keystoneclient to keystoneauth migration
Keystoneauth was extracted from keystoneclient so we need to migrate to keystoneauth. But keystoneclient shouldn't be removed completely because we are using its HTTPClient. Change-Id: Ifca0e7423a884ac56389fa88e285516688197f9e bp: keystoneclient-to-keystoneauth
This commit is contained in:
parent
6adb3fd003
commit
f24cfa97f7
@ -180,7 +180,7 @@ keystone ``Session`` and auth plugin objects(for example, ``Token`` or
|
|||||||
``Password``). Sahara is migrating all clients to use this authentication
|
``Password``). Sahara is migrating all clients to use this authentication
|
||||||
methodology, where available. For more information on using sessions with
|
methodology, where available. For more information on using sessions with
|
||||||
keystone, please see
|
keystone, please see
|
||||||
http://docs.openstack.org/developer/python-keystoneclient/using-sessions.html
|
http://docs.openstack.org/developer/keystoneauth/using-sessions.html
|
||||||
|
|
||||||
Storing sensitive information
|
Storing sensitive information
|
||||||
-----------------------------
|
-----------------------------
|
||||||
|
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
upgrade:
|
||||||
|
- migration from keystoneclient to keystoneauth is done for
|
||||||
|
using auth features of keystone.
|
@ -12,6 +12,7 @@ Flask<1.0,>=0.10 # BSD
|
|||||||
iso8601>=0.1.9 # MIT
|
iso8601>=0.1.9 # MIT
|
||||||
Jinja2>=2.8 # BSD License (3 clause)
|
Jinja2>=2.8 # BSD License (3 clause)
|
||||||
jsonschema!=2.5.0,<3.0.0,>=2.0.0 # MIT
|
jsonschema!=2.5.0,<3.0.0,>=2.0.0 # MIT
|
||||||
|
keystoneauth1>=2.1.0 # Apache-2.0
|
||||||
keystonemiddleware!=4.1.0,>=4.0.0 # Apache-2.0
|
keystonemiddleware!=4.1.0,>=4.0.0 # Apache-2.0
|
||||||
oslo.config>=3.9.0 # Apache-2.0
|
oslo.config>=3.9.0 # Apache-2.0
|
||||||
oslo.concurrency>=3.5.0 # Apache-2.0
|
oslo.concurrency>=3.5.0 # Apache-2.0
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from keystoneclient import session as keystone
|
from keystoneauth1 import session as keystone
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
|
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from keystoneclient import session as keystone
|
from keystoneauth1 import session as keystone
|
||||||
import mock
|
import mock
|
||||||
|
|
||||||
from sahara import exceptions as ex
|
from sahara import exceptions as ex
|
||||||
@ -32,7 +32,7 @@ class TestSessionCache(base.SaharaTestCase):
|
|||||||
sc.get_session,
|
sc.get_session,
|
||||||
session_type='bad service')
|
session_type='bad service')
|
||||||
|
|
||||||
@mock.patch('keystoneclient.session.Session')
|
@mock.patch('keystoneauth1.session.Session')
|
||||||
def test_get_keystone_session(self, keystone_session):
|
def test_get_keystone_session(self, keystone_session):
|
||||||
sc = sessions.SessionCache()
|
sc = sessions.SessionCache()
|
||||||
self.override_config('ca_file', '/some/cacert', group='keystone')
|
self.override_config('ca_file', '/some/cacert', group='keystone')
|
||||||
@ -52,7 +52,7 @@ class TestSessionCache(base.SaharaTestCase):
|
|||||||
sc.get_session(sessions.SESSION_TYPE_KEYSTONE)
|
sc.get_session(sessions.SESSION_TYPE_KEYSTONE)
|
||||||
self.assertFalse(keystone_session.called)
|
self.assertFalse(keystone_session.called)
|
||||||
|
|
||||||
@mock.patch('keystoneclient.session.Session')
|
@mock.patch('keystoneauth1.session.Session')
|
||||||
def test_get_nova_session(self, keystone_session):
|
