openstack/python-barbicanclient
Code Issues Proposed changes

Merge pull request #25 from craigtracey/insecure

Browse Source 
Adding the --insecure cli argument
This commit is contained in:
Douglas Mendizabal
2013-11-21 11:00:08 -08:00
parent 297120ce1b 0e4fc55097
commit 0e2a97982a
3 changed files with 26 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
barbicanclient/client.py
View File

@@ -50,7 +50,8 @@ class HTTPAuthError(HTTPError):
class Client(object):
def __init__(self, auth_plugin=None, endpoint=None, tenant_id=None):
def __init__(self, auth_plugin=None, endpoint=None, tenant_id=None,
insecure=False):
"""
Barbican client object used to interact with barbican service.
@@ -66,6 +67,7 @@ class Client(object):
LOG.debug(_("Creating Client object"))
self._session = requests.Session()
self.verify = not insecure
self.auth_plugin = auth_plugin
if self.auth_plugin is not None:
@@ -93,23 +95,25 @@ class Client(object):
def get(self, href, params=None):
headers = {'Accept': 'application/json'}
resp = self._session.get(href, params=params, headers=headers)
resp = self._session.get(href, params=params, headers=headers,
verify=self.verify)
self._check_status_code(resp)
return resp.json()
def get_raw(self, href, headers):
resp = self._session.get(href, headers=headers)
resp = self._session.get(href, headers=headers, verify=self.verify)
self._check_status_code(resp)
return resp.content
def delete(self, href):
resp = self._session.delete(href)
resp = self._session.delete(href, verify=self.verify)
self._check_status_code(resp)
def post(self, path, data):
url = '{0}/{1}/'.format(self.base_url, path)
headers = {'content-type': 'application/json'}
resp = self._session.post(url, data=json.dumps(data), headers=headers)
resp = self._session.post(url, data=json.dumps(data), headers=headers,
verify=self.verify)
self._check_status_code(resp)
return resp.json()

5
barbicanclient/common/auth.py
View File

@@ -24,14 +24,15 @@ class AuthException(Exception):
class KeystoneAuthV2(object):
def __init__(self, auth_url='', username='', password='',
tenant_name='', tenant_id=''):
tenant_name='', tenant_id='', insecure=False):
if not all([auth_url, username, password, tenant_name or tenant_id]):
raise ValueError('Please provide auth_url, username, password,'
' and tenant_id or tenant_name)')
self._keystone = ksclient.Client(username=username,
password=password,
tenant_name=tenant_name,
auth_url=auth_url)
auth_url=auth_url,
insecure=insecure)
self._barbican_url = None
#TODO(dmend): make these configurable
self._service_type = 'keystore'

17
barbicanclient/keep.py
View File

@@ -71,6 +71,14 @@ class Keep:
metavar='<barbican-url>',
default=client.env('BARBICAN_ENDPOINT'),
help='Defaults to env[BARBICAN_ENDPOINT].')
parser.add_argument('--insecure',
default=False,
action="store_true",
help='Explicitly allow barbicanclient to perform '
'"insecure" TLS (https) requests. The '
'server\'s certificate will not be verified '
'against any certificate authorities. This '
'option should be used with caution.')
return parser
def _add_create_args(self):
@@ -227,18 +235,21 @@ class Keep:
args = self.parser.parse_args(kwargs.get('argv'))
if args.no_auth:
self.client = client.Client(endpoint=args.endpoint,
tenant_id=args.os_tenant_id)
tenant_id=args.os_tenant_id,
insecure=args.insecure)
elif all([args.os_auth_url, args.os_username, args.os_password,
args.os_tenant_name]):
self._keystone = auth.KeystoneAuthV2(
auth_url=args.os_auth_url,
username=args.os_username,
password=args.os_password,
tenant_name=args.os_tenant_name
tenant_name=args.os_tenant_name,
insecure=args.insecure
)
self.client = client.Client(auth_plugin=self._keystone,
endpoint=args.endpoint,
tenant_id=args.os_tenant_id)
tenant_id=args.os_tenant_id,
insecure=args.insecure)
else:
self.parser.exit(
status=1,