Add the 'auth' interface type
There are certain requests that will always want to be sent to the auth_url. Add a new interface type to the get_endpoint command of the base identity plugin such that if you ask for the 'auth' interface it will give you the auth_url. Implements: blueprint session-auth-endpoint Change-Id: If653970354b919fdd6e80c061611c3aad129c574
This commit is contained in:

committed by
Marek Denis

parent
1d7bd16711
commit
83bef7473d
@@ -18,6 +18,7 @@ from keystoneclient.auth.conf import * # noqa
|
||||
|
||||
__all__ = [
|
||||
# auth.base
|
||||
'AUTH_INTERFACE',
|
||||
'BaseAuthPlugin',
|
||||
'get_plugin_class',
|
||||
'PLUGIN_NAMESPACE',
|
||||
|
@@ -17,6 +17,11 @@ import stevedore
|
||||
|
||||
from keystoneclient import exceptions
|
||||
|
||||
# NOTE(jamielennox): The AUTH_INTERFACE is a special value that can be
|
||||
# requested from get_endpoint. If a plugin receives this as the value of
|
||||
# 'interface' it should return the initial URL that was passed to the plugin.
|
||||
AUTH_INTERFACE = object()
|
||||
|
||||
PLUGIN_NAMESPACE = 'keystoneclient.auth.plugin'
|
||||
|
||||
|
||||
|
@@ -125,8 +125,10 @@ class BaseIdentityPlugin(base.BaseAuthPlugin):
|
||||
for. This plugin will return None (failure)
|
||||
if service_type is not provided.
|
||||
:param string interface: The exposure of the endpoint. Should be
|
||||
`public`, `internal` or `admin`.
|
||||
Defaults to `public`.
|
||||
`public`, `internal`, `admin`, or `auth`.
|
||||
`auth` is special here to use the `auth_url`
|
||||
rather than a URL extracted from the service
|
||||
catalog. Defaults to `public`.
|
||||
:param string region_name: The region the endpoint should exist in.
|
||||
(optional)
|
||||
:param string service_name: The name of the service in the catalog.
|
||||
@@ -138,6 +140,13 @@ class BaseIdentityPlugin(base.BaseAuthPlugin):
|
||||
|
||||
:return string or None: A valid endpoint URL or None if not available.
|
||||
"""
|
||||
# NOTE(jamielennox): if you specifically ask for requests to be sent to
|
||||
# the auth url then we can ignore the rest of the checks. Typically if
|
||||
# you are asking for the auth endpoint it means that there is no
|
||||
# catalog to query anyway.
|
||||
if interface is base.AUTH_INTERFACE:
|
||||
return self.auth_url
|
||||
|
||||
if not service_type:
|
||||
LOG.warn('Plugin cannot return an endpoint without knowing the '
|
||||
'service type that is required. Add service_type to '
|
||||
|
@@ -268,7 +268,7 @@ class HTTPClient(baseclient.Client, base.BaseAuthPlugin):
|
||||
return self.auth_token_from_user
|
||||
|
||||
def get_endpoint(self, session, interface=None, **kwargs):
|
||||
if interface == 'public':
|
||||
if interface == 'public' or interface is base.AUTH_INTERFACE:
|
||||
return self.auth_url
|
||||
else:
|
||||
return self.management_url
|
||||
|
@@ -16,6 +16,7 @@ import uuid
|
||||
import httpretty
|
||||
import six
|
||||
|
||||
from keystoneclient.auth import base
|
||||
from keystoneclient.auth.identity import v2
|
||||
from keystoneclient.auth.identity import v3
|
||||
from keystoneclient.openstack.common import jsonutils
|
||||
@@ -208,6 +209,15 @@ class CommonIdentityTests(object):
|
||||
self.assertEqual(200, resp.status_code)
|
||||
self.assertEqual(body, resp.text)
|
||||
|
||||
def test_asking_for_auth_endpoint_ignores_checks(self):
|
||||
a = self.create_auth_plugin()
|
||||
s = session.Session(auth=a)
|
||||
|
||||
auth_url = s.get_endpoint(service_type='compute',
|
||||
interface=base.AUTH_INTERFACE)
|
||||
|
||||
self.assertEqual(self.TEST_URL, auth_url)
|
||||
|
||||
|
||||
class V3(CommonIdentityTests, utils.TestCase):
|
||||
|
||||
|
Reference in New Issue
Block a user