openstack/python-keystoneclient
Code Issues Proposed changes

Surface the user_id and project_id beyond the plugin

Browse Source 
Having the user_id and project_id exposed in the plugin is a good first
step however we don't really expect the user to be interacting with the
plugins directly often - particularly as you need to pass session to the
methods.

Exposing get_user_id and get_project_id on the session and the adapter
in this way is very similar to the way we expose get_token and
get_endpoint on the session and adapter for use higher up.

Related-Bug: #1364724
Change-Id: If2f868c3ddc19133f18446e74f8e1b560a4798fa
This commit is contained in:
Jamie Lennox
2014-10-30 15:12:05 +01:00
parent eaab62aca5
commit 496a0efc43
3 changed files with 104 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
keystoneclient/adapter.py
View File

@@ -126,6 +126,40 @@ class Adapter(object):
"""Invalidate an authentication plugin.""" """Invalidate an authentication plugin."""
return self.session.invalidate(auth or self.auth) return self.session.invalidate(auth or self.auth)
def get_user_id(self, auth=None):
"""Return the authenticated user_id as provided by the auth plugin.
:param auth: The auth plugin to use for token. Overrides the plugin
on the session. (optional)
:type auth: keystoneclient.auth.base.BaseAuthPlugin
:raises keystoneclient.exceptions.AuthorizationFailure:
if a new token fetch fails.
:raises keystoneclient.exceptions.MissingAuthPlugin:
if a plugin is not available.
:returns: Current `user_id` or None if not supported by plugin.
:rtype: string
"""
return self.session.get_user_id(auth or self.auth)
def get_project_id(self, auth=None):
"""Return the authenticated project_id as provided by the auth plugin.
:param auth: The auth plugin to use for token. Overrides the plugin
on the session. (optional)
:type auth: keystoneclient.auth.base.BaseAuthPlugin
:raises keystoneclient.exceptions.AuthorizationFailure:
if a new token fetch fails.
:raises keystoneclient.exceptions.MissingAuthPlugin:
if a plugin is not available.
:returns: Current `project_id` or None if not supported by plugin.
:rtype: string
"""
return self.session.get_project_id(auth or self.auth)
def get(self, url, **kwargs): def get(self, url, **kwargs):
return self.request(url, 'GET', **kwargs) return self.request(url, 'GET', **kwargs)

