openstack/python-keystoneclient
Code Issues Proposed changes

Merge "Allow v3 plugins to opt out of service catalog"

Browse Source
This commit is contained in:
Jenkins
2015-01-28 20:04:39 +00:00
committed by Gerrit Code Review
parent 245ab0a700 ed2858add1
commit e494e111c5
2 changed files with 30 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
keystoneclient/auth/identity/v3.py
View File

@@ -39,6 +39,8 @@ class Auth(base.BaseIdentityPlugin):
:param string project_domain_name: Project's domain name for project. :param string project_domain_name: Project's domain name for project.
:param bool reauthenticate: Allow fetching a new token if the current one :param bool reauthenticate: Allow fetching a new token if the current one
is going to expire. (optional) default True is going to expire. (optional) default True
:param bool include_catalog: Include the service catalog in the returned
token. (optional) default True.
""" """
@utils.positional() @utils.positional()
@@ -50,7 +52,8 @@ class Auth(base.BaseIdentityPlugin):
project_name=None, project_name=None,
project_domain_id=None, project_domain_id=None,
project_domain_name=None, project_domain_name=None,
reauthenticate=True): reauthenticate=True,
include_catalog=True):
super(Auth, self).__init__(auth_url=auth_url, super(Auth, self).__init__(auth_url=auth_url,
reauthenticate=reauthenticate) reauthenticate=reauthenticate)
@@ -62,6 +65,7 @@ class Auth(base.BaseIdentityPlugin):
self.project_name = project_name self.project_name = project_name
self.project_domain_id = project_domain_id self.project_domain_id = project_domain_id
self.project_domain_name = project_domain_name self.project_domain_name = project_domain_name
self.include_catalog = include_catalog
@property @property
def token_url(self): def token_url(self):
@@ -112,8 +116,14 @@ class Auth(base.BaseIdentityPlugin):
elif self.trust_id: elif self.trust_id:
body['auth']['scope'] = {'OS-TRUST:trust': {'id': self.trust_id}} body['auth']['scope'] = {'OS-TRUST:trust': {'id': self.trust_id}}
_logger.debug('Making authentication request to %s', self.token_url) # NOTE(jamielennox): we add nocatalog here rather than in token_url
resp = session.post(self.token_url, json=body, headers=headers, # directly as some federation plugins require the base token_url
token_url = self.token_url
if not self.include_catalog:
token_url += '?nocatalog'
_logger.debug('Making authentication request to %s', token_url)
resp = session.post(token_url, json=body, headers=headers,
authenticated=False, log=False, **rkwargs) authenticated=False, log=False, **rkwargs)
try: try:

17
keystoneclient/tests/auth/test_identity_v3.py
View File

@@ -451,3 +451,20 @@ class V3IdentityPlugin(utils.TestCase):
self.assertEqual(self.TEST_TOKEN, s.get_token()) self.assertEqual(self.TEST_TOKEN, s.get_token())
self.assertNotIn(password, self.logger.output) self.assertNotIn(password, self.logger.output)
def test_sends_nocatalog(self):
del self.TEST_RESPONSE_DICT['token']['catalog']
self.stub_auth(json=self.TEST_RESPONSE_DICT)
a = v3.Password(self.TEST_URL,
username=self.TEST_USER,
password=self.TEST_PASS,
include_catalog=False)
s = session.Session(auth=a)
s.get_token()
auth_url = self.TEST_URL + '/auth/tokens'
self.assertEqual(auth_url, a.token_url)
self.assertEqual(auth_url + '?nocatalog',
self.requests.last_request.url)