Merge "keystoneclient to keystoneauth migration"
This commit is contained in:
commit
522f7d0425
@ -180,7 +180,7 @@ keystone ``Session`` and auth plugin objects(for example, ``Token`` or
|
||||
``Password``). Sahara is migrating all clients to use this authentication
|
||||
methodology, where available. For more information on using sessions with
|
||||
keystone, please see
|
||||
http://docs.openstack.org/developer/python-keystoneclient/using-sessions.html
|
||||
http://docs.openstack.org/developer/keystoneauth/using-sessions.html
|
||||
|
||||
Storing sensitive information
|
||||
-----------------------------
|
||||
|
@ -0,0 +1,4 @@
|
||||
---
|
||||
upgrade:
|
||||
- migration from keystoneclient to keystoneauth is done for
|
||||
using auth features of keystone.
|
@ -12,6 +12,7 @@ Flask<1.0,>=0.10 # BSD
|
||||
iso8601>=0.1.11 # MIT
|
||||
Jinja2>=2.8 # BSD License (3 clause)
|
||||
jsonschema!=2.5.0,<3.0.0,>=2.0.0 # MIT
|
||||
keystoneauth1>=2.1.0 # Apache-2.0
|
||||
keystonemiddleware!=4.1.0,>=4.0.0 # Apache-2.0
|
||||
oslo.config>=3.9.0 # Apache-2.0
|
||||
oslo.concurrency>=3.5.0 # Apache-2.0
|
||||
|
@ -13,7 +13,7 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from keystoneclient import session as keystone
|
||||
from keystoneauth1 import session as keystone
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log as logging
|
||||
|
||||
|
@ -13,7 +13,7 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from keystoneclient import session as keystone
|
||||
from keystoneauth1 import session as keystone
|
||||
import mock
|
||||
|
||||
from sahara import exceptions as ex
|
||||
@ -32,7 +32,7 @@ class TestSessionCache(base.SaharaTestCase):
|
||||
sc.get_session,
|
||||
session_type='bad service')
|
||||
|
||||
@mock.patch('keystoneclient.session.Session')
|
||||
@mock.patch('keystoneauth1.session.Session')
|
||||
def test_get_keystone_session(self, keystone_session):
|
||||
sc = sessions.SessionCache()
|
||||
self.override_config('ca_file', '/some/cacert', group='keystone')
|
||||
@ -52,7 +52,7 @@ class TestSessionCache(base.SaharaTestCase):
|
||||
sc.get_session(sessions.SESSION_TYPE_KEYSTONE)
|
||||
self.assertFalse(keystone_session.called)
|
||||
|
||||
@mock.patch('keystoneclient.session.Session')
|
||||
@mock.patch('keystoneauth1.session.Session')
|
||||
def test_get_nova_session(self, keystone_session):
|
||||
sc = sessions.SessionCache()
|
||||
self.override_config('ca_file', '/some/cacert', group='nova')
|
||||
@ -72,7 +72,7 @@ class TestSessionCache(base.SaharaTestCase):
|
||||
sc.get_session(sessions.SESSION_TYPE_NOVA)
|
||||
self.assertFalse(keystone_session.called)
|
||||
|
||||
@mock.patch('keystoneclient.session.Session')
|
||||
@mock.patch('keystoneauth1.session.Session')
|
||||
def test_get_cinder_session(self, keystone_session):
|
||||
sc = sessions.SessionCache()
|
||||
self.override_config('ca_file', '/some/cacert', group='cinder')
|
||||
@ -92,7 +92,7 @@ class TestSessionCache(base.SaharaTestCase):
|
||||
sc.get_session(sessions.SESSION_TYPE_CINDER)
|
||||
self.assertFalse(keystone_session.called)
|
||||
|
||||
@mock.patch('keystoneclient.session.Session')
|
||||
@mock.patch('keystoneauth1.session.Session')
|
||||
def test_get_neutron_session(self, keystone_session):
|
||||
sc = sessions.SessionCache()
|
||||
self.override_config('ca_file', '/some/cacert', group='neutron')
|
||||
@ -112,7 +112,7 @@ class TestSessionCache(base.SaharaTestCase):
|
||||
sc.get_session(sessions.SESSION_TYPE_NEUTRON)
|
||||
self.assertFalse(keystone_session.called)
|
||||
|
||||
@mock.patch('keystoneclient.session.Session')
|
||||
@mock.patch('keystoneauth1.session.Session')
|
||||
def test_insecure_session(self, session):