67
keystoneclient/session.py
View File

@@ -549,6 +549,16 @@ class Session(object):
return cls(verify=verify, cert=cert, **kwargs) return cls(verify=verify, cert=cert, **kwargs)
def _auth_required(self, auth, msg):
if not auth:
auth = self.auth
if not auth:
msg_fmt = _('An auth plugin is required to %s')
raise exceptions.MissingAuthPlugin(msg_fmt % msg)
return auth
def get_token(self, auth=None): def get_token(self, auth=None):
"""Return a token as provided by the auth plugin. """Return a token as provided by the auth plugin.
@@ -564,11 +574,7 @@ class Session(object):
:returns: A valid token. :returns: A valid token.
:rtype: string :rtype: string
""" """
if not auth: auth = self._auth_required(auth, 'fetch a token')
auth = self.auth
if not auth:
raise exceptions.MissingAuthPlugin(_("Token Required"))
try: try:
return auth.get_token(self) return auth.get_token(self)
@@ -589,14 +595,7 @@ class Session(object):
:returns: An endpoint if available or None. :returns: An endpoint if available or None.
:rtype: string :rtype: string
""" """
if not auth: auth = self._auth_required(auth, 'determine endpoint URL')
auth = self.auth
if not auth:
raise exceptions.MissingAuthPlugin(
_('An auth plugin is required to determine the endpoint '
'URL.'))
return auth.get_endpoint(self, **kwargs) return auth.get_endpoint(self, **kwargs)
def invalidate(self, auth=None): def invalidate(self, auth=None):
@@ -607,15 +606,43 @@ class Session(object):
:type auth: :py:class:`keystoneclient.auth.base.BaseAuthPlugin` :type auth: :py:class:`keystoneclient.auth.base.BaseAuthPlugin`
""" """
if not auth: auth = self._auth_required(auth, 'validate')
auth = self.auth
if not auth:
msg = _('Auth plugin not available to invalidate')
raise exceptions.MissingAuthPlugin(msg)
return auth.invalidate() return auth.invalidate()
def get_user_id(self, auth=None):
"""Return the authenticated user_id as provided by the auth plugin.
:param auth: The auth plugin to use for token. Overrides the plugin
on the session. (optional)
:type auth: keystoneclient.auth.base.BaseAuthPlugin
:raises keystoneclient.exceptions.AuthorizationFailure:
if a new token fetch fails.
:raises keystoneclient.exceptions.MissingAuthPlugin:
if a plugin is not available.
:returns string: Current user_id or None if not supported by plugin.
"""
auth = self._auth_required(auth, 'get user_id')
return auth.get_user_id(self)
def get_project_id(self, auth=None):
"""Return the authenticated project_id as provided by the auth plugin.
:param auth: The auth plugin to use for token. Overrides the plugin
on the session. (optional)
:type auth: keystoneclient.auth.base.BaseAuthPlugin
:raises keystoneclient.exceptions.AuthorizationFailure:
if a new token fetch fails.
:raises keystoneclient.exceptions.MissingAuthPlugin:
if a plugin is not available.
:returns string: Current project_id or None if not supported by plugin.
"""
auth = self._auth_required(auth, 'get project_id')
return auth.get_project_id(self)
@utils.positional.classmethod() @utils.positional.classmethod()
def get_conf_options(cls, deprecated_opts=None): def get_conf_options(cls, deprecated_opts=None):
"""Get the oslo.config options that are needed for a """Get the oslo.config options that are needed for a

23
keystoneclient/tests/test_session.py
View File

@@ -321,6 +321,8 @@ class AuthPlugin(base.BaseAuthPlugin):
""" """
TEST_TOKEN = 'aToken' TEST_TOKEN = 'aToken'
TEST_USER_ID = 'aUser'
TEST_PROJECT_ID = 'aProject'
SERVICE_URLS = { SERVICE_URLS = {
'identity': {'public': 'http://identity-public:1111/v2.0', 'identity': {'public': 'http://identity-public:1111/v2.0',
@@ -348,6 +350,12 @@ class AuthPlugin(base.BaseAuthPlugin):
def invalidate(self): def invalidate(self):
return self._invalidate return self._invalidate
def get_user_id(self, session):
return self.TEST_USER_ID
def get_project_id(self, session):
return self.TEST_PROJECT_ID
class CalledAuthPlugin(base.BaseAuthPlugin): class CalledAuthPlugin(base.BaseAuthPlugin):
@@ -582,6 +590,13 @@ class SessionAuthTests(utils.TestCase):
self.assertTrue(auth.get_token_called) self.assertTrue(auth.get_token_called)
self.assertFalse(auth.get_endpoint_called) self.assertFalse(auth.get_endpoint_called)
def test_user_and_project_id(self):
auth = AuthPlugin()
sess = client_session.Session(auth=auth)
self.assertEqual(auth.TEST_USER_ID, sess.get_user_id())
self.assertEqual(auth.TEST_PROJECT_ID, sess.get_project_id())
class AdapterTest(utils.TestCase): class AdapterTest(utils.TestCase):
@@ -737,6 +752,14 @@ class AdapterTest(utils.TestCase):
self.assertThat(self.requests.request_history, self.assertThat(self.requests.request_history,
matchers.HasLength(retries + 1)) matchers.HasLength(retries + 1))
def test_user_and_project_id(self):
auth = AuthPlugin()
sess = client_session.Session()
adpt = adapter.Adapter(sess, auth=auth)
self.assertEqual(auth.TEST_USER_ID, adpt.get_user_id())
self.assertEqual(auth.TEST_PROJECT_ID, adpt.get_project_id())
class ConfLoadingTests(utils.TestCase): class ConfLoadingTests(utils.TestCase):