Added CORS support to CloudKitty

This adds the CORS support middleware to CloudKitty, allowing a deployer to optionally configure rules under which a javascript client may break the single-origin policy and access the API directly. For CloudKitty, we used the same gabbi fixtures and harnesses created for ceilometer. A custom gabbi-paste.ini was created so that the API tests run against the full wsgi application, and appropriate fixtures and tests were created to correctly simulate the configuration state. Hooks to ensure that cloudkitty's required HTTP headers are represented both in the runtime defaults, and in the automatically generated config file, have also been added. OpenStack CrossProject Spec: http://specs.openstack.org/openstack/openstack-specs/specs/cors-support.html Oslo_Middleware Docs: http://docs.openstack.org/developer/oslo.middleware/cors.html OpenStack Cloud Admin Guide: http://docs.openstack.org/admin-guide-cloud/cross_project_cors.html DocImpact: Add link to CORS configuration in admin cloud guide. Change-Id: I3ef96ca6c78c5e369fb09425871d0a57bf15ad8a
2015-12-09 16:41:11 -08:00
parent 670459e236
commit 98a13bc212
9 changed files with 199 additions and 2 deletions
--- a/cloudkitty/common/defaults.py
+++ b/cloudkitty/common/defaults.py
@@ -0,0 +1,46 @@
+# Copyright 2016 Hewlett Packard Enterprise Development Corporation, LP
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+
+from oslo_config import cfg
+from oslo_middleware import cors
+
+
+def set_config_defaults():
+    """This method updates all configuration default values."""
+    set_cors_middleware_defaults()
+
+
+def set_cors_middleware_defaults():
+    """Update default configuration options for oslo.middleware."""
+    # CORS Defaults
+    # TODO(krotscheck): Update with https://review.openstack.org/#/c/285368/
+    cfg.set_defaults(cors.CORS_OPTS,
+                     allow_headers=['X-Auth-Token',
+                                    'X-Identity-Status',
+                                    'X-Roles',
+                                    'X-Service-Catalog',
+                                    'X-User-Id',
+                                    'X-Tenant-Id',
+                                    'X-OpenStack-Request-ID'],
+                     expose_headers=['X-Auth-Token',
+                                     'X-Subject-Token',
+                                     'X-Service-Token',
+                                     'X-OpenStack-Request-ID'],
+                     allow_methods=['GET',
+                                    'PUT',
+                                    'POST',
+                                    'DELETE',
+                                    'PATCH']
+                     )