Do some cleanup on Glare

Some piece of code is not needed anymore or already have
implemented in oslo. So we can remove it from Glare codebase.

Change-Id: I80cd87723b7c12a29f34bbbb62e5e2f437e5ab47

etc/glare-paste.ini

@@ -1,10 +1,10 @@
 # Use this pipeline for no auth - DEFAULT
 [pipeline:glare-api]
-pipeline = cors faultwrapper healthcheck versionnegotiation osprofiler unauthenticated-context glarev1api
+pipeline = cors faultwrapper healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context glarev1api
 
 # Use this pipeline for keystone auth
 [pipeline:glare-api-keystone]
-pipeline = cors faultwrapper healthcheck versionnegotiation osprofiler authtoken context glarev1api
+pipeline = cors faultwrapper healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context glarev1api
 
 [app:glarev1api]
 paste.app_factory = glare.api.v1.router:API.factory
@@ -21,10 +21,10 @@ paste.filter_factory = glare.api.middleware.version_negotiation:GlareVersionNego
 paste.filter_factory = glare.api.middleware.fault:GlareFaultWrapperFilter.factory
 
 [filter:context]
-paste.filter_factory = glare.api.middleware.glare_context:ContextMiddleware.factory
+paste.filter_factory = glare.api.middleware.context:ContextMiddleware.factory
 
 [filter:unauthenticated-context]
-paste.filter_factory = glare.api.middleware.glare_context:UnauthenticatedContextMiddleware.factory
+paste.filter_factory = glare.api.middleware.context:UnauthenticatedContextMiddleware.factory
 
 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory
@@ -35,4 +35,7 @@ paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
 
 [filter:cors]
 use = egg:oslo.middleware#cors
-oslo_config_project = glare
+oslo_config_project = glare
+
+[filter:http_proxy_to_wsgi]
+paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory

etc/oslo-config-generator/glare.conf

@@ -7,3 +7,4 @@ namespace = oslo.db.concurrency
 namespace = keystonemiddleware.auth_token
 namespace = oslo.log
 namespace = oslo.middleware.cors
+namespace = oslo.middleware.http_proxy_to_wsgi

glare/api/middleware/context.py

@@ -18,11 +18,11 @@ import webob
 from oslo_config import cfg
 from oslo_context import context
 from oslo_log import log as logging
+from oslo_middleware import base as base_middleware
 from oslo_middleware import request_id
 from oslo_serialization import jsonutils
 
 from glare.common import policy
-from glare.common import wsgi
 from glare.i18n import _
 
 context_opts = [
@@ -60,10 +60,6 @@ class RequestContext(context.RequestContext):
         })
         return d
 
-    @classmethod
-    def from_dict(cls, values):
-        return cls(**values)
-
     def to_policy_values(self):
         values = super(RequestContext, self).to_policy_values()
         values['is_admin'] = self.is_admin
@@ -71,12 +67,10 @@ class RequestContext(context.RequestContext):
         return values
 
 
-class ContextMiddleware(wsgi.Middleware):
+class ContextMiddleware(base_middleware.ConfigurableMiddleware):
 
-    def __init__(self, app):
-        super(ContextMiddleware, self).__init__(app)
-
-    def process_request(self, req):
+    @staticmethod
+    def process_request(req):
         """Convert authentication information into a request context
 
         Generate a RequestContext object from the available
@@ -90,9 +84,9 @@ class ContextMiddleware(wsgi.Middleware):
                                             is disallowed
         """
         if req.headers.get('X-Identity-Status') == 'Confirmed':
-            req.context = self._get_authenticated_context(req)
+            req.context = ContextMiddleware._get_authenticated_context(req)
         elif CONF.allow_anonymous_access:
-            req.context = self._get_anonymous_context()
+            req.context = ContextMiddleware._get_anonymous_context()
         else:
             raise webob.exc.HTTPUnauthorized()
 
@@ -119,10 +113,11 @@ class ContextMiddleware(wsgi.Middleware):
         return RequestContext.from_environ(req.environ, **kwargs)
 
 
-class UnauthenticatedContextMiddleware(wsgi.Middleware):
+class UnauthenticatedContextMiddleware(base_middleware.ConfigurableMiddleware):
     """Process requests and responses when auth is turned off at all."""
 
-    def process_request(self, req):
+    @staticmethod
+    def process_request(req):
         """Create a context without an authorized user.
 
