Commit Graph

668 Commits (581f4cd49301fa0918daa8c8f2091db022ffc1f7)

Author SHA1 Message Date
Jamie Lennox 581f4cd493 Change keystoneclient to keystoneauth in docs
This was simply the result of:

find -type f | xargs sed -i 's/keystoneclient/keystoneauth/g'
find -type f | xargs sed -i 's/python-keystoneauth/keystoneauth/g'

in the docs directory to fix the build failure.

Will look at a doc rewrite soon.

Change-Id: I05d4be12f31ea47e917dc79e50d17b174bf89938
8 years ago
Morgan Fainberg 49a223a370 Add doc data back in. This will be replaced by real doc data.
Change-Id: I59c11298a1d350a81a7298e9333da0c36e61a1a7
8 years ago
Morgan Fainberg faf52ea373 Fix namespace issues and remove tests for client-specific code
Client specific code has been removed, this cleans up the related
lingering tests and fixes further keystoneclient namespace issues.

Change-Id: I620865a71c216c4040956fa5dce9949654877526
8 years ago
Morgan Fainberg 3768b0537e update _discover to use keystoneauth namespace
Change-Id: I0b4d2641ed467dc6ed076fc45b87a64356f39825
8 years ago
Morgan Fainberg 01d3e0e33f Merge branch 'ksc_master'
Merge in history for
8 years ago
Morgan Fainberg 62a1ba9000 move keystoneclient/ to keystoneauth/
Change-Id: I46e4873c1765b3815d724584e4b56a09bab04f1a
8 years ago
Morgan Fainberg f70d313def Initial Split of python-keystoneclient to keystoneauth
Change-Id: Ib33d022506072749e23caf6d9defbcc9a65c8b48
8 years ago
Jenkins 0d0a57c963 Merge "Uncap library requirements for liberty" 8 years ago
Jenkins 7d4aa37457 Merge "Make process_header private" 8 years ago
Doug Hellmann ea0bcb5370 Uncap library requirements for liberty
Change-Id: Iedcc83c838ba91de90ab089728e6d0cde371394d
Depends-On: Ib948b756b8e6ca47a4c9c44c48031e54b7386a06
8 years ago
Jamie Lennox 93c34309b3 Make process_header private
This should never have been added in a public way. I feel we are ok
making this private as there is no public use i can foresee.

Change-Id: Ib95365a11fa21146d51bea103c7709943aafdae8
8 years ago
Jamie Lennox af6f1924eb Increase minimum token life required
MIN_TOKEN_LIFE_SECONDS is the number of seconds that the token provided
must be valid for to be used when making authentication requests. 1
second has always been a dumb number and was not based on any existing

Because a user token may be reused by a service to make requests on
behalf of a user if the token is valid when sent it may not be valid for
the life of the request.

2 minutes is also an arbitrary value, but it should allow plenty of time
for service requests to complete before being rejected.

Closes-Bug: #1441910
Change-Id: I395a0770e72d1ec7904e656ca382a5270f793a8b
8 years ago
Jenkins 746131c0ea Merge "Provide a generic auth plugin loader" 8 years ago
Jenkins a87b8da985 Merge "Return None for missing trust_id in fixture" 8 years ago
Jamie Lennox 91e67141bc Allow requesting an unscoped Token
The keystone server understands that specifying unscoped in the scope
section of an auth request means that it should ignore the
default_project_id of a user and return an unscoped token.

This is the client side change to allow requesting these tokens via an
auth plugin.

Change-Id: Iba5ebcea0bf0d8e5a31d552977276fc03e536c67
Implements: bp explicit-unscoped
8 years ago
Jenkins 19b3fd648e Merge "Expose audit_id via AccessInfo" 8 years ago
Jamie Lennox 01ac047e9e Expose audit_id via AccessInfo
The audit_id is now a standard part of the v2 and v3 tokens. Expose it
via AccessInfo so that it is usable for services and middleware.

