From d4a4acecbe2cb173e4dc3b355c8d9f90212c5e9c Mon Sep 17 00:00:00 2001 From: Jamie Lennox Date: Wed, 11 Mar 2015 12:57:22 +1100 Subject: [PATCH] Split v3 authentication file into module The V3 authentication plugins file contained the existing plugins as well as the base class. As we look to add new plugins it is simpler if we break this file up. Change-Id: I42b222a2012ea10491450d6b91c2008178dc7671 --- keystoneclient/auth/identity/v3/__init__.py | 26 ++++ .../auth/identity/{v3.py => v3/base.py} | 119 +----------------- keystoneclient/auth/identity/v3/password.py | 88 +++++++++++++ keystoneclient/auth/identity/v3/token.py | 65 ++++++++++ .../tests/unit/auth/test_identity_v3.py | 6 + .../tests/unit/auth/test_password.py | 5 + keystoneclient/tests/unit/auth/test_token.py | 5 + 7 files changed, 197 insertions(+), 117 deletions(-) create mode 100644 keystoneclient/auth/identity/v3/__init__.py rename keystoneclient/auth/identity/{v3.py => v3/base.py} (66%) create mode 100644 keystoneclient/auth/identity/v3/password.py create mode 100644 keystoneclient/auth/identity/v3/token.py diff --git a/keystoneclient/auth/identity/v3/__init__.py b/keystoneclient/auth/identity/v3/__init__.py new file mode 100644 index 000000000..61e38c32d --- /dev/null +++ b/keystoneclient/auth/identity/v3/__init__.py @@ -0,0 +1,26 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from keystoneclient.auth.identity.v3.base import * # noqa +from keystoneclient.auth.identity.v3.password import * # noqa +from keystoneclient.auth.identity.v3.token import * # noqa + + +__all__ = ['Auth', + 'AuthConstructor', + 'AuthMethod', + + 'Password', + 'PasswordMethod', + + 'Token', + 'TokenMethod'] diff --git a/keystoneclient/auth/identity/v3.py b/keystoneclient/auth/identity/v3/base.py similarity index 66% rename from keystoneclient/auth/identity/v3.py rename to keystoneclient/auth/identity/v3/base.py index 16ecba18c..d5bd51e34 100644 --- a/keystoneclient/auth/identity/v3.py +++ b/keystoneclient/auth/identity/v3/base.py @@ -24,6 +24,8 @@ from keystoneclient import utils _logger = logging.getLogger(__name__) +__all__ = ['Auth', 'AuthMethod', 'AuthConstructor'] + class Auth(base.BaseIdentityPlugin): """Identity V3 Authentication Plugin. @@ -213,120 +215,3 @@ class AuthConstructor(Auth): method_kwargs = self._auth_method_class._extract_kwargs(kwargs) method = self._auth_method_class(*args, **method_kwargs) super(AuthConstructor, self).__init__(auth_url, [method], **kwargs) - - -class PasswordMethod(AuthMethod): - """Construct a User/Password based authentication method. - - :param string password: Password for authentication. - :param string username: Username for authentication. - :param string user_id: User ID for authentication. - :param string user_domain_id: User's domain ID for authentication. - :param string user_domain_name: User's domain name for authentication. - """ - - _method_parameters = ['user_id', - 'username', - 'user_domain_id', - 'user_domain_name', - 'password'] - - def get_auth_data(self, session, auth, headers, **kwargs): - user = {'password': self.password} - - if self.user_id: - user['id'] = self.user_id - elif self.username: - user['name'] = self.username - - if self.user_domain_id: - user['domain'] = {'id': self.user_domain_id} - elif self.user_domain_name: - user['domain'] = {'name': self.user_domain_name} - - return 'password', {'user': user} - - -class Password(AuthConstructor): - """A plugin for authenticating with a username and password. - - :param string auth_url: Identity service endpoint for authentication. - :param string password: Password for authentication. - :param string username: Username for authentication. - :param string user_id: User ID for authentication. - :param string user_domain_id: User's domain ID for authentication. - :param string user_domain_name: User's domain name for authentication. - :param string trust_id: Trust ID for trust scoping. - :param string domain_id: Domain ID for domain scoping. - :param string domain_name: Domain name for domain scoping. - :param string project_id: Project ID for project scoping. - :param string project_name: Project name for project scoping. - :param string project_domain_id: Project's domain ID for project. - :param string project_domain_name: Project's domain name for project. - :param bool reauthenticate: Allow fetching a new token if the current one - is going to expire. (optional) default True - """ - - _auth_method_class = PasswordMethod - - @classmethod - def get_options(cls): - options = super(Password, cls).get_options() - - options.extend([ - cfg.StrOpt('user-id', help='User ID'), - cfg.StrOpt('user-name', dest='username', help='Username', - deprecated_name='username'), - cfg.StrOpt('user-domain-id', help="User's domain id"), - cfg.StrOpt('user-domain-name', help="User's domain name"), - cfg.StrOpt('password', secret=True, help="User's password"), - ]) - - return options - - -class TokenMethod(AuthMethod): - """Construct an Auth plugin to fetch a token from a token. - - :param string token: Token for authentication. - """ - - _method_parameters = ['token'] - - def get_auth_data(self, session, auth, headers, **kwargs): - headers['X-Auth-Token'] = self.token - return 'token', {'id': self.token} - - -class Token(AuthConstructor): - """A plugin for authenticating with an existing Token. - - :param string auth_url: Identity service endpoint for authentication. - :param string token: Token for authentication. - :param string trust_id: Trust ID for trust scoping. - :param string domain_id: Domain ID for domain scoping. - :param string domain_name: Domain name for domain scoping. - :param string project_id: Project ID for project scoping. - :param string project_name: Project name for project scoping. - :param string project_domain_id: Project's domain ID for project. - :param string project_domain_name: Project's domain name for project. - :param bool reauthenticate: Allow fetching a new token if the current one - is going to expire. (optional) default True - """ - - _auth_method_class = TokenMethod - - def __init__(self, auth_url, token, **kwargs): - super(Token, self).__init__(auth_url, token=token, **kwargs) - - @classmethod - def get_options(cls): - options = super(Token, cls).get_options() - - options.extend([ - cfg.StrOpt('token', - secret=True, - help='Token to authenticate with'), - ]) - - return options diff --git a/keystoneclient/auth/identity/v3/password.py b/keystoneclient/auth/identity/v3/password.py new file mode 100644 index 000000000..7e432faaf --- /dev/null +++ b/keystoneclient/auth/identity/v3/password.py @@ -0,0 +1,88 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from oslo_config import cfg + +from keystoneclient.auth.identity.v3 import base + + +__all__ = ['PasswordMethod', 'Password'] + + +class PasswordMethod(base.AuthMethod): + """Construct a User/Password based authentication method. + + :param string password: Password for authentication. + :param string username: Username for authentication. + :param string user_id: User ID for authentication. + :param string user_domain_id: User's domain ID for authentication. + :param string user_domain_name: User's domain name for authentication. + """ + + _method_parameters = ['user_id', + 'username', + 'user_domain_id', + 'user_domain_name', + 'password'] + + def get_auth_data(self, session, auth, headers, **kwargs): + user = {'password': self.password} + + if self.user_id: + user['id'] = self.user_id + elif self.username: + user['name'] = self.username + + if self.user_domain_id: + user['domain'] = {'id': self.user_domain_id} + elif self.user_domain_name: + user['domain'] = {'name': self.user_domain_name} + + return 'password', {'user': user} + + +class Password(base.AuthConstructor): + """A plugin for authenticating with a username and password. + + :param string auth_url: Identity service endpoint for authentication. + :param string password: Password for authentication. + :param string username: Username for authentication. + :param string user_id: User ID for authentication. + :param string user_domain_id: User's domain ID for authentication. + :param string user_domain_name: User's domain name for authentication. + :param string trust_id: Trust ID for trust scoping. + :param string domain_id: Domain ID for domain scoping. + :param string domain_name: Domain name for domain scoping. + :param string project_id: Project ID for project scoping. + :param string project_name: Project name for project scoping. + :param string project_domain_id: Project's domain ID for project. + :param string project_domain_name: Project's domain name for project. + :param bool reauthenticate: Allow fetching a new token if the current one + is going to expire. (optional) default True + """ + + _auth_method_class = PasswordMethod + + @classmethod + def get_options(cls): + options = super(Password, cls).get_options() + + options.extend([ + cfg.StrOpt('user-id', help='User ID'), + cfg.StrOpt('user-name', dest='username', help='Username', + deprecated_name='username'), + cfg.StrOpt('user-domain-id', help="User's domain