         When glare deployed as public repo everybody is admin

glare/api/middleware/fault.py

@@ -22,9 +22,11 @@ import traceback
 
 from oslo_config import cfg
 from oslo_log import log as logging
+from oslo_middleware import base as base_middleware
 from oslo_utils import reflection
 import six
-import webob
+import webob.dec
+import webob.exc
 
 from glare.common import exception
 from glare.common import wsgi
@@ -48,7 +50,7 @@ class Fault(object):
         return resp
 
 
-class GlareFaultWrapperFilter(wsgi.Middleware):
+class GlareFaultWrapperFilter(base_middleware.ConfigurableMiddleware):
     """Replace error body with something the client can parse."""
     error_map = {
         'BadRequest': webob.exc.HTTPBadRequest,
@@ -122,7 +124,8 @@ class GlareFaultWrapperFilter(wsgi.Middleware):
 
         return error
 
-    def process_request(self, req):
+    @webob.dec.wsgify
+    def __call__(self, req):
         try:
             return req.get_response(self.application)
         except Exception as exc:

glare/api/middleware/version_negotiation.py

@@ -22,11 +22,12 @@ return
 import microversion_parse
 from oslo_config import cfg
 from oslo_log import log as logging
+from oslo_middleware import base as base_middleware
+
 
 from glare.api.v1 import api_version_request as api_version
 from glare.api import versions as artifacts_versions
 from glare.common import exception
-from glare.common import wsgi
 
 CONF = cfg.CONF
 
@@ -48,23 +49,22 @@ def get_version_from_accept(accept_header, vnd_mime_type):
             return None
 
 
-class GlareVersionNegotiationFilter(wsgi.Middleware):
+class GlareVersionNegotiationFilter(base_middleware.ConfigurableMiddleware):
     """Middleware that defines API version in request and redirects it
     to correct Router.
     """
 
     SERVICE_TYPE = 'artifact'
+    MIME_TYPE = 'application/vnd.openstack.artifacts-'
 
-    def __init__(self, app):
-        super(GlareVersionNegotiationFilter, self).__init__(app)
-        self.vnd_mime_type = 'application/vnd.openstack.artifacts-'
-
-    def process_request(self, req):
+    @staticmethod
+    def process_request(req):
         """Process api request:
         1. Define if this is request for available versions or not
         2. If it is not version request check extract version
         3. Validate available version and add version info to request
         """
+
         args = {'method': req.method, 'path': req.path, 'accept': req.accept}
         LOG.debug("Determining version of request: %(method)s %(path)s "
                   "Accept: %(accept)s", args)
@@ -76,7 +76,8 @@ class GlareVersionNegotiationFilter(wsgi.Middleware):
                 req, is_multi=is_multi)
 
         # determine api version from request
-        req_version = get_version_from_accept(req.accept, self.vnd_mime_type)
+        req_version = get_version_from_accept(
+            req.accept, GlareVersionNegotiationFilter.MIME_TYPE)
         if req_version is None:
             # determine api version for v0.1 from url
             if req.path_info_peek() == 'v0.1':
@@ -85,15 +86,17 @@ class GlareVersionNegotiationFilter(wsgi.Middleware):
                 # determine api version from microversion header
                 LOG.debug("Determine version from microversion header.")
                 req_version = microversion_parse.get_version(
-                    req.headers, service_type=self.SERVICE_TYPE)
+                    req.headers,
+                    service_type=GlareVersionNegotiationFilter.SERVICE_TYPE)
 
         # validate versions and add version info to request
         if req_version == 'v0.1':
             req.environ['api.version'] = 0.1
         else:
             # validate microversions header
-            req.api_version_request = self._get_api_version_request(
-                req_version)
+            req.api_version_request = \
+                GlareVersionNegotiationFilter._get_api_version_request(
+                    req_version)
             req_version = req.api_version_request.get_string()
 
         LOG.debug("Matched version: %s", req_version)
@@ -121,13 +124,13 @@ class GlareVersionNegotiationFilter(wsgi.Middleware):
                 max_ver=cur_ver.max_version().get_string())
         return cur_ver
 
