Update server config handling to parse auth plugin settings

This change updates server configuration handling, allowing the server to parse and store configuration settings for authentication plugins. Unit tests have been added to cover the new functionality.
2018-03-19 16:52:34 -04:00 · 2018-03-19 16:52:34 -04:00 · e215ddbe7b
parent 44eb5f0aff
commit e215ddbe7b
2 changed files with 70 additions and 0 deletions
--- a/kmip/services/server/config.py
+++ b/kmip/services/server/config.py
@ -37,6 +37,7 @@ class KmipServerConfig(object):
        self.settings['enable_tls_client_auth'] = True
        self.settings['tls_cipher_suites'] = []
        self.settings['logging_level'] = logging.INFO
+        self.settings['auth_plugins'] = []

        self._expected_settings = [
            'hostname',
@ -121,6 +122,12 @@ class KmipServerConfig(object):
        parser = configparser.SafeConfigParser()
        parser.read(path)
        self._parse_settings(parser)
+        self.parse_auth_settings(parser)
+
+    def parse_auth_settings(self, parser):
+        sections = [x for x in parser.sections() if x.startswith("auth:")]
+        configs = [(x, dict(parser.items(x))) for x in sections]
+        self.settings['auth_plugins'] = configs

    def _parse_settings(self, parser):
        if not parser.has_section('server'):
--- a/kmip/tests/unit/services/server/test_config.py
+++ b/kmip/tests/unit/services/server/test_config.py
@ -16,6 +16,7 @@
 import logging
 import mock

+import six
 from six.moves import configparser

 import testtools
@ -123,6 +124,7 @@ class TestKmipServerConfig(testtools.TestCase):
        c = config.KmipServerConfig()
        c._logger = mock.MagicMock()
        c._parse_settings = mock.MagicMock()
+        c.parse_auth_settings = mock.MagicMock()

        # Test that the right calls are made when correctly processing the
        # configuration file.
@ -138,6 +140,7 @@ class TestKmipServerConfig(testtools.TestCase):
                )
                parser_mock.assert_called_with("/test/path/server.conf")
                self.assertTrue(c._parse_settings.called)
+                self.assertTrue(c.parse_auth_settings.called)

        # Test that a ConfigurationError is generated when the path is invalid.
        c._logger.reset_mock()
@ -151,6 +154,66 @@ class TestKmipServerConfig(testtools.TestCase):
                *args
            )

+    def test_parse_auth_settings(self):
+        """
+        Test that server authentication plugin settings are parsed correctly.
+        """
+        parser = configparser.SafeConfigParser()
+        parser.add_section('server')
+        parser.add_section('auth:slugs')
+        parser.set('auth:slugs', 'enabled', 'True')
+        parser.set('auth:slugs', 'url', 'http://127.0.0.1:8080/slugs/')
+        parser.add_section('auth:ldap')
+        parser.set('auth:ldap', 'enabled', 'False')
+        parser.set('auth:ldap', 'url', 'http://127.0.0.1:8080/ldap/')
+
+        c = config.KmipServerConfig()
+        c._logger = mock.MagicMock()
+
+        self.assertEqual([], c.settings['auth_plugins'])
+
+        c.parse_auth_settings(parser)
+        configs = c.settings['auth_plugins']
+
+        self.assertIsInstance(configs, list)
+        self.assertEqual(2, len(configs))
+
+        for c in configs:
+            self.assertIsInstance(c, tuple)
+            self.assertEqual(2, len(c))
+            self.assertIn(c[0], ['auth:slugs', 'auth:ldap'])
+            self.assertIsInstance(c[1], dict)
+
+            if c[0] == 'auth:slugs':
+                self.assertIn('enabled', six.iterkeys(c[1]))
+                self.assertEqual('True', c[1]['enabled'])
+                self.assertIn('url', six.iterkeys(c[1]))
+                self.assertEqual('http://127.0.0.1:8080/slugs/', c[1]['url'])
+            elif c[0] == 'auth:ldap':
+                self.assertIn('enabled', six.iterkeys(c[1]))
+                self.assertEqual('False', c[1]['enabled'])
+                self.assertIn('url', six.iterkeys(c[1]))
+                self.assertEqual('http://127.0.0.1:8080/ldap/', c[1]['url'])
+
+    def test_parse_auth_settings_no_config(self):
+        """
+        Test that server authentication plugin settings are parsed correctly,
+        even when not specified.
+        """
+        parser = configparser.SafeConfigParser()
+        parser.add_section('server')
+
+        c = config.KmipServerConfig()
+        c._logger = mock.MagicMock()
+
+        self.assertEqual([], c.settings['auth_plugins'])
+
+        c.parse_auth_settings(parser)
+        configs = c.settings['auth_plugins']
+
+        self.assertIsInstance(configs, list)
+        self.assertEqual(0, len(configs))
+
    def test_parse_settings(self):
        """
        Test that the right methods are called and the right errors generated