Merge "Use AuthRef for some client fields"
This commit is contained in:
Jenkins
@@ -18,7 +18,7 @@
|
|||||||
import datetime
|
import datetime
|
||||||
|
|
||||||
from keystoneclient.openstack.common import timeutils
|
from keystoneclient.openstack.common import timeutils
|
||||||
|
from keystoneclient import service_catalog
|
||||||
|
|
||||||
# gap, in seconds, to determine whether the given token is about to expire
|
# gap, in seconds, to determine whether the given token is about to expire
|
||||||
STALE_TOKEN_DURATION = 30
|
STALE_TOKEN_DURATION = 30
|
||||||
@@ -28,6 +28,14 @@ class AccessInfo(dict):
|
|||||||
"""An object for encapsulating a raw authentication token from keystone
|
"""An object for encapsulating a raw authentication token from keystone
|
||||||
and helper methods for extracting useful values from that token."""
|
and helper methods for extracting useful values from that token."""
|
||||||
|
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
super(AccessInfo, self).__init__(*args, **kwargs)
|
||||||
|
self.service_catalog = service_catalog.ServiceCatalog(
|
||||||
|
resource_dict=self, region_name=self.get('region_name'))
|
||||||
|
|
||||||
|
def has_service_catalog(self):
|
||||||
|
return 'serviceCatalog' in self
|
||||||
|
|
||||||
def will_expire_soon(self, stale_duration=None):
|
def will_expire_soon(self, stale_duration=None):
|
||||||
""" Determines if expiration is about to occur.
|
""" Determines if expiration is about to occur.
|
||||||
|
|
||||||
|
|||||||
@@ -324,6 +324,15 @@ class HTTPClient(object):
|
|||||||
def serialize(self, entity):
|
def serialize(self, entity):
|
||||||
return json.dumps(entity)
|
return json.dumps(entity)
|
||||||
|
|
||||||
|
@property
|
||||||
|
def service_catalog(self):
|
||||||
|
"""Returns this client's service catalog."""
|
||||||
|
return self.auth_ref.service_catalog
|
||||||
|
|
||||||
|
def has_service_catalog(self):
|
||||||
|
"""Returns True if this client provides a service catalog."""
|
||||||
|
return self.auth_ref.has_service_catalog()
|
||||||
|
|
||||||
def request(self, url, method, **kwargs):
|
def request(self, url, method, **kwargs):
|
||||||
""" Send an http request with the specified characteristics.
|
""" Send an http request with the specified characteristics.
|
||||||
|
|
||||||
|
|||||||
@@ -16,7 +16,6 @@ import logging
|
|||||||
|
|
||||||
from keystoneclient import client
|
from keystoneclient import client
|
||||||
from keystoneclient import exceptions
|
from keystoneclient import exceptions
|
||||||
from keystoneclient import service_catalog
|
|
||||||
from keystoneclient.v2_0 import ec2
|
from keystoneclient.v2_0 import ec2
|
||||||
from keystoneclient.v2_0 import endpoints
|
from keystoneclient.v2_0 import endpoints
|
||||||
from keystoneclient.v2_0 import roles
|
from keystoneclient.v2_0 import roles
|
||||||
@@ -133,11 +132,6 @@ class Client(client.HTTPClient):
|
|||||||
if self.management_url is None:
|
if self.management_url is None:
|
||||||
self.authenticate()
|
self.authenticate()
|
||||||
|
|
||||||
#TODO(heckj): move to a method on auth_ref
|
|
||||||
def has_service_catalog(self):
|
|
||||||
"""Returns True if this client provides a service catalog."""
|
|
||||||
return hasattr(self, 'service_catalog')
|
|
||||||
|
|
||||||
def process_token(self):
|
def process_token(self):
|
||||||
""" Extract and process information from the new auth_ref.
|
""" Extract and process information from the new auth_ref.
