openstack
/
keystone
Code Issues Proposed changes

Fix inconsistencies between Oauth1DriverV8 interface and driver 

Several of the methods that the Oauth1DriverV8 driver didn't match
the interface. The driver signature must match the interface.

The driver now matches the interface. In most cases the driver is
changed to match the interface whereas in other cases the interface
is changed to match the driver. The determinant is how the caller is
calling the method.

Change-Id: I826acf75d0336b57831a7d046e8bffac239ea4c1
This commit is contained in:
Brant Knudson 2016-02-19 11:06:13 -06:00
parent fa5ae4a274
commit a0ee855c85
3 changed files with 30 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
keystone/oauth1/backends/sql.py
View File

@ -100,12 +100,12 @@ class OAuth1(core.Oauth1DriverV8):
return core.filter_consumer( return core.filter_consumer(
self.get_consumer_with_secret(consumer_id)) self.get_consumer_with_secret(consumer_id))
def create_consumer(self, consumer): def create_consumer(self, consumer_ref):
session = sql.get_session() session = sql.get_session()
with session.begin(): with session.begin():
consumer_ref = Consumer.from_dict(consumer) consumer = Consumer.from_dict(consumer_ref)
session.add(consumer_ref) session.add(consumer)
return consumer_ref.to_dict() return consumer.to_dict()
def _delete_consumer(self, session, consumer_id): def _delete_consumer(self, session, consumer_id):
consumer_ref = self._get_consumer(session, consumer_id) consumer_ref = self._get_consumer(session, consumer_id)
@ -139,27 +139,25 @@ class OAuth1(core.Oauth1DriverV8):
cons = session.query(Consumer) cons = session.query(Consumer)
return [core.filter_consumer(x.to_dict()) for x in cons] return [core.filter_consumer(x.to_dict()) for x in cons]
def update_consumer(self, consumer_id, consumer): def update_consumer(self, consumer_id, consumer_ref):
session = sql.get_session() session = sql.get_session()
with session.begin(): with session.begin():
consumer_ref = self._get_consumer(session, consumer_id) consumer = self._get_consumer(session, consumer_id)
old_consumer_dict = consumer_ref.to_dict() old_consumer_dict = consumer.to_dict()
old_consumer_dict.update(consumer) old_consumer_dict.update(consumer_ref)
new_consumer = Consumer.from_dict(old_consumer_dict) new_consumer = Consumer.from_dict(old_consumer_dict)
consumer_ref.description = new_consumer.description consumer.description = new_consumer.description
consumer_ref.extra = new_consumer.extra consumer.extra = new_consumer.extra
return core.filter_consumer(consumer_ref.to_dict()) return core.filter_consumer(consumer.to_dict())
def create_request_token(self, consumer_id, project_id, token_duration, def create_request_token(self, consumer_id, requested_project,
request_token_id=None, request_token_secret=None): request_token_duration):
if request_token_id is None: request_token_id = uuid.uuid4().hex
request_token_id = uuid.uuid4().hex request_token_secret = uuid.uuid4().hex
if request_token_secret is None:
request_token_secret = uuid.uuid4().hex
expiry_date = None expiry_date = None
if token_duration: if request_token_duration:
now = timeutils.utcnow() now = timeutils.utcnow()
future = now + datetime.timedelta(seconds=token_duration) future = now + datetime.timedelta(seconds=request_token_duration)
expiry_date = utils.isotime(future, subsecond=True) expiry_date = utils.isotime(future, subsecond=True)
ref = {} ref = {}
@ -167,7 +165,7 @@ class OAuth1(core.Oauth1DriverV8):
ref['request_secret'] = request_token_secret ref['request_secret'] = request_token_secret
ref['verifier'] = None ref['verifier'] = None
ref['authorizing_user_id'] = None ref['authorizing_user_id'] = None
ref['requested_project_id'] = project_id ref['requested_project_id'] = requested_project
ref['role_ids'] = None ref['role_ids'] = None
ref['consumer_id'] = consumer_id ref['consumer_id'] = consumer_id
ref['expires_at'] = expiry_date ref['expires_at'] = expiry_date
@ -207,21 +205,19 @@ class OAuth1(core.Oauth1DriverV8):
return token_ref.to_dict() return token_ref.to_dict()
def create_access_token(self, request_token_id, token_duration, def create_access_token(self, request_id, access_token_duration):
access_token_id=None, access_token_secret=None): access_token_id = uuid.uuid4().hex
if access_token_id is None: access_token_secret = uuid.uuid4().hex
access_token_id = uuid.uuid4().hex
if access_token_secret is None:
access_token_secret = uuid.uuid4().hex
session = sql.get_session() session = sql.get_session()
with session.begin(): with session.begin():
req_token_ref = self._get_request_token(session, request_token_id) req_token_ref = self._get_request_token(session, request_id)
token_dict = req_token_ref.to_dict() token_dict = req_token_ref.to_dict()
expiry_date = None expiry_date = None
if token_duration: if access_token_duration:
now = timeutils.utcnow() now = timeutils.utcnow()
future = now + datetime.timedelta(seconds=token_duration) future = (now +
datetime.timedelta(seconds=access_token_duration))
expiry_date = utils.isotime(future, subsecond=True) expiry_date = utils.isotime(future, subsecond=True)
# add Access Token # add Access Token

4
keystone/oauth1/controllers.py
View File

@ -388,7 +388,7 @@ class OAuthControllerV3(controller.V3Controller):
raise exception.Unauthorized(message=msg) raise exception.Unauthorized(message=msg)
# create list of just the id's for the backend # create list of just the id's for the backend
role_list = list(authed_roles) role_ids = list(authed_roles)
# verify the user has the project too # verify the user has the project too
req_project_id = req_token['requested_project_id'] req_project_id = req_token['requested_project_id']
@ -402,7 +402,7 @@ class OAuthControllerV3(controller.V3Controller):
# finally authorize the token # finally authorize the token
authed_token = self.oauth_api.authorize_request_token( authed_token = self.oauth_api.authorize_request_token(
request_token_id, user_id, role_list) request_token_id, user_id, role_ids)
to_return = {'token': {'oauth_verifier': authed_token['verifier']}} to_return = {'token': {'oauth_verifier': authed_token['verifier']}}
return to_return return to_return

6
keystone/oauth1/core.py
View File

@ -337,11 +337,11 @@ class Oauth1DriverV8(object):
raise exception.NotImplemented() # pragma: no cover raise exception.NotImplemented() # pragma: no cover
@abc.abstractmethod @abc.abstractmethod
def authorize_request_token(self, request_id, user_id, role_ids): def authorize_request_token(self, request_token_id, user_id, role_ids):
"""Authorize request token. """Authorize request token.
:param request_id: the id of the request token, to be authorized :param request_token_id: the id of the request token, to be authorized
:type request_id: string :type request_token_id: string
:param user_id: the id of the authorizing user :param user_id: the id of the authorizing user
:type user_id: string :type user_id: string
:param role_ids: list of role ids to authorize :param role_ids: list of role ids to authorize