From d8193a5b914d8d49c566cbc23644622485206892 Mon Sep 17 00:00:00 2001 From: Douglas Mendizabal Date: Fri, 30 Aug 2013 23:00:34 -0500 Subject: [PATCH] Added KeystoneAuth class for auth stuff --- barbicanclient/common/auth.py | 44 +++++++++++++++++++++++++ barbicanclient/test/common/__init__.py | 0 barbicanclient/test/common/test_auth.py | 29 ++++++++++++++++ barbicanclient/test/test_client.py | 15 ++++++--- 4 files changed, 83 insertions(+), 5 deletions(-) create mode 100644 barbicanclient/test/common/__init__.py create mode 100644 barbicanclient/test/common/test_auth.py diff --git a/barbicanclient/common/auth.py b/barbicanclient/common/auth.py index 891f9d63..5498f5aa 100644 --- a/barbicanclient/common/auth.py +++ b/barbicanclient/common/auth.py @@ -68,3 +68,47 @@ def authenticate(auth_url, user, key, tenant, **kwargs): raise ClientException('Endpoint not found in service catalog') return endpoint, _ksclient.auth_token + + +class AuthException(Exception): + """Raised when authorization fails.""" + def __init__(self, message): + self.message = message + + +class KeystoneAuth(object): + def __init__(self, endpoint='', username='', password='', + tenant_name='', tenant_id=''): + if not all([endpoint, username, password, tenant_name or tenant_id]): + raise ValueError('Please provide endpoint, username, password,' + ' and tenant_id or tenant_name)') + self._keystone = ksclient.Client(username=username, + password=password, + tenant_name=tenant_name, + endpoint=endpoint) + self._barbican_url = None + #TODO(dmend): make these configurable + self._service_type = 'keystore' + self._endpoint_type = 'publicURL' + + @property + def auth_token(self): + return self._keystone.auth_token + + @property + def barbican_url(self): + if not self._barbican_url: + try: + self._barbican_url = self._keystone.service_catalog.url_for( + attr='region', + filter_value=self._keystone.region_name, + service_type=self._service_type, + endpoint_type=self._endpoint_type + ) + except exceptions.EmptyCatalog: + LOG.error('Keystone is reporting an empty catalog.') + raise AuthException('Empty keystone catalog.') + except exceptions.EndpointNotFound: + LOG.error('Barbican endpoint not found in keystone catalog.') + raise AuthException('Barbican endpoint not found.') + return self._barbican_url diff --git a/barbicanclient/test/common/__init__.py b/barbicanclient/test/common/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/barbicanclient/test/common/test_auth.py b/barbicanclient/test/common/test_auth.py new file mode 100644 index 00000000..8376d1b0 --- /dev/null +++ b/barbicanclient/test/common/test_auth.py @@ -0,0 +1,29 @@ +# Copyright (c) 2013 Rackspace, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +import unittest2 as unittest + +from barbicanclient.common import auth + + +class WhenTestingKeystoneAuthentication(unittest.TestCase): + def setUp(self): + self.keystone = auth.KeystoneAuth(endpoint='endpoint_url', + username='user', + password='password', + tenant_name='demo') + + def test_endpoint_username_password_tenant_are_required(self): + with self.assertRaises(ValueError): + keystone = auth.KeystoneAuth() diff --git a/barbicanclient/test/test_client.py b/barbicanclient/test/test_client.py index fb3986e3..8ef1e6bb 100644 --- a/barbicanclient/test/test_client.py +++ b/barbicanclient/test/test_client.py @@ -19,16 +19,21 @@ from mock import MagicMock import unittest2 as unittest from barbicanclient import client +from barbicanclient.common import auth from barbicanclient.common.exceptions import ClientException class WhenTestingClient(unittest.TestCase): def setUp(self): - self.auth_endpoint = 'https://keystone.com/v2' + self.auth_endpoint = 'https://localhost:5000/v2.0/' self.user = 'user' self.password = 'password' self.tenant = 'tenant' - + self.keystone = auth.KeystoneAuth(endpoint=self.auth_endpoint, + username=self.user, + password=self.password, + tenant_name=self.tenant) + self.key = 'key' self.endpoint = 'http://localhost:9311/v1/' self.auth_token = 'token' @@ -54,7 +59,7 @@ class WhenTestingClient(unittest.TestCase): 'req-6c19d09e-1167-445c-b435-d6b0818b59b9' } self.request.return_value.ok = True - self.client = client.Client(auth_endpoint=self.auth_endpoint, + self.client = client.Client(auth_endpoint=self.auth_endpoint, user=self.user, key=self.key, tenant=self.tenant, token=self.auth_token, @@ -102,8 +107,8 @@ class WhenTestingClient(unittest.TestCase): def test_should_raise_for_bad_args(self): with self.assertRaises(ClientException): - self.client = client.Client(auth=False, - auth_endpoint=None, + self.client = client.Client(auth=False, + auth_endpoint=None, user=self.user, key=self.key, tenant=self.tenant,