Change-Id: I14ddcfee5434084ad9da73c384e6f456602fdd2b
Closes-Bug: #1437129
8 years ago
Jenkins 1c4a3c7779 Merge "Replace assertRaisesRegexp with assertRaisesRegex" 8 years ago
Victor Morales aef20a833e Replace assertRaisesRegexp with assertRaisesRegex
assertRaisesRegexp is raising a warning message that indicated the
function is going to be deprecated, use assertRaisesRegex instead.

Change-Id: Iff3b36ebec5d5d4b75c95c699ab76704d0053137
Closes-Bug: #1436957
8 years ago
OpenStack Proposal Bot 1f8d47e0bf Updated from global requirements
Change-Id: I499261729a8342a7dd733b3d4ff18cb5b86e946f
8 years ago
Jenkins b0dd0ce80d Merge "Add a FederatedBase v3 plugin" 8 years ago
Jamie Lennox 2a4095eef0 Return None for missing trust_id in fixture
If the trust_id is unset it raises a KeyError. This is unusual from a
python perspective (if nothing else it should be AttributeError) and
different to all the other attributes of the fixture.

Return None if no trust_id is set on the fixture.

Change-Id: I15d33d77027a188fa47df18387c4610908f8e2d2
8 years ago
Jenkins c6d33c441b Merge "Improve feedback message in SSL error" 8 years ago
Rodrigo Duarte Sousa 542195cbb8 Improve feedback message in SSL error
Adds the error message to give a hint to the user about
what happened.

Change-Id: I9ca56de8592e65194062038c81b468be72ffb2d9
Closes-Bug: 1297280
8 years ago
Jamie Lennox cd9c2f9b84 Add a FederatedBase v3 plugin
With the out of tree federation plugins going on extract the basic
federation workflow and required information that can be reused.

Change-Id: I6fdb3a5c6d9f3e1d6fa3425fd05809155effed1f
8 years ago
Jenkins 42178bd7c4 Merge "Rename requests mock object in testing" 8 years ago
Jenkins cfa2103fcc Merge "Allow passing logger object to request" 8 years ago
Jenkins fb350dcce3 Merge "Implements subtree_as_ids and parents_as_ids" 8 years ago
Jamie Lennox 66f59fb031 Rename requests mock object in testing
It has been mentioned a number of times that the self.requests naming
for the requests_mock object is confusing between whether you are
actually sending a request or are mocking a request.

Rename all entries of the requests object to requests_mock.

This cleans up a couple of entries where the older register_uri format
was being used in favour of using the HTTP method as the requests_mock

Change-Id: I315085b4088130b510f9dbd696011d983598372c
8 years ago
Jamie Lennox 2281a79f38 Provide a generic auth plugin loader
For keystonemiddleware, shade and other projects that do more
complicated option loading than simply CLI or CONF file provide a means
to load an auth plugin where options are discovered by a provided

This plugin is designed to work with the options as provided by
get_options rather than either the argparse or CONF registration

Use these as the default loading mechanism for the existing argparse and
CONF functions as it standardizes the mechanism between the two sources.

Change-Id: I15634ac30581c7aea14e709f12fb202570190f46
Closes-Bug: #1428900
8 years ago
Jamie Lennox 3e6fd8ab78 Extract BaseAuth out of Auth Plugin
The basic Auth plugin for v3 tokens makes the assumption that you need
to pass in some AuthMethod objects. This works well for most auth types
where you want the plugin to construct the auth request for you.

In the case of federation though we want to be able to have a rescoping
plugin that will return an auth_ref and not take any auth_methods as

Extract the most basic part of the Auth plugin into BaseAuth class that
Auth and federation plugins can both inherit from.

Change-Id: Ia8c8c614b8eb51170346ff5b1e20a1e7ebbb47de
8 years ago
Jamie Lennox 2dd985e403 Split v3 authentication file into module
The V3 authentication plugins file contained the existing plugins as
well as the base class. As we look to add new plugins it is simpler if
we break this file up.

Change-Id: I42b222a2012ea10491450d6b91c2008178dc7671
8 years ago
Jamie Lennox 4bde9ffb3a Allow passing logger object to request
It can become difficult to trace the client that created HTTP requests
as the logging all goes through the keystoneclient.session logger. Allow
passing the logger through the request function and make it able to be
set via the adapter so it can be set once per client instantiation.

