Support client generate literal ipv6 auth_uri base on auth_host
This patch is for fix bug 1208784. Support keystone client generate literal ipv6 auth_uri via provided auth_host, when the auth_uri is None. Fixes bug 1208784 Change-Id: I226881a35a74ef668d4cd1c6829a64c94ff185d9
This commit is contained in:
Dazhao
@@ -153,6 +153,7 @@ import tempfile
|
||||
import time
|
||||
import urllib
|
||||
|
||||
import netaddr
|
||||
import six
|
||||
|
||||
from keystoneclient.common import cms
|
||||
@@ -375,11 +376,16 @@ class AuthProtocol(object):
|
||||
'Configuring auth_uri to point to the public identity '
|
||||
'endpoint is required; clients may not be able to '
|
||||
'authenticate against an admin endpoint')
|
||||
|
||||
host = self.auth_host
|
||||
if netaddr.valid_ipv6(host):
|
||||
# Note(dzyu) it is an IPv6 address, so it needs to be wrapped
|
||||
# with '[]' to generate a valid IPv6 URL, based on
|
||||
# http://www.ietf.org/rfc/rfc2732.txt
|
||||
host = '[%s]' % host
|
||||
# FIXME(dolph): drop support for this fallback behavior as
|
||||
# documented in bug 1207517
|
||||
self.auth_uri = '%s://%s:%s' % (self.auth_protocol,
|
||||
self.auth_host,
|
||||
host,
|
||||
self.auth_port)
|
||||
|
||||
# SSL
|
||||
|
||||
@@ -397,6 +397,16 @@ class CommonAuthTokenMiddlewareTest(object):
|
||||
self.set_middleware(conf=conf)
|
||||
self.assertLastPath(None)
|
||||
|
||||
def test_init_by_ipv6Addr_auth_host(self):
|
||||
conf = {
|
||||
'auth_host': '2001:2013:1:f101::1',
|
||||
'auth_port': 1234,
|
||||
'auth_protocol': 'http',
|
||||
}
|
||||
self.set_middleware(conf=conf)
|
||||
expected_auth_uri = 'http://[2001:2013:1:f101::1]:1234'
|
||||
self.assertEqual(expected_auth_uri, self.middleware.auth_uri)
|
||||
|
||||
def assert_valid_request_200(self, token, with_catalog=True):
|
||||
req = webob.Request.blank('/')
|
||||
req.headers['X-Auth-Token'] = token
|
||||
|
||||
Reference in New Issue
Block a user