-    def process_response(self, response):
+    @staticmethod
+    def process_response(response, request=None):
         if hasattr(response, 'headers'):
-            request = response.request
             if hasattr(request, 'api_version_request'):
                 api_header_name = microversion_parse.STANDARD_HEADER
                 response.headers[api_header_name] = (
-                    self.SERVICE_TYPE + ' ' +
+                    GlareVersionNegotiationFilter.SERVICE_TYPE + ' ' +
                     request.api_version_request.get_string())
                 response.headers.add('Vary', api_header_name)
 

glare/common/wsgi.py

@@ -105,17 +105,6 @@ eventlet_opts = [
                       'wait forever.')),
 ]
 
-wsgi_opts = [
-    cfg.StrOpt('secure_proxy_ssl_header',
-               deprecated_for_removal=True,
-               deprecated_reason=_('Use the http_proxy_to_wsgi middleware '
-                                   'instead.'),
-               help=_('The HTTP header used to determine the scheme for the '
-                      'original request, even if it was removed by an SSL '
-                      'terminating proxy. Typical value is '
-                      '"HTTP_X_FORWARDED_PROTO".')),
-]
-
 
 LOG = logging.getLogger(__name__)
 
@@ -123,7 +112,6 @@ CONF = cfg.CONF
 CONF.register_opts(bind_opts)
 CONF.register_opts(socket_opts)
 CONF.register_opts(eventlet_opts)
-CONF.register_opts(wsgi_opts)
 profiler_opts.set_defaults(CONF)
 
 ASYNC_EVENTLET_THREAD_POOL_LIST = []
@@ -546,88 +534,6 @@ class Server(object):
             self.sock.listen(CONF.backlog)
 
 
-class Middleware(object):
-    """
-    Base WSGI middleware wrapper. These classes require an application to be
-    initialized that will be called next.  By default the middleware will
-    simply call its wrapped app, or you can override __call__ to customize its
-    behavior.
-    """
-
-    def __init__(self, application):
-        self.application = application
-
-    @classmethod
-    def factory(cls, global_conf, **local_conf):
-        def filter(app):
-            return cls(app)
-        return filter
-
-    def process_request(self, req):
-        """
-        Called on each request.
-
-        If this returns None, the next application down the stack will be
-        executed. If it returns a response then that response will be returned
-        and execution will stop here.
-
-        """
-        return None
-
-    def process_response(self, response):
-        """Do whatever you'd like to the response."""
-        return response
-
-    @webob.dec.wsgify
-    def __call__(self, req):
-        response = self.process_request(req)
-        if response:
-            return response
-        response = req.get_response(self.application)
-        response.request = req
-        try:
-            return self.process_response(response)
-        except webob.exc.HTTPException as e:
-            return e
-
-
-class Debug(Middleware):
-    """
-    Helper class that can be inserted into any WSGI application chain
-    to get information about the request and response.
-    """
-
-    @webob.dec.wsgify
-    def __call__(self, req):
-        print(("*" * 40) + " REQUEST ENVIRON")
-        for key, value in req.environ.items():
-            print(key, "=", value)
-        print('')
-        resp = req.get_response(self.application)
-
-        print(("*" * 40) + " RESPONSE HEADERS")
-        for (key, value) in six.iteritems(resp.headers):
-            print(key, "=", value)
-        print('')
-
-        resp.app_iter = self.print_generator(resp.app_iter)
-
-        return resp
-
-    @staticmethod
-    def print_generator(app_iter):
-        """
-        Iterator that prints the contents of a wrapper string iterator
-        when iterated.
-        """
-        print(("*" * 40) + " BODY")
-        for part in app_iter:
-            sys.stdout.write(part)
-            sys.stdout.flush()
-            yield part
-        print()
-
-
 class APIMapper(routes.Mapper):
     """
     Handle route matching when url is '' because routes.Mapper returns
@@ -718,13 +624,6 @@ class Router(object):
 class Request(webob.Request):
     """Add some OpenStack API-specific logic to the base webob.Request."""
 