def test_get_nova_session(self, keystone_session):
|
||||||
sc = sessions.SessionCache()
|
sc = sessions.SessionCache()
|
||||||
self.override_config('ca_file', '/some/cacert', group='nova')
|
self.override_config('ca_file', '/some/cacert', group='nova')
|
||||||
@ -72,7 +72,7 @@ class TestSessionCache(base.SaharaTestCase):
|
|||||||
sc.get_session(sessions.SESSION_TYPE_NOVA)
|
sc.get_session(sessions.SESSION_TYPE_NOVA)
|
||||||
self.assertFalse(keystone_session.called)
|
self.assertFalse(keystone_session.called)
|
||||||
|
|
||||||
@mock.patch('keystoneclient.session.Session')
|
@mock.patch('keystoneauth1.session.Session')
|
||||||
def test_get_cinder_session(self, keystone_session):
|
def test_get_cinder_session(self, keystone_session):
|
||||||
sc = sessions.SessionCache()
|
sc = sessions.SessionCache()
|
||||||
self.override_config('ca_file', '/some/cacert', group='cinder')
|
self.override_config('ca_file', '/some/cacert', group='cinder')
|
||||||
@ -92,7 +92,7 @@ class TestSessionCache(base.SaharaTestCase):
|
|||||||
sc.get_session(sessions.SESSION_TYPE_CINDER)
|
sc.get_session(sessions.SESSION_TYPE_CINDER)
|
||||||
self.assertFalse(keystone_session.called)
|
self.assertFalse(keystone_session.called)
|
||||||
|
|
||||||
@mock.patch('keystoneclient.session.Session')
|
@mock.patch('keystoneauth1.session.Session')
|
||||||
def test_get_neutron_session(self, keystone_session):
|
def test_get_neutron_session(self, keystone_session):
|
||||||
sc = sessions.SessionCache()
|
sc = sessions.SessionCache()
|
||||||
self.override_config('ca_file', '/some/cacert', group='neutron')
|
self.override_config('ca_file', '/some/cacert', group='neutron')
|
||||||
@ -112,7 +112,7 @@ class TestSessionCache(base.SaharaTestCase):
|
|||||||
sc.get_session(sessions.SESSION_TYPE_NEUTRON)
|
sc.get_session(sessions.SESSION_TYPE_NEUTRON)
|
||||||
self.assertFalse(keystone_session.called)
|
self.assertFalse(keystone_session.called)
|
||||||
|
|
||||||
@mock.patch('keystoneclient.session.Session')
|
@mock.patch('keystoneauth1.session.Session')
|
||||||
def test_insecure_session(self, session):
|
def test_insecure_session(self, session):
|
||||||
sc = sessions.SessionCache()
|
sc = sessions.SessionCache()
|
||||||
sc.get_session(sessions.SESSION_TYPE_INSECURE)
|
sc.get_session(sessions.SESSION_TYPE_INSECURE)
|
||||||
|
@ -16,7 +16,7 @@
|
|||||||
|
|
||||||
from cinderclient import exceptions as cinder_exc
|
from cinderclient import exceptions as cinder_exc
|
||||||
from heatclient import exc as heat_exc
|
from heatclient import exc as heat_exc
|
||||||
from keystoneclient import exceptions as keystone_exc
|
from keystoneauth1 import exceptions as keystone_exc
|
||||||
import mock
|
import mock
|
||||||
from neutronclient.common import exceptions as neutron_exc
|
from neutronclient.common import exceptions as neutron_exc
|
||||||
from novaclient import exceptions as nova_exc
|
from novaclient import exceptions as nova_exc
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
|
|
||||||
import socket
|
import socket
|
||||||
|
|
||||||
from keystoneclient import exceptions as keystone_ex
|
from keystoneauth1 import exceptions as keystone_ex
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
from six.moves.urllib import parse
|
from six.moves.urllib import parse
|
||||||
|
|
||||||
|
@ -13,8 +13,8 @@
|
|||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from keystoneclient import exceptions as keystone_ex
|