id"), + cfg.StrOpt('user-domain-name', help="User's domain name"), + cfg.StrOpt('password', secret=True, help="User's password"), + ]) + + return options diff --git a/keystoneclient/auth/identity/v3/token.py b/keystoneclient/auth/identity/v3/token.py new file mode 100644 index 000000000..d92d3fcce --- /dev/null +++ b/keystoneclient/auth/identity/v3/token.py @@ -0,0 +1,65 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from oslo_config import cfg + +from keystoneclient.auth.identity.v3 import base + + +__all__ = ['TokenMethod', 'Token'] + + +class TokenMethod(base.AuthMethod): + """Construct an Auth plugin to fetch a token from a token. + + :param string token: Token for authentication. + """ + + _method_parameters = ['token'] + + def get_auth_data(self, session, auth, headers, **kwargs): + headers['X-Auth-Token'] = self.token + return 'token', {'id': self.token} + + +class Token(base.AuthConstructor): + """A plugin for authenticating with an existing Token. + + :param string auth_url: Identity service endpoint for authentication. + :param string token: Token for authentication. + :param string trust_id: Trust ID for trust scoping. + :param string domain_id: Domain ID for domain scoping. + :param string domain_name: Domain name for domain scoping. + :param string project_id: Project ID for project scoping. + :param string project_name: Project name for project scoping. + :param string project_domain_id: Project's domain ID for project. + :param string project_domain_name: Project's domain name for project. + :param bool reauthenticate: Allow fetching a new token if the current one + is going to expire. (optional) default True + """ + + _auth_method_class = TokenMethod + + def __init__(self, auth_url, token, **kwargs): + super(Token, self).__init__(auth_url, token=token, **kwargs) + + @classmethod + def get_options(cls): + options = super(Token, cls).get_options() + + options.extend([ + cfg.StrOpt('token', + secret=True, + help='Token to authenticate with'), + ]) + + return options diff --git a/keystoneclient/tests/unit/auth/test_identity_v3.py b/keystoneclient/tests/unit/auth/test_identity_v3.py index 29cbb0e5a..e7eed4094 100644 --- a/keystoneclient/tests/unit/auth/test_identity_v3.py +++ b/keystoneclient/tests/unit/auth/test_identity_v3.py @@ -15,6 +15,7 @@ import uuid from keystoneclient import access from keystoneclient.auth.identity import v3 +from keystoneclient.auth.identity.v3 import base as v3_base from keystoneclient import client from keystoneclient import exceptions from keystoneclient import fixture @@ -488,3 +489,8 @@ class V3IdentityPlugin(utils.TestCase): self.assertEqual(auth_url, a.token_url) self.assertEqual(auth_url + '?nocatalog', self.requests.last_request.url) + + def test_symbols(self): + self.assertIs(v3.AuthMethod, v3_base.AuthMethod) + self.assertIs(v3.AuthConstructor, v3_base.AuthConstructor) + self.assertIs(v3.Auth, v3_base.Auth) diff --git a/keystoneclient/tests/unit/auth/test_password.py b/keystoneclient/tests/unit/auth/test_password.py index c5067c09c..2891d8f6b 100644 --- a/keystoneclient/tests/unit/auth/test_password.py +++ b/keystoneclient/tests/unit/auth/test_password.py @@ -15,6 +15,7 @@ import uuid from keystoneclient.auth.identity.generic import password from keystoneclient.auth.identity import v2 from keystoneclient.auth.identity import v3 +from keystoneclient.auth.identity.v3 import password as v3_password from keystoneclient.tests.unit.auth import utils @@ -61,3 +62,7 @@ class PasswordTests(utils.GenericPluginTestCase): self.assertEqual(set(allowed_opts), set(opts)) self.assertEqual(len(allowed_opts), len(opts)) + + def test_symbols(self): + self.assertIs(v3.Password, v3_password.Password) + self.assertIs(v3.PasswordMethod, v3_password.PasswordMethod) diff --git a/keystoneclient/tests/unit/auth/test_token.py b/keystoneclient/tests/unit/auth/test_token.py index 928e2b219..ce4c1cdc6 100644 --- a/keystoneclient/tests/unit/auth/test_token.py +++ b/keystoneclient/tests/unit/auth/test_token.py @@ -15,6 +15,7 @@ import uuid from keystoneclient.auth.identity.generic import token from keystoneclient.auth.identity import v2 from keystoneclient.auth.identity import v3 +from keystoneclient.auth.identity.v3 import token as v3_token from keystoneclient.tests.unit.auth import utils @@ -45,3 +46,7 @@ class TokenTests(utils.GenericPluginTestCase): self.assertEqual(set(allowed_opts), set(opts)) self.assertEqual(len(allowed_opts), len(opts)) + + def test_symbols(self): + self.assertIs(v3.Token, v3_token.Token) + self.assertIs(v3.TokenMethod, v3_token.TokenMethod)