|
||||||
|
|
||||||
@@ -147,12 +141,20 @@ class Client(client.HTTPClient):
|
|||||||
# list of tenants for introspection, and leave to client user
|
# list of tenants for introspection, and leave to client user
|
||||||
# to determine what to do. Otherwise, load up the service catalog
|
# to determine what to do. Otherwise, load up the service catalog
|
||||||
if self.auth_ref.scoped:
|
if self.auth_ref.scoped:
|
||||||
|
if not self.auth_ref.tenant_id:
|
||||||
|
raise exceptions.AuthorizationFailure(
|
||||||
|
"Token didn't provide tenant_id")
|
||||||
|
if not self.auth_ref.user_id:
|
||||||
|
raise exceptions.AuthorizationFailure(
|
||||||
|
"Token didn't provide user_id")
|
||||||
if self.management_url is None and self.auth_ref.management_url:
|
if self.management_url is None and self.auth_ref.management_url:
|
||||||
self.management_url = self.auth_ref.management_url[0]
|
self.management_url = self.auth_ref.management_url[0]
|
||||||
self.tenant_name = self.auth_ref.tenant_name
|
self.tenant_name = self.auth_ref.tenant_name
|
||||||
self.tenant_id = self.auth_ref.tenant_id
|
self.tenant_id = self.auth_ref.tenant_id
|
||||||
self.user_id = self.auth_ref.user_id
|
self.user_id = self.auth_ref.user_id
|
||||||
self._extract_service_catalog(self.auth_url, self.auth_ref)
|
|
||||||
|
self.auth_user_id = self.auth_ref.user_id
|
||||||
|
self.auth_tenant_id = self.auth_ref.tenant_id
|
||||||
|
|
||||||
def get_raw_token_from_identity_service(self, auth_url, username=None,
|
def get_raw_token_from_identity_service(self, auth_url, username=None,
|
||||||
password=None, tenant_name=None,
|
password=None, tenant_name=None,
|
||||||
@@ -201,17 +203,3 @@ class Client(client.HTTPClient):
|
|||||||
params['auth']['tenantName'] = tenant_name
|
params['auth']['tenantName'] = tenant_name
|
||||||
resp, body = self.request(url, 'POST', body=params, headers=headers)
|
resp, body = self.request(url, 'POST', body=params, headers=headers)
|
||||||
return body['access']
|
return body['access']
|
||||||
|
|
||||||
# TODO(heckj): remove entirely in favor of access.AccessInfo and
|
|
||||||
# associated methods
|
|
||||||
def _extract_service_catalog(self, url, body):
|
|
||||||
""" Set the client's service catalog from the response data. """
|
|
||||||
self.service_catalog = service_catalog.ServiceCatalog(
|
|
||||||
body, region_name=self.region_name)
|
|
||||||
try:
|
|
||||||
sc = self.service_catalog.get_token()
|
|
||||||
# Save these since we have them and they'll be useful later
|
|
||||||
self.auth_tenant_id = sc.get('tenant_id')
|
|
||||||
self.auth_user_id = sc.get('user_id')
|
|
||||||
except KeyError:
|
|
||||||
raise exceptions.AuthorizationFailure()
|
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ wrong the tests might raise AssertionError. I've indicated in comments the
|
|||||||
places where actual behavior differs from the spec.
|
places where actual behavior differs from the spec.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
from keystoneclient import service_catalog
|
from keystoneclient import access
|
||||||
|
|
||||||
|
|
||||||
def assert_has_keys(dict, required=[], optional=[]):
|
def assert_has_keys(dict, required=[], optional=[]):
|
||||||
@@ -67,7 +67,7 @@ class FakeClient(object):
|
|||||||
cl_obj.auth_user_id = '1'
|
cl_obj.auth_user_id = '1'
|
||||||
cl_obj.tenant_id = '1'
|
cl_obj.tenant_id = '1'
|
||||||
cl_obj.auth_tenant_id = '1'
|
cl_obj.auth_tenant_id = '1'
|
||||||
cl_obj.service_catalog = service_catalog.ServiceCatalog({
|
cl_obj.auth_ref = access.AccessInfo({
|
||||||
"token": {
|
"token": {
|
||||||
"expires": "2012-02-05T00:00:00",
|
"expires": "2012-02-05T00:00:00",
|
||||||
"id": "887665443383838",
|
"id": "887665443383838",
|
||||||
|
|||||||
Reference in New Issue
Block a user