from keystoneauth1.access import service_catalog as keystone_service_catalog
|
||||||
from keystoneclient import service_catalog as keystone_service_catalog
|
from keystoneauth1 import exceptions as keystone_ex
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
from oslo_serialization import jsonutils as json
|
from oslo_serialization import jsonutils as json
|
||||||
@ -53,14 +53,13 @@ def url_for(service_catalog=None, service_type='identity',
|
|||||||
service_catalog = context.current().service_catalog
|
service_catalog = context.current().service_catalog
|
||||||
try:
|
try:
|
||||||
return keystone_service_catalog.ServiceCatalogV2(
|
return keystone_service_catalog.ServiceCatalogV2(
|
||||||
{'serviceCatalog': json.loads(service_catalog)}).url_for(
|
json.loads(service_catalog)).url_for(
|
||||||
service_type=service_type, endpoint_type=endpoint_type,
|
service_type=service_type, interface=endpoint_type,
|
||||||
region_name=CONF.os_region_name)
|
region_name=CONF.os_region_name)
|
||||||
except keystone_ex.EndpointNotFound:
|
except keystone_ex.EndpointNotFound:
|
||||||
return keystone_service_catalog.ServiceCatalogV3(
|
return keystone_service_catalog.ServiceCatalogV3(
|
||||||
context.get_auth_token(),
|
json.loads(service_catalog)).url_for(
|
||||||
{'catalog': json.loads(service_catalog)}).url_for(
|
service_type=service_type, interface=endpoint_type,
|
||||||
service_type=service_type, endpoint_type=endpoint_type,
|
|
||||||
region_name=CONF.os_region_name)
|
region_name=CONF.os_region_name)
|
||||||
|
|
||||||
|
|
||||||
|
@ -13,8 +13,8 @@
|
|||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from keystoneclient.auth import identity as keystone_identity
|
from keystoneauth1 import identity as keystone_identity
|
||||||
from keystoneclient import session as keystone_session
|
from keystoneauth1 import session as keystone_session
|
||||||
from keystoneclient.v2_0 import client as keystone_client
|
from keystoneclient.v2_0 import client as keystone_client
|
||||||
from keystoneclient.v3 import client as keystone_client_v3
|
from keystoneclient.v3 import client as keystone_client_v3
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
@ -160,12 +160,12 @@ def service_catalog_from_auth(auth):
|
|||||||
|
|
||||||
:returns: a list containing the service catalog.
|
:returns: a list containing the service catalog.
|
||||||
'''
|
'''
|
||||||
if CONF.use_identity_api_v3:
|
access_info = auth.get_access(
|
||||||
return auth.get_access(
|
sessions.cache().get_session(sessions.SESSION_TYPE_KEYSTONE))
|
||||||
sessions.cache().get_session()).get('catalog', [])
|
if access_info.has_service_catalog():
|
||||||
|
return access_info.service_catalog.catalog
|
||||||
else:
|
else:
|
||||||
return auth.get_access(
|
return []
|
||||||
sessions.cache().get_session()).get('serviceCatalog', [])
|
|
||||||
|
|
||||||
|
|
||||||
# TODO(elmiko) factor this out when redoing the barbicanclient
|
# TODO(elmiko) factor this out when redoing the barbicanclient
|
||||||
@ -217,8 +217,7 @@ def token_from_auth(auth):
|
|||||||
|
|
||||||
:returns: an auth token in string format.
|
:returns: an auth token in string format.
|
||||||
'''
|
'''
|
||||||
return keystone_session.Session(
|
return sessions.cache().token_for_auth(auth)
|
||||||
auth=auth, verify=CONF.generic_session_verify).get_token()
|
|
||||||
|
|
||||||
|
|
||||||
def user_id_from_auth(auth):
|
def user_id_from_auth(auth):
|
||||||
|
Loading…
Reference in New Issue
Block a user