diff --git a/cloudkitty/api/app.py b/cloudkitty/api/app.py index a56ad8db..f843d3dd 100644 --- a/cloudkitty/api/app.py +++ b/cloudkitty/api/app.py @@ -26,7 +26,6 @@ import pecan from cloudkitty.api import config as api_config from cloudkitty.api import hooks -from cloudkitty.api import middleware from cloudkitty import rpc from cloudkitty import storage @@ -94,17 +93,20 @@ def setup_app(pecan_config=None, extra_hooks=None): guess_content_type_from_ext=False ) - if CONF.auth_strategy == 'keystone': - return middleware.AuthTokenMiddleware(app, dict(CONF), - app_conf.app.acl_public_routes) - else: - return app + return app -def setup_wsgi(): - cfg_file = cfg.CONF.api_paste_config - if not os.path.exists(cfg_file): - raise Exception('api_paste_config file not found') +def load_app(): + cfg_file = None + cfg_path = cfg.CONF.api_paste_config + if not os.path.isabs(cfg_path): + cfg_file = CONF.find_file(cfg_path) + elif os.path.exists(cfg_path): + cfg_file = cfg_path + + if not cfg_file: + raise cfg.ConfigFilesNotFoundError([cfg.CONF.api_paste_config]) + LOG.info("Full WSGI config used: %s" % cfg_file) return deploy.loadapp("config:" + cfg_file) @@ -126,7 +128,7 @@ def build_server(): server_cls = simple_server.WSGIServer handler_cls = simple_server.WSGIRequestHandler - app = setup_app() + app = load_app() srv = simple_server.make_server( host, @@ -136,3 +138,7 @@ def build_server(): handler_cls) return srv + + +def app_factory(global_config, **local_conf): + return setup_app() diff --git a/cloudkitty/api/middleware.py b/cloudkitty/api/middleware.py index 48045b15..1f63c536 100644 --- a/cloudkitty/api/middleware.py +++ b/cloudkitty/api/middleware.py @@ -36,3 +36,12 @@ class AuthTokenMiddleware(auth_token.AuthProtocol): return self._app(env, start_response) return super(AuthTokenMiddleware, self).__call__(env, start_response) + + @classmethod + def factory(cls, global_config, **local_conf): + public_routes = local_conf.get('acl_public_routes', '') + public_api_routes = [path.strip() for path in public_routes.split(',')] + + def _factory(app): + return cls(app, global_config, public_api_routes=public_api_routes) + return _factory \ No newline at end of file diff --git a/contrib/cloudkitty.spec.in b/contrib/cloudkitty.spec.in index 0befce2c..496eba52 100644 --- a/contrib/cloudkitty.spec.in +++ b/contrib/cloudkitty.spec.in @@ -71,6 +71,7 @@ mkdir -p %{buildroot}/etc/cloudkitty/ install -p -D -m 640 etc/cloudkitty/cloudkitty.conf.sample %{buildroot}/%{_sysconfdir}/cloudkitty/cloudkitty.conf install -p -D -m 640 etc/cloudkitty/policy.json %{buildroot}/%{_sysconfdir}/cloudkitty/policy.json +install -p -D -m 640 etc/cloudkitty/api_paste.ini %{buildroot}/%{_sysconfdir}/cloudkitty/api_paste.ini %description OpenStack Rating-as-a-Service @@ -114,6 +115,7 @@ Components common to all CloudKitty services %config(noreplace) %{_sysconfdir}/logrotate.d/cloudkitty %config(noreplace) %attr(-, root, cloudkitty) %{_sysconfdir}/cloudkitty/cloudkitty.conf %config(noreplace) %attr(-, root, cloudkitty) %{_sysconfdir}/cloudkitty/policy.json +%config(noreplace) %attr(-, root, cloudkitty) %{_sysconfdir}/cloudkitty/api_paste.ini %pre common getent group cloudkitty >/dev/null || groupadd -r cloudkitty diff --git a/devstack/plugin.sh b/devstack/plugin.sh index 3bd8e586..80a89822 100755 --- a/devstack/plugin.sh +++ b/devstack/plugin.sh @@ -99,6 +99,7 @@ function configure_cloudkitty { cp $CLOUDKITTY_DIR$CLOUDKITTY_CONF_DIR/policy.json $CLOUDKITTY_CONF_DIR cp $CLOUDKITTY_DIR$CLOUDKITTY_CONF.sample $CLOUDKITTY_CONF + cp $CLOUDKITTY_DIR$CLOUDKITTY_CONF_DIR/api_paste.ini $CLOUDKITTY_CONF_DIR iniset_rpc_backend cloudkitty $CLOUDKITTY_CONF DEFAULT iniset $CLOUDKITTY_CONF DEFAULT notification_topics 'notifications' diff --git a/etc/cloudkitty/api_paste.ini b/etc/cloudkitty/api_paste.ini new file mode 100644 index 00000000..13a724a1 --- /dev/null +++ b/etc/cloudkitty/api_paste.ini @@ -0,0 +1,12 @@ +[pipeline:main] +pipeline = request_id authtoken ck_api_v1 + +[app:ck_api_v1] +paste.app_factory = cloudkitty.api.app:app_factory + +[filter:authtoken] +acl_public_routes = /, /v1 +paste.filter_factory = cloudkitty.api.middleware:AuthTokenMiddleware.factory + +[filter:request_id] +paste.filter_factory = oslo_middleware:RequestId.factory