|
||||
sc = sessions.SessionCache()
|
||||
sc.get_session(sessions.SESSION_TYPE_INSECURE)
|
||||
|
@ -16,7 +16,7 @@
|
||||
|
||||
from cinderclient import exceptions as cinder_exc
|
||||
from heatclient import exc as heat_exc
|
||||
from keystoneclient import exceptions as keystone_exc
|
||||
from keystoneauth1 import exceptions as keystone_exc
|
||||
import mock
|
||||
from neutronclient.common import exceptions as neutron_exc
|
||||
from novaclient import exceptions as nova_exc
|
||||
|
@ -15,7 +15,7 @@
|
||||
|
||||
import socket
|
||||
|
||||
from keystoneclient import exceptions as keystone_ex
|
||||
from keystoneauth1 import exceptions as keystone_ex
|
||||
from oslo_log import log as logging
|
||||
from six.moves.urllib import parse
|
||||
|
||||
|
@ -13,8 +13,8 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from keystoneclient import exceptions as keystone_ex
|
||||
from keystoneclient import service_catalog as keystone_service_catalog
|
||||
from keystoneauth1.access import service_catalog as keystone_service_catalog
|
||||
from keystoneauth1 import exceptions as keystone_ex
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log as logging
|
||||
from oslo_serialization import jsonutils as json
|
||||
@ -53,14 +53,13 @@ def url_for(service_catalog=None, service_type='identity',
|
||||
service_catalog = context.current().service_catalog
|
||||
try:
|
||||
return keystone_service_catalog.ServiceCatalogV2(
|
||||
{'serviceCatalog': json.loads(service_catalog)}).url_for(
|
||||
service_type=service_type, endpoint_type=endpoint_type,
|
||||
json.loads(service_catalog)).url_for(
|
||||
service_type=service_type, interface=endpoint_type,
|
||||
region_name=CONF.os_region_name)
|
||||
except keystone_ex.EndpointNotFound:
|
||||
return keystone_service_catalog.ServiceCatalogV3(
|
||||
context.get_auth_token(),
|
||||
{'catalog': json.loads(service_catalog)}).url_for(
|
||||
service_type=service_type, endpoint_type=endpoint_type,
|
||||
json.loads(service_catalog)).url_for(
|
||||
service_type=service_type, interface=endpoint_type,
|
||||
region_name=CONF.os_region_name)
|
||||
|
||||
|
||||
|
@ -13,8 +13,8 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from keystoneclient.auth import identity as keystone_identity
|
||||
from keystoneclient import session as keystone_session
|
||||
from keystoneauth1 import identity as keystone_identity
|
||||
from keystoneauth1 import session as keystone_session
|
||||
from keystoneclient.v2_0 import client as keystone_client
|
||||
from keystoneclient.v3 import client as keystone_client_v3
|
||||
from oslo_config import cfg
|
||||
@ -160,12 +160,12 @@ def service_catalog_from_auth(auth):
|
||||
|
||||
:returns: a list containing the service catalog.
|
||||
'''
|
||||
if CONF.use_identity_api_v3:
|
||||
return auth.get_access(
|
||||
sessions.cache().get_session()).get('catalog', [])
|
||||
access_info = auth.get_access(
|
||||
sessions.cache().get_session(sessions.SESSION_TYPE_KEYSTONE))
|
||||
if access_info.has_service_catalog():
|
||||
return access_info.service_catalog.catalog
|
||||
else:
|
||||
return auth.get_access(
|
||||
sessions.cache().get_session()).get('serviceCatalog', [])
|
||||
return []
|
||||
|
||||
|
||||
# TODO(elmiko) factor this out when redoing the barbicanclient
|
||||
@ -217,8 +217,7 @@ def token_from_auth(auth):
|
||||
|
||||
:returns: an auth token in string format.
|
||||
'''
|
||||
return keystone_session.Session(
|
||||
auth=auth, verify=CONF.generic_session_verify).get_token()
|
||||
return sessions.cache().token_for_auth(auth)
|
||||
|
||||
|
||||
def user_id_from_auth(auth):
|
||||
|
Loading…
Reference in New Issue
Block a user