openstack/keystoneauth
Code Issues Proposed changes

Standardize AccessInfo token setting

Browse Source 
When settings tokens via the factory v2 and v3 work completely
differently. This is somewhat expected due to tokens working differently
but it makes it hard to work with.

For example, if i have a v3 token but not the requests.Response that
created it there is no way for me to set the token data on the
AccessInfo object via factory.

Also in the case of V2 CMS tokens the value at ['token']['id'] is a fake
so that the signing process will work.

Allow overriding the token value from the factory and force setting the
token id on the AccessInfo in a standard way.

Change-Id: I856096dc5fae2ab0d1bedbac3294dc4976c3f3ad
This commit is contained in:
Jamie Lennox 2014-08-12 11:10:17 +10:00
parent ad173e6795
commit b5a2087e28
1 changed files with 35 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
keystoneclient/access.py
View File

@ -33,35 +33,43 @@ class AccessInfo(dict):
"""
@classmethod
def factory(cls, resp=None, body=None, region_name=None, **kwargs):
def factory(cls, resp=None, body=None, region_name=None, auth_token=None,
**kwargs):
"""Create AccessInfo object given a successful auth response & body
or a user-provided dict.
"""
# FIXME(jamielennox): Passing region_name is deprecated. Provide an
# appropriate warning.
auth_ref = None
if body is not None or len(kwargs):
if AccessInfoV3.is_valid(body, **kwargs):
token = None
if resp:
token = resp.headers['X-Subject-Token']
if resp and not auth_token:
auth_token = resp.headers['X-Subject-Token']
# NOTE(jamielennox): these return AccessInfo because they
# already have auth_token installed on them.
if body:
if region_name:
body['token']['region_name'] = region_name
return AccessInfoV3(token, **body['token'])
return AccessInfoV3(auth_token, **body['token'])
else:
return AccessInfoV3(token, **kwargs)
return AccessInfoV3(auth_token, **kwargs)
elif AccessInfoV2.is_valid(body, **kwargs):
if body:
if region_name:
body['access']['region_name'] = region_name
return AccessInfoV2(**body['access'])
auth_ref = AccessInfoV2(**body['access'])
else:
return AccessInfoV2(**kwargs)
auth_ref = AccessInfoV2(**kwargs)
else:
raise NotImplementedError('Unrecognized auth response')
else:
return AccessInfoV2(**kwargs)
auth_ref = AccessInfoV2(**kwargs)
if auth_token:
auth_ref.auth_token = auth_token
return auth_ref
def __init__(self, *args, **kwargs):
super(AccessInfo, self).__init__(*args, **kwargs)
@ -110,7 +118,18 @@ class AccessInfo(dict):
:returns: str
"""
raise NotImplementedError()
return self['auth_token']
@auth_token.setter
def auth_token(self, value):
self['auth_token'] = value
@auth_token.deleter
def auth_token(self):
try:
del self['auth_token']
except KeyError:
pass
@property
def expires(self):
@ -395,9 +414,12 @@ class AccessInfoV2(AccessInfo):
def has_service_catalog(self):
return 'serviceCatalog' in self
@property
@AccessInfo.auth_token.getter
def auth_token(self):
return self['token']['id']
try:
return super(AccessInfoV2, self).auth_token
except KeyError:
return self['token']['id']
@property
def expires(self):
@ -568,7 +590,7 @@ class AccessInfoV3(AccessInfo):
token=token,
region_name=self._region_name)
if token:
self.update(auth_token=token)
self.auth_token = token
@classmethod
def is_valid(cls, body, **kwargs):
@ -582,10 +604,6 @@ class AccessInfoV3(AccessInfo):
def has_service_catalog(self):
return 'catalog' in self
@property
def auth_token(self):
return self['auth_token']
@property
def expires(self):
return timeutils.parse_isotime(self['expires_at'])