openstack/python-mistralclient
Code Issues Proposed changes

Merge "Add support for auth against keystone on https"

Browse Source
This commit is contained in:
Jenkins
2015-02-11 11:21:13 +00:00
committed by Gerrit Code Review
parent 8a105d2637 aa94d5d271
commit 2b035bf0ae
5 changed files with 25 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@@ -32,6 +32,10 @@ If Mistral authentication is enabled, provide the information about OpenStack au
export OS_PASSWORD=secret export OS_PASSWORD=secret
export OS_MISTRAL_URL=http://<Mistral host>:8989/v2 (optional, by default URL=http://localhost:8989/v2) export OS_MISTRAL_URL=http://<Mistral host>:8989/v2 (optional, by default URL=http://localhost:8989/v2)
and in the case that you are authenticating against keystone over https:
export OS_CACERT=<path_to_ca_cert>
>***Note:** In client, we can use both Keystone auth versions - v2.0 and v3. But server supports only v3.* >***Note:** In client, we can use both Keystone auth versions - v2.0 and v3. But server supports only v3.*
To make sure Mistral client works, type: To make sure Mistral client works, type:

4
mistralclient/api/client.py
View File

@@ -21,7 +21,7 @@ from mistralclient.api.v2 import client as client_v2
def client(mistral_url=None, username=None, api_key=None, def client(mistral_url=None, username=None, api_key=None,
project_name=None, auth_url=None, project_id=None, project_name=None, auth_url=None, project_id=None,
endpoint_type='publicURL', service_type='workflow', endpoint_type='publicURL', service_type='workflow',
auth_token=None, user_id=None): auth_token=None, user_id=None, cacert=None):
if mistral_url and not isinstance(mistral_url, six.string_types): if mistral_url and not isinstance(mistral_url, six.string_types):
raise RuntimeError('Mistral url should be string') raise RuntimeError('Mistral url should be string')
@@ -41,7 +41,7 @@ def client(mistral_url=None, username=None, api_key=None,
auth_url=auth_url, project_id=project_id, auth_url=auth_url, project_id=project_id,
endpoint_type=endpoint_type, endpoint_type=endpoint_type,
service_type=service_type, auth_token=auth_token, service_type=service_type, auth_token=auth_token,
user_id=user_id) user_id=user_id, cacert=cacert)
def determine_client_version(mistral_url): def determine_client_version(mistral_url):

9
mistralclient/api/v1/client.py
View File

@@ -25,7 +25,7 @@ class Client(object):
def __init__(self, mistral_url=None, username=None, api_key=None, def __init__(self, mistral_url=None, username=None, api_key=None,
project_name=None, auth_url=None, project_id=None, project_name=None, auth_url=None, project_id=None,
endpoint_type='publicURL', service_type='workflow', endpoint_type='publicURL', service_type='workflow',
auth_token=None, user_id=None): auth_token=None, user_id=None, cacert=None):
if mistral_url and not isinstance(mistral_url, six.string_types): if mistral_url and not isinstance(mistral_url, six.string_types):
raise RuntimeError('Mistral url should be string') raise RuntimeError('Mistral url should be string')
@@ -35,7 +35,7 @@ class Client(object):
self.authenticate(mistral_url, username, api_key, self.authenticate(mistral_url, username, api_key,
project_name, auth_url, project_id, project_name, auth_url, project_id,
endpoint_type, service_type, auth_token, endpoint_type, service_type, auth_token,
user_id)) user_id, cacert))
if not mistral_url: if not mistral_url:
mistral_url = "http://localhost:8989/v1" mistral_url = "http://localhost:8989/v1"
@@ -53,7 +53,7 @@ class Client(object):
def authenticate(self, mistral_url=None, username=None, api_key=None, def authenticate(self, mistral_url=None, username=None, api_key=None,
project_name=None, auth_url=None, project_id=None, project_name=None, auth_url=None, project_id=None,
endpoint_type='publicURL', service_type='workflow', endpoint_type='publicURL', service_type='workflow',
auth_token=None, user_id=None): auth_token=None, user_id=None, cacert=None):
if (not (project_name or project_id) or if (not (project_name or project_id) or
not (isinstance(project_name, six.string_types) or not (isinstance(project_name, six.string_types) or
@@ -83,7 +83,8 @@ class Client(object):
tenant_id=project_id, tenant_id=project_id,
tenant_name=project_name, tenant_name=project_name,
auth_url=auth_url, auth_url=auth_url,
endpoint=auth_url) endpoint=auth_url,
cacert=cacert)
keystone.authenticate() keystone.authenticate()
token = keystone.auth_token token = keystone.auth_token

