Support http_proxy_to_wsgi for mitaka and above

Add http_proxy_to_wsgi to template file and related variables for mitaka and above Please refer to https://git.openstack.org/cgit/openstack/barbican/commit/?id=c7e824e0e735aede029cd82f1b3a31009ac69fba Change-Id: I224b949b34379e3dab84839bfc12f632ef2f4a1e Related-bug: #1590608
4 years ago · 9f336379c8
3 changed files with 33 additions and 23 deletions
--- a/src/lib/charm/openstack/barbican.py
+++ b/src/lib/charm/openstack/barbican.py
@ -58,26 +58,26 @@ def validate_keystone_api_version(config):
@charms_openstack.adapters.config_property
 def barbican_api_keystone_pipeline(config):
    if config.keystone_api_version == "2":
-        return 'cors keystone_authtoken context apiapp'
+        return 'cors http_proxy_to_wsgi keystone_authtoken context apiapp'
    else:
-        return 'cors keystone_v3_authtoken context apiapp'
+        return 'cors http_proxy_to_wsgi keystone_v3_authtoken context apiapp'


@charms_openstack.adapters.config_property
 def barbican_api_pipeline(config):
    return {
-        "2": "cors keystone_authtoken context apiapp",
-        "3": "cors keystone_v3_authtoken context apiapp",
-        "none": "cors unauthenticated-context apiapp"
+        "2": "cors http_proxy_to_wsgi keystone_authtoken context apiapp",
+        "3": "cors http_proxy_to_wsgi keystone_v3_authtoken context apiapp",
+        "none": "cors http_proxy_to_wsgi unauthenticated-context apiapp"
    }[config.keystone_api_version]


@charms_openstack.adapters.config_property
 def barbican_api_keystone_audit_pipeline(config):
    if config.keystone_api_version == "2":
-        return 'keystone_authtoken context audit apiapp'
+        return 'http_proxy_to_wsgi keystone_authtoken context audit apiapp'
    else:
-        return 'keystone_v3_authtoken context audit apiapp'
+        return 'http_proxy_to_wsgi keystone_v3_authtoken context audit apiapp'


 # Adapt the barbican-hsm-plugin relation for use in rendering the config
--- a/src/templates/mitaka/barbican-api-paste.ini
+++ b/src/templates/mitaka/barbican-api-paste.ini
@ -5,7 +5,7 @@ use = egg:Paste#urlmap

 # Use this pipeline for Barbican API - versions no authentication
 [pipeline:barbican_version]
-pipeline = cors versionapp
+pipeline = cors http_proxy_to_wsgi versionapp

 # Use this pipeline for Barbican API - DEFAULT no authentication
 [pipeline:barbican_api]
@ -15,7 +15,7 @@ pipeline = {{ options.barbican_api_pipeline }}
 #Use this pipeline to activate a repoze.profile middleware and HTTP port,
 #  to provide profiling information for the REST API processing.
 [pipeline:barbican-profile]
-pipeline = cors unauthenticated-context egg:Paste#cgitb egg:Paste#httpexceptions profile apiapp
+pipeline = cors http_proxy_to_wsgi unauthenticated-context egg:Paste#cgitb egg:Paste#httpexceptions profile apiapp

 #Use this pipeline for keystone auth
 [pipeline:barbican-api-keystone]
@ -87,3 +87,6 @@ unwind = false
 [filter:cors]
 paste.filter_factory = oslo_middleware.cors:filter_factory
 oslo_config_project = barbican
+
+[filter:http_proxy_to_wsgi]
+paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
--- a/unit_tests/test_lib_charm_openstack_barbican.py
+++ b/unit_tests/test_lib_charm_openstack_barbican.py
@ -43,32 +43,39 @@ class TestCustomProperties(Helper):
    def test_barbican_api_keystone_pipeline(self):
        config = mock.MagicMock()
        config.keystone_api_version = '2'
-        self.assertEqual(barbican.barbican_api_keystone_pipeline(config),
-                         'cors keystone_authtoken context apiapp')
+        self.assertEqual(
+            barbican.barbican_api_keystone_pipeline(config),
+            'cors http_proxy_to_wsgi keystone_authtoken context apiapp')
        config.keystone_api_version = ''
-        self.assertEqual(barbican.barbican_api_keystone_pipeline(config),
-                         'cors keystone_v3_authtoken context apiapp')
+        self.assertEqual(
+            barbican.barbican_api_keystone_pipeline(config),
+            'cors http_proxy_to_wsgi keystone_v3_authtoken context apiapp')

    def test_barbican_api_pipeline(self):
        config = mock.MagicMock()
        config.keystone_api_version = '2'
-        self.assertEqual(barbican.barbican_api_pipeline(config),
-                         'cors keystone_authtoken context apiapp')
+        self.assertEqual(
+            barbican.barbican_api_pipeline(config),
+            'cors http_proxy_to_wsgi keystone_authtoken context apiapp')
        config.keystone_api_version = '3'
-        self.assertEqual(barbican.barbican_api_pipeline(config),
-                         'cors keystone_v3_authtoken context apiapp')
+        self.assertEqual(
+            barbican.barbican_api_pipeline(config),
+            'cors http_proxy_to_wsgi keystone_v3_authtoken context apiapp')
        config.keystone_api_version = 'none'
-        self.assertEqual(barbican.barbican_api_pipeline(config),
-                         'cors unauthenticated-context apiapp')
+        self.assertEqual(
+            barbican.barbican_api_pipeline(config),
+            'cors http_proxy_to_wsgi unauthenticated-context apiapp')

    def test_barbican_api_keystone_audit_pipeline(self):
        config = mock.MagicMock()
        config.keystone_api_version = '2'
-        self.assertEqual(barbican.barbican_api_keystone_audit_pipeline(config),
-                         'keystone_authtoken context audit apiapp')
+        self.assertEqual(
+            barbican.barbican_api_keystone_audit_pipeline(config),
+            'http_proxy_to_wsgi keystone_authtoken context audit apiapp')
        config.keystone_api_version = ''
-        self.assertEqual(barbican.barbican_api_keystone_audit_pipeline(config),
-                         'keystone_v3_authtoken context audit apiapp')
+        self.assertEqual(
+            barbican.barbican_api_keystone_audit_pipeline(config),
+            'http_proxy_to_wsgi keystone_v3_authtoken context audit apiapp')


 class TestHSMProperties(Helper):