Merge "Refactor: Use Federation constants where possible"
This commit is contained in:
commit
d250e82462
@ -29,6 +29,7 @@ from keystone.common import dependency
|
|||||||
from keystone.common import utils
|
from keystone.common import utils
|
||||||
from keystone.common import wsgi
|
from keystone.common import wsgi
|
||||||
from keystone import exception
|
from keystone import exception
|
||||||
|
from keystone.federation import constants
|
||||||
from keystone.i18n import _, _LI, _LW
|
from keystone.i18n import _, _LI, _LW
|
||||||
from keystone.resource import controllers as resource_controllers
|
from keystone.resource import controllers as resource_controllers
|
||||||
|
|
||||||
@ -425,8 +426,7 @@ class Auth(controller.V3Controller):
|
|||||||
return
|
return
|
||||||
|
|
||||||
# Skip scoping when unscoped federated token is being issued
|
# Skip scoping when unscoped federated token is being issued
|
||||||
# FIXME(stevemar): Use constants from keystone.federation.constants
|
if constants.IDENTITY_PROVIDER in auth_context:
|
||||||
if 'OS-FEDERATION:identity_provider' in auth_context:
|
|
||||||
return
|
return
|
||||||
|
|
||||||
# Do not scope if request is for explicitly unscoped token
|
# Do not scope if request is for explicitly unscoped token
|
||||||
|
@ -18,10 +18,9 @@ from oslo_utils import timeutils
|
|||||||
import six
|
import six
|
||||||
|
|
||||||
from keystone import exception
|
from keystone import exception
|
||||||
|
from keystone.federation import constants
|
||||||
from keystone.i18n import _
|
from keystone.i18n import _
|
||||||
|
|
||||||
# FIXME(stevemar): Use constants from keystone.federation.constants
|
|
||||||
OS_FEDERATION = 'OS-FEDERATION'
|
|
||||||
CONF = cfg.CONF
|
CONF = cfg.CONF
|
||||||
# supported token versions
|
# supported token versions
|
||||||
V2 = 'v2.0'
|
V2 = 'v2.0'
|
||||||
@ -297,7 +296,8 @@ class KeystoneToken(dict):
|
|||||||
@property
|
@property
|
||||||
def is_federated_user(self):
|
def is_federated_user(self):
|
||||||
try:
|
try:
|
||||||
return (self.version is V3 and OS_FEDERATION in self['user'])
|
return (self.version is V3 and
|
||||||
|
constants.FEDERATION in self['user'])
|
||||||
except KeyError:
|
except KeyError:
|
||||||
raise exception.UnexpectedError()
|
raise exception.UnexpectedError()
|
||||||
|
|
||||||
@ -306,7 +306,8 @@ class KeystoneToken(dict):
|
|||||||
if self.is_federated_user:
|
if self.is_federated_user:
|
||||||
if self.version is V3:
|
if self.version is V3:
|
||||||
try:
|
try:
|
||||||
groups = self['user'][OS_FEDERATION].get('groups', [])
|
groups = self['user'][constants.FEDERATION].get(
|
||||||
|
'groups', [])
|
||||||
return [g['id'] for g in groups]
|
return [g['id'] for g in groups]
|
||||||
except KeyError:
|
except KeyError:
|
||||||
raise exception.UnexpectedError()
|
raise exception.UnexpectedError()
|
||||||
@ -316,12 +317,12 @@ class KeystoneToken(dict):
|
|||||||
def federation_idp_id(self):
|
def federation_idp_id(self):
|
||||||
if self.version is not V3 or not self.is_federated_user:
|
if self.version is not V3 or not self.is_federated_user:
|
||||||
return None
|
return None
|
||||||
return self['user'][OS_FEDERATION]['identity_provider']['id']
|
return self['user'][constants.FEDERATION]['identity_provider']['id']
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def federation_protocol_id(self):
|
def federation_protocol_id(self):
|
||||||
if self.version is V3 and self.is_federated_user:
|
if self.version is V3 and self.is_federated_user:
|
||||||
return self['user'][OS_FEDERATION]['protocol']['id']
|
return self['user'][constants.FEDERATION]['protocol']['id']
|
||||||
return None
|
return None
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
Loading…
Reference in New Issue
Block a user