openstack/python-ceilometerclient
Code Issues Proposed changes

Merge "Only token or creds are required."

Browse Source
This commit is contained in:
Jenkins
2016-01-13 20:40:55 +00:00
committed by Gerrit Code Review
parent 25517d0226 f0124b71d6
commit 8677de9ec7
2 changed files with 31 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
ceilometerclient/client.py
View File

@@ -71,6 +71,7 @@ def _get_keystone_session(**kwargs):
auth_url = kwargs.pop('auth_url', None) auth_url = kwargs.pop('auth_url', None)
project_id = kwargs.pop('project_id', None) project_id = kwargs.pop('project_id', None)
project_name = kwargs.pop('project_name', None) project_name = kwargs.pop('project_name', None)
token = kwargs['token']
timeout = kwargs.get('timeout') timeout = kwargs.get('timeout')
if insecure: if insecure:
@@ -100,7 +101,21 @@ def _get_keystone_session(**kwargs):
use_v3 = v3_auth_url and (use_domain or (not v2_auth_url)) use_v3 = v3_auth_url and (use_domain or (not v2_auth_url))
use_v2 = v2_auth_url and not use_domain use_v2 = v2_auth_url and not use_domain
if use_v3: if use_v3 and token:
auth = v3_auth.Token(
v3_auth_url,
token=token,
project_name=project_name,
project_id=project_id,
project_domain_name=project_domain_name,
project_domain_id=project_domain_id)
elif use_v2 and token:
auth = v2_auth.Token(
v2_auth_url,
token=token,
tenant_id=project_id,
tenant_name=project_name)
elif use_v3:
# the auth_url as v3 specified # the auth_url as v3 specified
# e.g. http://no.where:5000/v3 # e.g. http://no.where:5000/v3
# Keystone will return only v3 as viable option # Keystone will return only v3 as viable option
@@ -125,6 +140,7 @@ def _get_keystone_session(**kwargs):
kwargs.pop('password', None), kwargs.pop('password', None),
tenant_id=project_id, tenant_id=project_id,
tenant_name=project_name) tenant_name=project_name)
else: else:
raise exc.CommandError('Unable to determine the Keystone version ' raise exc.CommandError('Unable to determine the Keystone version '
'to authenticate with using the given ' 'to authenticate with using the given '
@@ -160,16 +176,20 @@ class AuthPlugin(auth.BaseAuthPlugin):
def __init__(self, auth_system=None, **kwargs): def __init__(self, auth_system=None, **kwargs):
self.opt_names.extend(self.common_opt_names) self.opt_names.extend(self.common_opt_names)
super(AuthPlugin, self).__init__(auth_system, **kwargs) super(AuthPlugin, self).__init__(auth_system, **kwargs)
# NOTE(sileht): backward compat
if self.opts.get('auth_token') and not self.opts.get('token'):
self.opts['token'] = self.opts.get('auth_token')
def _do_authenticate(self, http_client): def _do_authenticate(self, http_client):
token = self.opts.get('token') or self.opts.get('auth_token') token = self.opts.get('token')
endpoint = self.opts.get('endpoint') endpoint = self.opts.get('endpoint')
if not (token and endpoint): if not (endpoint and token):
ks_kwargs = self._get_ks_kwargs(http_timeout=http_client.timeout) ks_kwargs = self._get_ks_kwargs(http_timeout=http_client.timeout)
ks_session = _get_keystone_session(**ks_kwargs) ks_session = _get_keystone_session(**ks_kwargs)
token = lambda: ks_session.get_token() if not token:
endpoint = (self.opts.get('endpoint') or token = lambda: ks_session.get_token()
_get_endpoint(ks_session, **ks_kwargs)) if not endpoint:
endpoint = _get_endpoint(ks_session, **ks_kwargs)
self.opts['token'] = token self.opts['token'] = token
self.opts['endpoint'] = endpoint self.opts['endpoint'] = endpoint
@@ -178,6 +198,7 @@ class AuthPlugin(auth.BaseAuthPlugin):
self.opts.get('tenant_id')) self.opts.get('tenant_id'))
project_name = (self.opts.get('project_name') or project_name = (self.opts.get('project_name') or
self.opts.get('tenant_name')) self.opts.get('tenant_name'))
token = self.opts.get('token')
ks_kwargs = { ks_kwargs = {
'username': self.opts.get('username'), 'username': self.opts.get('username'),
'password': self.opts.get('password'), 'password': self.opts.get('password'),
@@ -198,6 +219,7 @@ class AuthPlugin(auth.BaseAuthPlugin):
'service_type': self.opts.get('service_type'), 'service_type': self.opts.get('service_type'),
'region_name': self.opts.get('region_name'), 'region_name': self.opts.get('region_name'),
'timeout': http_timeout, 'timeout': http_timeout,
'token': token() if callable(token) else token,
} }
return ks_kwargs return ks_kwargs
@@ -212,8 +234,7 @@ class AuthPlugin(auth.BaseAuthPlugin):
:raises: AuthPluginOptionsMissing :raises: AuthPluginOptionsMissing
""" """
has_token = self.opts.get('token') or self.opts.get('auth_token') has_token = self.opts.get('token')
no_auth = has_token and self.opts.get('endpoint')
has_project_domain_or_tenant = (self.opts.get('project_id') or has_project_domain_or_tenant = (self.opts.get('project_id') or
(self.opts.get('project_name') and (self.opts.get('project_name') and
(self.opts.get('user_domain_name') or (self.opts.get('user_domain_name') or
@@ -224,7 +245,7 @@ class AuthPlugin(auth.BaseAuthPlugin):
and has_project_domain_or_tenant and has_project_domain_or_tenant
and self.opts.get('password') and self.opts.get('password')
and self.opts.get('auth_url')) and self.opts.get('auth_url'))
missing = not (no_auth or has_credential) missing = not (has_token or has_credential)
if missing: if missing:
missing_opts = [] missing_opts = []
opts = ['token', 'endpoint', 'username', 'password', 'auth_url', opts = ['token', 'endpoint', 'username', 'password', 'auth_url',

2
ceilometerclient/tests/unit/test_client.py
View File

@@ -399,6 +399,6 @@ class ClientAuthTest(utils.BaseTestCase):
session_instance_mock = mock.MagicMock() session_instance_mock = mock.MagicMock()
session.return_value = session_instance_mock session.return_value = session_instance_mock
client = self.create_client(env) client = self.create_client(env)
client.auth_plugin.opts.pop('endpoint', None) client.auth_plugin.opts.pop('token', None)
self.assertRaises(exceptions.AuthPluginOptionsMissing, self.assertRaises(exceptions.AuthPluginOptionsMissing,
client.auth_plugin.sufficient_options) client.auth_plugin.sufficient_options)