it into the standard place in a RequestContext.