From 22228f526d6ea08b7006be1287afe959b93c23db Mon Sep 17 00:00:00 2001 From: Julien Danjou Date: Tue, 22 Jan 2013 15:25:33 +0100 Subject: [PATCH] Use TokenManager to get token Instead of implementing token retrieval twice, let's use the code provided by the TokenManger to get a token in raw format from Keystone. Change-Id: I769be118ee137580cabd5cabcf7843e7afe1e456 Signed-off-by: Julien Danjou --- keystoneclient/base.py | 5 +++-- keystoneclient/client.py | 15 +++++++------- keystoneclient/v2_0/client.py | 37 +++++++---------------------------- keystoneclient/v2_0/tokens.py | 11 ++--------- 4 files changed, 20 insertions(+), 48 deletions(-) diff --git a/keystoneclient/base.py b/keystoneclient/base.py index 712fbdccf..d90dd82ed 100644 --- a/keystoneclient/base.py +++ b/keystoneclient/base.py @@ -84,8 +84,9 @@ class Manager(object): resp, body = self.api.head(url) return resp.status_code == 204 - def _create(self, url, body, response_key, return_raw=False): - resp, body = self.api.post(url, body=body) + def _create(self, url, body, response_key, return_raw=False, + management=True): + resp, body = self.api.post(url, body=body, management=management) if return_raw: return body[response_key] return self.resource_class(self, body[response_key]) diff --git a/keystoneclient/client.py b/keystoneclient/client.py index e3c2ed55b..46ec25d99 100644 --- a/keystoneclient/client.py +++ b/keystoneclient/client.py @@ -144,7 +144,7 @@ class HTTPClient(object): del self.auth_token_from_user def authenticate(self, username=None, password=None, tenant_name=None, - tenant_id=None, auth_url=None, token=None): + tenant_id=None, token=None): """ Authenticate user. Uses the data provided at instantiation to authenticate against @@ -177,7 +177,6 @@ class HTTPClient(object): * if force_new_token is true """ - auth_url = auth_url or self.auth_url username = username or self.username password = password or self.password tenant_name = tenant_name or self.tenant_name @@ -189,7 +188,7 @@ class HTTPClient(object): and not self.auth_ref.will_expire_soon(self.stale_duration)): token = self.auth_ref.auth_token - (keyring_key, auth_ref) = self.get_auth_ref_from_keyring(auth_url, + (keyring_key, auth_ref) = self.get_auth_ref_from_keyring(self.auth_url, username, tenant_name, tenant_id, @@ -197,8 +196,7 @@ class HTTPClient(object): new_token_needed = False if auth_ref is None or self.force_new_token: new_token_needed = True - raw_token = self.get_raw_token_from_identity_service(auth_url, - username, + raw_token = self.get_raw_token_from_identity_service(username, password, tenant_name, tenant_id, @@ -402,8 +400,11 @@ class HTTPClient(object): url_to_use = self.management_url kwargs.setdefault('headers', {}) - if self.auth_token: - kwargs['headers']['X-Auth-Token'] = self.auth_token + if (self.auth_ref + and not self.auth_ref.will_expire_soon(self.stale_duration)): + kwargs['headers']['X-Auth-Token'] = self.auth_ref.auth_token + elif self.auth_token_from_user: + kwargs['headers']['X-Auth-Token'] = self.auth_token_from_user resp, body = self.request(url_to_use + url, method, **kwargs) diff --git a/keystoneclient/v2_0/client.py b/keystoneclient/v2_0/client.py index 03cb8f2e5..1d21f5474 100644 --- a/keystoneclient/v2_0/client.py +++ b/keystoneclient/v2_0/client.py @@ -154,7 +154,7 @@ class Client(client.HTTPClient): self.user_id = self.auth_ref.user_id self._extract_service_catalog(self.auth_url, self.auth_ref) - def get_raw_token_from_identity_service(self, auth_url, username=None, + def get_raw_token_from_identity_service(self, username=None, password=None, tenant_name=None, tenant_id=None, token=None): """ Authenticate against the Keystone API. @@ -166,12 +166,12 @@ class Client(client.HTTPClient): """ try: - return self._base_authN(auth_url, - username=username, - tenant_id=tenant_id, - tenant_name=tenant_name, - password=password, - token=token) + return self.tokens.authenticate(username=username, + tenant_id=tenant_id, + tenant_name=tenant_name, + password=password, + token=token, + return_raw=True) except (exceptions.AuthorizationFailure, exceptions.Unauthorized): _logger.debug("Authorization Failed.") raise @@ -179,29 +179,6 @@ class Client(client.HTTPClient): raise exceptions.AuthorizationFailure("Authorization Failed: " "%s" % e) - def _base_authN(self, auth_url, username=None, password=None, - tenant_name=None, tenant_id=None, token=None): - """ Takes a username, password, and optionally a tenant_id or - tenant_name to get an authentication token from keystone. - May also take a token and a tenant_id to re-scope a token - to a tenant.""" - headers = {} - url = auth_url + "/tokens" - if token: - headers['X-Auth-Token'] = token - params = {"auth": {"token": {"id": token}}} - elif username and password: - params = {"auth": {"passwordCredentials": {"username": username, - "password": password}}} - else: - raise ValueError('A username and password or token is required.') - if tenant_id: - params['auth']['tenantId'] = tenant_id - elif tenant_name: - params['auth']['tenantName'] = tenant_name - resp, body = self.request(url, 'POST', body=params, headers=headers) - return body['access'] - # TODO(heckj): remove entirely in favor of access.AccessInfo and # associated methods def _extract_service_catalog(self, url, body): diff --git a/keystoneclient/v2_0/tokens.py b/keystoneclient/v2_0/tokens.py index c129db771..1eb0f5d21 100644 --- a/keystoneclient/v2_0/tokens.py +++ b/keystoneclient/v2_0/tokens.py @@ -34,15 +34,8 @@ class TokenManager(base.ManagerWithFind): params['auth']['tenantId'] = tenant_id elif tenant_name: params['auth']['tenantName'] = tenant_name - reset = 0 - if self.api.management_url is None: - reset = 1 - self.api.management_url = self.api.auth_url - token_ref = self._create('/tokens', params, "access", - return_raw=return_raw) - if reset: - self.api.management_url = None - return token_ref + return self._create('/tokens', params, "access", + return_raw=return_raw, management=False) def delete(self, token): return self._delete("/tokens/%s" % base.getid(token))