Add the 'auth' interface type
There are certain requests that will always want to be sent to the auth_url. Add a new interface type to the get_endpoint command of the base identity plugin such that if you ask for the 'auth' interface it will give you the auth_url. Implements: blueprint session-auth-endpoint Change-Id: If653970354b919fdd6e80c061611c3aad129c574
This commit is contained in:
		 Jamie Lennox
					Jamie Lennox
				
			
				
					committed by
					
						 Marek Denis
						Marek Denis
					
				
			
			
				
	
			
			
			 Marek Denis
						Marek Denis
					
				
			
						parent
						
							1d7bd16711
						
					
				
				
					commit
					83bef7473d
				
			| @@ -18,6 +18,7 @@ from keystoneclient.auth.conf import *  # noqa | ||||
|  | ||||
| __all__ = [ | ||||
|     # auth.base | ||||
|     'AUTH_INTERFACE', | ||||
|     'BaseAuthPlugin', | ||||
|     'get_plugin_class', | ||||
|     'PLUGIN_NAMESPACE', | ||||
|   | ||||
| @@ -17,6 +17,11 @@ import stevedore | ||||
|  | ||||
| from keystoneclient import exceptions | ||||
|  | ||||
| # NOTE(jamielennox): The AUTH_INTERFACE is a special value that can be | ||||
| # requested from get_endpoint. If a plugin receives this as the value of | ||||
| # 'interface' it should return the initial URL that was passed to the plugin. | ||||
| AUTH_INTERFACE = object() | ||||
|  | ||||
| PLUGIN_NAMESPACE = 'keystoneclient.auth.plugin' | ||||
|  | ||||
|  | ||||
|   | ||||
| @@ -125,8 +125,10 @@ class BaseIdentityPlugin(base.BaseAuthPlugin): | ||||
|                                     for. This plugin will return None (failure) | ||||
|                                     if service_type is not provided. | ||||
|         :param string interface: The exposure of the endpoint. Should be | ||||
|                                  `public`, `internal` or `admin`. | ||||
|                                  Defaults to `public`. | ||||
|                                  `public`, `internal`, `admin`, or `auth`. | ||||
|                                  `auth` is special here to use the `auth_url` | ||||
|                                  rather than a URL extracted from the service | ||||
|                                  catalog. Defaults to `public`. | ||||
|         :param string region_name: The region the endpoint should exist in. | ||||
|                                    (optional) | ||||
|         :param string service_name: The name of the service in the catalog. | ||||
| @@ -138,6 +140,13 @@ class BaseIdentityPlugin(base.BaseAuthPlugin): | ||||
|  | ||||
|         :return string or None: A valid endpoint URL or None if not available. | ||||
|         """ | ||||
|         # NOTE(jamielennox): if you specifically ask for requests to be sent to | ||||
|         # the auth url then we can ignore the rest of the checks. Typically if | ||||
|         # you are asking for the auth endpoint it means that there is no | ||||
|         # catalog to query anyway. | ||||
|         if interface is base.AUTH_INTERFACE: | ||||
|             return self.auth_url | ||||
|  | ||||
|         if not service_type: | ||||
|             LOG.warn('Plugin cannot return an endpoint without knowing the ' | ||||
|                      'service type that is required. Add service_type to ' | ||||
|   | ||||
| @@ -268,7 +268,7 @@ class HTTPClient(baseclient.Client, base.BaseAuthPlugin): | ||||
|             return self.auth_token_from_user | ||||
|  | ||||
|     def get_endpoint(self, session, interface=None, **kwargs): | ||||
|         if interface == 'public': | ||||
|         if interface == 'public' or interface is base.AUTH_INTERFACE: | ||||
|             return self.auth_url | ||||
|         else: | ||||
|             return self.management_url | ||||
|   | ||||
| @@ -16,6 +16,7 @@ import uuid | ||||
| import httpretty | ||||
| import six | ||||
|  | ||||
| from keystoneclient.auth import base | ||||
| from keystoneclient.auth.identity import v2 | ||||
| from keystoneclient.auth.identity import v3 | ||||
| from keystoneclient.openstack.common import jsonutils | ||||
| @@ -208,6 +209,15 @@ class CommonIdentityTests(object): | ||||
|         self.assertEqual(200, resp.status_code) | ||||
|         self.assertEqual(body, resp.text) | ||||
|  | ||||
|     def test_asking_for_auth_endpoint_ignores_checks(self): | ||||
|         a = self.create_auth_plugin() | ||||
|         s = session.Session(auth=a) | ||||
|  | ||||
|         auth_url = s.get_endpoint(service_type='compute', | ||||
|                                   interface=base.AUTH_INTERFACE) | ||||
|  | ||||
|         self.assertEqual(self.TEST_URL, auth_url) | ||||
|  | ||||
|  | ||||
| class V3(CommonIdentityTests, utils.TestCase): | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user