-    def __init__(self, environ, *args, **kwargs):
-        if CONF.secure_proxy_ssl_header:
-            scheme = environ.get(CONF.secure_proxy_ssl_header)
-            if scheme:
-                environ['wsgi.url_scheme'] = scheme
-        super(Request, self).__init__(environ, *args, **kwargs)
-
     def best_match_content_type(self):
         """Determine the requested response content-type."""
         supported = ('application/json',)

glare/context.py

@@ -1,67 +0,0 @@
-# Copyright 2011-2014 OpenStack Foundation
-# All Rights Reserved.
-#
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
-#    not use this file except in compliance with the License. You may obtain
-#    a copy of the License at
-#
-#         http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#    License for the specific language governing permissions and limitations
-#    under the License.
-
-from oslo_context import context
-
-from glare.common import policy
-
-
-class RequestContext(context.RequestContext):
-    """Stores information about the security context.
-
-    Stores how the user accesses the system, as well as additional request
-    information.
-
-    """
-
-    def __init__(self, owner_is_tenant=True, service_catalog=None,
-                 policy_enforcer=None, **kwargs):
-        super(RequestContext, self).__init__(**kwargs)
-        self.owner_is_tenant = owner_is_tenant
-        self.service_catalog = service_catalog
-        self.policy_enforcer = policy_enforcer or policy._get_enforcer()
-        if not self.is_admin:
-            self.is_admin = self.policy_enforcer.check_is_admin(self)
-
-    def to_dict(self):
-        d = super(RequestContext, self).to_dict()
-        d.update({
-            'roles': self.roles,
-            'service_catalog': self.service_catalog,
-        })
-        return d
-
-    @classmethod
-    def from_dict(cls, values):
-        return cls(**values)
-
-    @property
-    def owner(self):
-        """Return the owner to correlate with an image."""
-        return self.tenant if self.owner_is_tenant else self.user
-
-    @property
-    def can_see_deleted(self):
-        """Admins can see deleted by default"""
-        return self.show_deleted or self.is_admin
-
-
-def get_admin_context(show_deleted=False):
-    """Create an administrator context."""
-    return RequestContext(auth_token=None,
-                          tenant=None,
-                          is_admin=True,
-                          show_deleted=show_deleted,
-                          overwrite=False)

glare/opts.py

@@ -21,14 +21,14 @@ import itertools
 
 from osprofiler import opts as profiler
 
-import glare.api.middleware.glare_context
+import glare.api.middleware.context
 import glare.api.versions
 import glare.common.config
 import glare.common.wsgi
 
 _artifacts_opts = [
     (None, list(itertools.chain(
-        glare.api.middleware.glare_context.context_opts,
+        glare.api.middleware.context.context_opts,
         glare.api.versions.versions_opts,
         glare.common.wsgi.bind_opts,
         glare.common.wsgi.eventlet_opts,

glare/tests/functional/__init__.py

@@ -350,12 +350,11 @@ paste.filter_factory =
    GlareVersionNegotiationFilter.factory
 
 [filter:context]
-paste.filter_factory =
- glare.api.middleware.glare_context:ContextMiddleware.factory
+paste.filter_factory = glare.api.middleware.context:ContextMiddleware.factory
 
 [filter:unauthenticated-context]
 paste.filter_factory =
- glare.api.middleware.glare_context:UnauthenticatedContextMiddleware.factory
+glare.api.middleware.context:UnauthenticatedContextMiddleware.factory
 
 [filter:fakeauth]
 paste.filter_factory = glare.tests.utils:FakeAuthMiddleware.factory

glare/tests/utils.py

@@ -26,15 +26,15 @@ import fixtures
 from oslo_config import cfg
 from oslo_config import fixture as cfg_fixture
 from oslo_log import log
+from oslo_middleware import base as base_middleware
 import six
 from six.moves import BaseHTTPServer
 import testtools
 import webob
 
+from glare.api.middleware import context
 from glare.common import config
 from glare.common import utils
-from glare.common import wsgi
-from glare import context
 
 CONF = cfg.CONF
 try:
@@ -441,13 +441,10 @@ def start_http_server(image_id, image_data):
         return pid, port
 
 
-class FakeAuthMiddleware(wsgi.Middleware):
+class FakeAuthMiddleware(base_middleware.ConfigurableMiddleware):
 
-    def __init__(self, app, is_admin=False):
-        super(FakeAuthMiddleware, self).__init__(app)
-        self.is_admin = is_admin
-
-    def process_request(self, req):
+    @staticmethod
+    def process_request(req):
         auth_token = req.headers.get('X-Auth-Token')
         user = None
         tenant = None
@@ -465,7 +462,7 @@ class FakeAuthMiddleware(wsgi.Middleware):
             'user': user,
             'tenant': tenant,
             'roles': roles,
-            'is_admin': self.is_admin,
+            'is_admin': False,
             'auth_token': auth_token,
         }