@@ -772,3 +772,71 @@ def test_200_config_flags_precedence(self):
772772 self .assertIn ("group_tree_dn = ou=groups" , result ['stdout' ],
773773 "user_tree_dn value is expected to be present "
774774 "and set to dc=test,dc=com in the config file" )
775+
776+
777+ class KeystoneProxyV2Test (BaseKeystoneTest ):
778+
779+ @classmethod
780+ def setUpClass (cls ):
781+ """Run class setup for running Keystone proxy v2 tests."""
782+ super (KeystoneProxyV2Test , cls ).setUpClass ()
783+
784+ """Test keystone proxy v2."""
785+ def test_proxy_v2 (self ):
786+ """Test keystone proxy v2."""
787+
788+ with self .config_change ({
789+ 'haproxy-enable-proxyv2' : False
790+ }, {
791+ 'haproxy-enable-proxyv2' : True
792+ }):
793+ logging .info ("Waiting for keystone to settle" )
794+ zaza .model .wait_for_application_states ()
795+ zaza .model .block_until_all_units_idle ()
796+ logging .info ("Keystone units settled" )
797+
798+ # Test basic keystone commands with proxyv2 enabled
799+ self ._test_keystone_basic_commands ()
800+
801+ def _test_keystone_basic_commands (self ):
802+ """Test basic keystone commands to verify proxyv2 functionality."""
803+ logging .info ("Testing basic keystone commands with proxyv2 enabled" )
804+
805+ # Get overcloud auth credentials
806+ overcloud_auth = openstack_utils .get_overcloud_auth ()
807+ keystone_session = openstack_utils .get_keystone_session (overcloud_auth )
808+ keystone_client = openstack_utils .get_keystone_session_client (
809+ keystone_session )
810+
811+ # Test 1: Get token
812+ logging .info ("Testing token retrieval" )
813+ token = keystone_session .get_token ()
814+ self .assertIsNotNone (token , "Token should not be None" )
815+ logging .info ("Token retrieved successfully: %s" , token [:20 ] + "..." )
816+
817+ # Test 2: Validate token data and service catalog
818+ logging .info ("Testing token data and service catalog" )
819+ token_data = keystone_client .tokens .get_token_data (token )
820+ self .assertIn ('token' , token_data , "Token data should contain 'token' key" )
821+
822+ # Test 3: Get service catalog
823+ catalog = token_data .get ('token' , {}).get ('catalog' , None )
824+ self .assertIsNotNone (catalog , "Service catalog should not be None" )
825+ logging .info ("Service catalog retrieved with %d services" , len (catalog ))
826+
827+ # Test 4: Verify identity service is in catalog
828+ identity_services = [s for s in catalog if s .get ('type' ) == 'identity' ]
829+ self .assertGreater (len (identity_services ), 0 ,
830+ "Identity service should be in catalog" )
831+ logging .info ("Identity service found in catalog" )
832+
833+ # Test 5: Test token validation
834+ logging .info ("Testing token validation" )
835+ try :
836+ validated_token = keystone_client .tokens .validate (token )
837+ self .assertIsNotNone (validated_token , "Token validation should succeed" )
838+ logging .info ("Token validation successful" )
839+ except Exception as e :
840+ logging .warning ("Token validation failed: %s" , e )
841+
842+ logging .info ("Basic keystone commands test completed successfully" )
0 commit comments