From 55f40d41c5f7f8b52979f4d266f2464a8a85ef75 Mon Sep 17 00:00:00 2001 From: Tzu-Mainn Chen Date: Fri, 20 Dec 2024 13:52:43 -0500 Subject: [PATCH] Update console auth token API to allow user to pass in token ttl --- .../api/controllers/v1/console_auth_token.py | 8 ++++- esi_leap/common/exception.py | 4 +++ .../controllers/v1/test_console_auth_token.py | 32 ++++++++++++++++++- 3 files changed, 42 insertions(+), 2 deletions(-) diff --git a/esi_leap/api/controllers/v1/console_auth_token.py b/esi_leap/api/controllers/v1/console_auth_token.py index ea3a2d5..153e90f 100644 --- a/esi_leap/api/controllers/v1/console_auth_token.py +++ b/esi_leap/api/controllers/v1/console_auth_token.py @@ -44,6 +44,12 @@ class ConsoleAuthTokensController(rest.RestController): def post(self, new_console_auth_token): context = pecan.request.context node_uuid_or_name = new_console_auth_token["node_uuid_or_name"] + token_ttl = int( + new_console_auth_token.get("token_ttl", CONF.serialconsoleproxy.token_ttl) + ) + + if token_ttl <= 0: + raise exception.InvalidTokenTTL(ttl=token_ttl) # get node client = ironic.get_ironic_client(context) @@ -57,7 +63,7 @@ def post(self, new_console_auth_token): # create and authorize auth token cat = cat_obj.ConsoleAuthToken(node_uuid=node.uuid) - token = cat.authorize(CONF.serialconsoleproxy.token_ttl) + token = cat.authorize(token_ttl) cat_dict = { "node_uuid": cat.node_uuid, "token": token, diff --git a/esi_leap/common/exception.py b/esi_leap/common/exception.py index 992048a..e7de989 100644 --- a/esi_leap/common/exception.py +++ b/esi_leap/common/exception.py @@ -210,5 +210,9 @@ class InvalidToken(ESILeapException): _msg_fmt = _("Invalid token") +class InvalidTokenTTL(ESILeapException): + _msg_fmt = _("Token TTL %(ttl)s invalid") + + class UnsupportedConsoleType(ESILeapException): msg_fmt = _("Unsupported console type %(console_type)s") diff --git a/esi_leap/tests/api/controllers/v1/test_console_auth_token.py b/esi_leap/tests/api/controllers/v1/test_console_auth_token.py index e572396..023d0f3 100644 --- a/esi_leap/tests/api/controllers/v1/test_console_auth_token.py +++ b/esi_leap/tests/api/controllers/v1/test_console_auth_token.py @@ -30,14 +30,44 @@ def setUp(self): def test_post(self, mock_client, mock_authorize): mock_authorize.return_value = "fake-token" + data = {"node_uuid_or_name": self.node_uuid, "token_ttl": "10"} + + request = self.post_json("/console_auth_tokens", data) + + mock_client.assert_called_once() + mock_authorize.assert_called_once_with(mock.ANY, 10) + self.assertEqual(http_client.CREATED, request.status_int) + + @mock.patch( + "esi_leap.objects.console_auth_token.ConsoleAuthToken.authorize", autospec=True + ) + @mock.patch.object(ironic, "get_ironic_client", autospec=True) + def test_post_default_ttl(self, mock_client, mock_authorize): + mock_authorize.return_value = "fake-token" + data = {"node_uuid_or_name": self.node_uuid} request = self.post_json("/console_auth_tokens", data) mock_client.assert_called_once() - mock_authorize.assert_called_once() + mock_authorize.assert_called_once_with(mock.ANY, 600) self.assertEqual(http_client.CREATED, request.status_int) + @mock.patch( + "esi_leap.objects.console_auth_token.ConsoleAuthToken.authorize", autospec=True + ) + @mock.patch.object(ironic, "get_ironic_client", autospec=True) + def test_post_invalid_ttl(self, mock_client, mock_authorize): + mock_authorize.return_value = "fake-token" + + data = {"node_uuid_or_name": self.node_uuid, "token_ttl": "-1"} + + request = self.post_json("/console_auth_tokens", data, expect_errors=True) + + mock_client.assert_not_called() + mock_authorize.assert_not_called() + self.assertEqual(http_client.INTERNAL_SERVER_ERROR, request.status_int) + @mock.patch( "esi_leap.objects.console_auth_token.ConsoleAuthToken.authorize", autospec=True )