Change-Id: Id45c315bee9a56f1c241210d667470751bf689d5
Closes-Bug: #1421868
8 years ago
Rodrigo Duarte Sousa 6d49acd13e Implements subtree_as_ids and parents_as_ids
This patch implements the new ways to get the project's hierarchy:
  'subtree_as_ids': If True, returns projects IDs down the hierarchy
                    as a structured dictionay.
  'parents_as_ids': If True, returns projects IDs up the hierarchy
                    as a structured dictionay.

Change-Id: Ia3afe994893dfca059cb8361f7ab1c14e28e1ad5
Implements: blueprint hierarchical-multitenancy-improvements
8 years ago
OpenStack Proposal Bot 4784c32c9b Updated from global requirements
Change-Id: I750e817d2ff4e464f36584e5fd298f8037bd84db
8 years ago
Jamie Lennox e2dad7d82c Allow handling multiple service_types
If the same service_type was mentioned in the catalog more than once
then only the last entry would be parsed and any possible other matches
would be lost.

This was something that novaclient used to do, and as we are pushing
sessions as the way that clients should all work we need to maintain
that compatibility.

Change-Id: I6964515ed1975bce1998897abfc02a1ec36e2584
Closes-Bug: #1425766
8 years ago
Jenkins 195d5214b0 Merge "Add default body for non-abstract empty methods" 8 years ago
Jenkins b61d6b6dbb Merge "Using correct keyword for region in v3" 8 years ago
OpenStack Proposal Bot 358729a84d Updated from global requirements
Change-Id: If749314fbad1c0e1c55614fed10e7211c62559af
8 years ago
lin-hua-cheng 55e574495b Add default body for non-abstract empty methods
Some non-abstract methods only have docstring with no content,
this just add a default content to those function.

Change-Id: Idcf5b9f6ed766d3bc1541e158bdd8e58b06223e2
8 years ago
Jenkins c140e073d2 Merge "Make remove_service_catalog private" 8 years ago
Jenkins 01ab4b9314 Merge "Create functional test base" 8 years ago
Jamie Lennox c419425c85 Create functional test base
Setup test runners to run unit tests by default and add a stub
functional test that we can get gating.

Change-Id: I6627925ab63340c880adc7c938a0b74faff47bc7
Implements: bp functional-testing
8 years ago
Brant Knudson 9ceb44c612 Ignore all failures removing catalog when logging token
Operations could fail if the response was logged and had a 'token'
field that's not a dict. The fix is to ignore all errors when
trying to remove the service catalog from the response.

Also, enhanced the service catalog removal code to support V2

Closes-Bug: 1420080
Change-Id: I35b971415744825e8e5f00f30dcf193d04ee699a
8 years ago
Sergey Kraynev b00c073679 Using correct keyword for region in v3
Keystone v3 and v2 have different keywords in endpoint
dictionary. This patch adds ability for keystone client for correct
work with old and new API.

Change-Id: I886b4c7ac3cbe08ac1b88f490e9ca92a90256961
Closes-Bug: #1364463
8 years ago
Jenkins f82f274f6b Merge "Move tests to the unit subdirectory" 8 years ago
Jamie Lennox 51e8842af2 Move tests to the unit subdirectory
Move all the existing tests to the unit/ subdirectory. This gives us
some room to add a functional/ directory later with other tests.

Change-Id: I0fb8d5b628eb8ee1f35f05f42d0c0ac9f285e8c3
Implements: functional-testing
8 years ago
Jenkins 5790f49dca Merge "Reference identity plugins from" 8 years ago
Jamie Lennox d55fdf0841 Make remove_service_catalog private
This is a utility function that is used for reducing the amount of data
that is logged. It shouldn't be a public function.

I think there is very little risk from this in terms of compatibility as
it was only added recently.

Change-Id: I003e9f11be478b1282ea9cf179f2dd13e1672a80
8 years ago
Jenkins a3fd4e8570 Merge "Change hacking check to verify all oslo imports" 8 years ago