| diff --git a/keystonemiddleware/s3_token.py b/keystonemiddleware/s3_token.py |
| index d56482f..3fe13f9 100644 |
| --- a/keystonemiddleware/s3_token.py |
| +++ b/keystonemiddleware/s3_token.py |
| @@ -35,6 +35,7 @@ import logging |
| import webob |
| |
| from oslo_serialization import jsonutils |
| +from oslo_utils import strutils |
| import requests |
| import six |
| from six.moves import urllib |
| @@ -116,7 +117,7 @@ class S3Token(object): |
| auth_port) |
| |
| # SSL |
| - insecure = conf.get('insecure', False) |
| + insecure = strutils.bool_from_string(conf.get('insecure', False)) |
| cert_file = conf.get('certfile') |
| key_file = conf.get('keyfile') |
| |
| diff --git a/keystonemiddleware/tests/test_s3_token_middleware.py b/keystonemiddleware/tests/test_s3_token_middleware.py |
| index fdadb76..4b910a6 100644 |
| --- a/keystonemiddleware/tests/test_s3_token_middleware.py |
| +++ b/keystonemiddleware/tests/test_s3_token_middleware.py |
| @@ -124,7 +124,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): |
| @mock.patch.object(requests, 'post') |
| def test_insecure(self, MOCK_REQUEST): |
| self.middleware = ( |
| - s3_token.filter_factory({'insecure': True})(FakeApp())) |
| + s3_token.filter_factory({'insecure': 'True'})(FakeApp())) |
| |
| text_return_value = jsonutils.dumps(GOOD_RESPONSE) |
| if six.PY3: |
| @@ -142,6 +142,28 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): |
| mock_args, mock_kwargs = MOCK_REQUEST.call_args |
| self.assertIs(mock_kwargs['verify'], False) |
| |
| + def test_insecure_option(self): |
| + # insecure is passed as a string. |
| + |
| + # Some non-secure values. |
| + true_values = ['true', 'True', '1', 'yes'] |
| + for val in true_values: |
| + config = {'insecure': val, 'certfile': 'false_ind'} |
| + middleware = s3_token.filter_factory(config)(FakeApp()) |
| + self.assertIs(False, middleware._verify) |
| + |
| + # Some "secure" values, including unexpected value. |
| + false_values = ['false', 'False', '0', 'no', 'someweirdvalue'] |
| + for val in false_values: |
| + config = {'insecure': val, 'certfile': 'false_ind'} |
| + middleware = s3_token.filter_factory(config)(FakeApp()) |
| + self.assertEqual('false_ind', middleware._verify) |
| + |
| + # Default is secure. |
| + config = {'certfile': 'false_ind'} |
| + middleware = s3_token.filter_factory(config)(FakeApp()) |
| + self.assertIs('false_ind', middleware._verify) |
| + |
| |
| class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase): |
| def setUp(self): |