Enable parsing of Identity Service V3 catalog.
In Keystone V3, the service catalog in the token response has been split into multiple entries per service. This change checks the version of the Identity Service and performs the appropriate parsing of the catalog. Core code for Keystone V3 authentication are in openstack_auth. TODO: Move to auto-detection of API versions when it is available. Implements blueprint login-domain-support Change-Id: I69073e5744def037caf522b1123755668887cfd9
This commit is contained in:
parent
aedc25c717
commit
32f9e5b388
@ -180,18 +180,36 @@ def get_service_from_catalog(catalog, service_type):
|
||||
return None
|
||||
|
||||
|
||||
# TODO: Use API discovery to determine the version, for now read the settings
|
||||
IDENTITY_VERSION = getattr(settings, APIVersionManager.SETTINGS_KEY, {}).\
|
||||
get('identity', 2.0)
|
||||
|
||||
|
||||
# Mapping of V2 Catalog Endpoint_type to V3 Catalog Interfaces
|
||||
ENDPOINT_TYPE_TO_INTERFACE = {
|
||||
'publicURL': 'public',
|
||||
'internalURL': 'internal',
|
||||
'adminURL': 'admin',
|
||||
}
|
||||
|
||||
|
||||
def url_for(request, service_type, admin=False, endpoint_type=None):
|
||||
endpoint_type = endpoint_type or getattr(settings,
|
||||
'OPENSTACK_ENDPOINT_TYPE',
|
||||
'publicURL')
|
||||
catalog = request.user.service_catalog
|
||||
service = get_service_from_catalog(catalog, service_type)
|
||||
if admin:
|
||||
endpoint_type = 'adminURL'
|
||||
if service:
|
||||
try:
|
||||
if admin:
|
||||
return service['endpoints'][0]['adminURL']
|
||||
else:
|
||||
if IDENTITY_VERSION < 3:
|
||||
return service['endpoints'][0][endpoint_type]
|
||||
else:
|
||||
interface = ENDPOINT_TYPE_TO_INTERFACE.get(endpoint_type, '')
|
||||
for endpoint in service['endpoints']:
|
||||
if endpoint['interface'] == interface:
|
||||
return endpoint['url']
|
||||
except (IndexError, KeyError):
|
||||
raise exceptions.ServiceCatalogException(service_type)
|
||||
else:
|
||||
|
@ -35,6 +35,14 @@ TEMPLATE_DEBUG = DEBUG
|
||||
# "identity": 3
|
||||
# }
|
||||
|
||||
# Set this to True if running on multi-domain model. When this is enabled, it
|
||||
# will require user to enter the Domain name in addition to username for login.
|
||||
# OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False
|
||||
|
||||
# Overrides the default domain used when running on single-domain model
|
||||
# with Keystone V3. All entities will be created in the default domain.
|
||||
# OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
|
||||
|
||||
# Default OpenStack Dashboard configuration.
|
||||
HORIZON_CONFIG = {
|
||||
'dashboards': ('project', 'admin', 'settings',),
|
||||
|
Loading…
Reference in New Issue
Block a user