Merge "Revert "Remove all usage of keystoneclient"" into stable/ussuri

This commit is contained in:
Zuul 2021-09-10 18:11:12 +00:00 committed by Gerrit Code Review
commit 5a193b357e
3 changed files with 19 additions and 16 deletions

View File

@ -32,7 +32,7 @@ Keystone (an identity management system).
"""
import httplib2
from keystoneauth1.access import service_catalog as ks_service_catalog
from keystoneclient import service_catalog as ks_service_catalog
from oslo_serialization import jsonutils
from six.moves import http_client as http
# NOTE(jokke): simplified transition to py3, behaves like py2 xrange
@ -326,10 +326,11 @@ def get_endpoint(service_catalog, service_type='image', endpoint_region=None,
otherwise we will raise an exception.
"""
endpoints = ks_service_catalog.ServiceCatalogV2(
service_catalog).get_urls(interface=endpoint_type,
service_type=service_type,
region_name=endpoint_region)
if len(endpoints) == 0:
{'serviceCatalog': service_catalog}
).get_urls(service_type=service_type,
region_name=endpoint_region,
endpoint_type=endpoint_type)
if endpoints is None:
raise exception.NoServiceEndpoint()
elif len(endpoints) == 1:
return endpoints[0]

View File

@ -14,6 +14,7 @@
from keystoneauth1 import exceptions as ka_exceptions
from keystoneauth1 import loading as ka_loading
from keystoneclient.v3 import client as ks_client
from oslo_config import cfg
from oslo_log import log as logging
@ -31,17 +32,17 @@ class TokenRefresher(object):
# step 1: create trust to ensure that we can always update token
# trustor = user who made the request
trustor_client = self._load_session(user_plugin)
trustor_id = trustor_client.get_user_id()
trustor_client = self._load_client(user_plugin)
trustor_id = trustor_client.session.get_user_id()
# get trustee user client that impersonates main user
trustee_user_auth = ka_loading.load_auth_from_conf_options(
CONF, 'keystone_authtoken')
# save service user client because we need new service token
# to refresh trust-scoped client later
self.trustee_user_client = self._load_session(trustee_user_auth)
self.trustee_user_client = self._load_client(trustee_user_auth)
trustee_id = self.trustee_user_client.get_user_id()
trustee_id = self.trustee_user_client.session.get_user_id()
self.trust_id = trustor_client.trusts.create(trustor_user=trustor_id,
trustee_user=trustee_id,
@ -63,12 +64,12 @@ class TokenRefresher(object):
if self.trustee_client is None:
self.trustee_client = self._refresh_trustee_client()
try:
return self.trustee_client.get_token()
return self.trustee_client.session.get_token()
except ka_exceptions.Unauthorized:
# in case of Unauthorized exceptions try to refresh client because
# service user token may expired
self.trustee_client = self._refresh_trustee_client()
return self.trustee_client.get_token()
return self.trustee_client.session.get_token()
def release_resources(self):
"""Release keystone resources required for refreshing"""
@ -98,11 +99,11 @@ class TokenRefresher(object):
trustee_auth = ka_loading.load_auth_from_conf_options(
CONF, 'keystone_authtoken', **kwargs)
return self._load_session(trustee_auth)
return self._load_client(trustee_auth)
@staticmethod
def _load_session(plugin):
# load ksa session from auth settings and user plugin
def _load_client(plugin):
# load client from auth settings and user plugin
sess = ka_loading.load_session_from_conf_options(
CONF, 'keystone_authtoken', auth=plugin)
return sess
return ks_client.Client(session=sess)

View File

@ -31,7 +31,8 @@ PrettyTable<0.8,>=0.7.1 # BSD
# For paste.util.template used in keystone.common.template
Paste>=2.0.2 # MIT
jsonschema>=2.6.0 # MIT
jsonschema>=3.2.0 # MIT
python-keystoneclient>=3.8.0 # Apache-2.0
pyOpenSSL>=17.1.0 # Apache-2.0
# Required by openstack.common libraries
six>=1.10.0 # MIT