Merge pull request #399 from OpenKMIP/feat/update-server-config

Update server config handling to parse auth plugin settings
2025-04-08 19:25:06 +02:00 · 2018-03-19 17:24:15 -04:00 · 2018-03-19 17:24:15 -04:00 · 742b24cef6
commit 742b24cef6
parent 44eb5f0aff e215ddbe7b
2 changed files with 70 additions and 0 deletions
--- a/kmip/services/server/config.py
+++ b/kmip/services/server/config.py
@ -37,6 +37,7 @@ class KmipServerConfig(object):
        self.settings['enable_tls_client_auth'] = True
        self.settings['tls_cipher_suites'] = []
        self.settings['logging_level'] = logging.INFO
+        self.settings['auth_plugins'] = []

        self._expected_settings = [
            'hostname',
@ -121,6 +122,12 @@ class KmipServerConfig(object):
        parser = configparser.SafeConfigParser()
        parser.read(path)
        self._parse_settings(parser)
+        self.parse_auth_settings(parser)
+
+    def parse_auth_settings(self, parser):
+        sections = [x for x in parser.sections() if x.startswith("auth:")]
+        configs = [(x, dict(parser.items(x))) for x in sections]
+        self.settings['auth_plugins'] = configs

    def _parse_settings(self, parser):
        if not parser.has_section('server'):
--- a/kmip/tests/unit/services/server/test_config.py
+++ b/kmip/tests/unit/services/server/test_config.py
@ -16,6 +16,7 @@
 import logging
 import mock

+import six
 from six.moves import configparser

 import testtools
@ -123,6 +124,7 @@ class TestKmipServerConfig(testtools.TestCase):
        c = config.KmipServerConfig()
        c._logger = mock.MagicMock()
        c._parse_settings = mock.MagicMock()
+        c.parse_auth_settings = mock.MagicMock()

        # Test that the right calls are made when correctly processing the
        # configuration file.
@ -138,6 +140,7 @@ class TestKmipServerConfig(testtools.TestCase):
                )
                parser_mock.assert_called_with("/test/path/server.conf")
                self.assertTrue(c._parse_settings.called)
+                self.assertTrue(c.parse_auth_settings.called)

        # Test that a ConfigurationError is generated when the path is invalid.
        c._logger.reset_mock()
@ -151,6 +154,66 @@ class TestKmipServerConfig(testtools.TestCase):
                *args
            )

+    def test_parse_auth_settings(self):
+        """
+        Test that server authentication plugin settings are parsed correctly.
+        """
+        parser = configparser.SafeConfigParser()
+        parser.add_section('server')
+        parser.add_section('auth:slugs')
+        parser.set('auth:slugs', 'enabled', 'True')
+        parser.set('auth:slugs', 'url', 'http://127.0.0.1:8080/slugs/')
+        parser.add_section('auth:ldap')
+        parser.set('auth:ldap', 'enabled', 'False')
+        parser.set('auth:ldap', 'url', 'http://127.0.0.1:8080/ldap/')
+
+        c = config.KmipServerConfig()
+        c._logger = mock.MagicMock()
+
+        self.assertEqual([], c.settings['auth_plugins'])
+
+        c.parse_auth_settings(parser)
+        configs = c.settings['auth_plugins']
+
+        self.assertIsInstance(configs, list)
+        self.assertEqual(2, len(configs))
+
+        for c in configs:
+            self.assertIsInstance(c, tuple)
+            self.assertEqual(2, len(c))
+            self.assertIn(c[0], ['auth:slugs', 'auth:ldap'])
+            self.assertIsInstance(c[1], dict)
+
+            if c[0] == 'auth:slugs':
+                self.assertIn('enabled', six.iterkeys(c[1]))
+                self.assertEqual('True', c[1]['enabled'])
+                self.assertIn('url', six.iterkeys(c[1]))
+                self.assertEqual('http://127.0.0.1:8080/slugs/', c[1]['url'])
+            elif c[0] == 'auth:ldap':
+                self.assertIn('enabled', six.iterkeys(c[1]))
+                self.assertEqual('False', c[1]['enabled'])
+                self.assertIn('url', six.iterkeys(c[1]))
+                self.assertEqual('http://127.0.0.1:8080/ldap/', c[1]['url'])
+
+    def test_parse_auth_settings_no_config(self):
+        """
+        Test that server authentication plugin settings are parsed correctly,
+        even when not specified.
+        """
+        parser = configparser.SafeConfigParser()
+        parser.add_section('server')
+
+        c = config.KmipServerConfig()
+        c._logger = mock.MagicMock()
+
+        self.assertEqual([], c.settings['auth_plugins'])
+
+        c.parse_auth_settings(parser)
+        configs = c.settings['auth_plugins']
+
+        self.assertIsInstance(configs, list)
+        self.assertEqual(0, len(configs))
+
    def test_parse_settings(self):
        """
        Test that the right methods are called and the right errors generated