9
mistralclient/api/v2/client.py
View File

@@ -29,7 +29,7 @@ class Client(object):
def __init__(self, mistral_url=None, username=None, api_key=None, def __init__(self, mistral_url=None, username=None, api_key=None,
project_name=None, auth_url=None, project_id=None, project_name=None, auth_url=None, project_id=None,
endpoint_type='publicURL', service_type='workflow', endpoint_type='publicURL', service_type='workflow',
auth_token=None, user_id=None): auth_token=None, user_id=None, cacert=None):
if mistral_url and not isinstance(mistral_url, six.string_types): if mistral_url and not isinstance(mistral_url, six.string_types):
raise RuntimeError('Mistral url should be string') raise RuntimeError('Mistral url should be string')
@@ -39,7 +39,7 @@ class Client(object):
self.authenticate(mistral_url, username, api_key, self.authenticate(mistral_url, username, api_key,
project_name, auth_url, project_id, project_name, auth_url, project_id,
endpoint_type, service_type, auth_token, endpoint_type, service_type, auth_token,
user_id)) user_id, cacert))
if not mistral_url: if not mistral_url:
mistral_url = "http://localhost:8989/v2" mistral_url = "http://localhost:8989/v2"
@@ -60,7 +60,7 @@ class Client(object):
def authenticate(self, mistral_url=None, username=None, api_key=None, def authenticate(self, mistral_url=None, username=None, api_key=None,
project_name=None, auth_url=None, project_id=None, project_name=None, auth_url=None, project_id=None,
endpoint_type='publicURL', service_type='workflow', endpoint_type='publicURL', service_type='workflow',
auth_token=None, user_id=None): auth_token=None, user_id=None, cacert=None):
if (not (project_name or project_id) or if (not (project_name or project_id) or
not (isinstance(project_name, six.string_types) or not (isinstance(project_name, six.string_types) or
@@ -90,7 +90,8 @@ class Client(object):
tenant_id=project_id, tenant_id=project_id,
tenant_name=project_name, tenant_name=project_name,
auth_url=auth_url, auth_url=auth_url,
endpoint=auth_url) endpoint=auth_url,
cacert=cacert)
keystone.authenticate() keystone.authenticate()
token = keystone.auth_token token = keystone.auth_token

10
mistralclient/shell.py
View File

@@ -171,6 +171,13 @@ class MistralShell(app.App):
default=c.env('OS_AUTH_URL'), default=c.env('OS_AUTH_URL'),
help='Authentication URL (Env: OS_AUTH_URL)' help='Authentication URL (Env: OS_AUTH_URL)'
) )
parser.add_argument(
'--os-cacert',
action='store',
dest='cacert',
default=c.env('OS_CACERT'),
help='Authentication CA Certificate (Env: OS_CACERT)'
)
return parser return parser
def initialize_app(self, argv): def initialize_app(self, argv):
@@ -186,7 +193,8 @@ class MistralShell(app.App):
project_id=self.options.tenant_id, project_id=self.options.tenant_id,
endpoint_type='publicURL', endpoint_type='publicURL',
service_type='workflow', service_type='workflow',
auth_token=self.options.token) auth_token=self.options.token,
cacert=self.options.cacert)
def _set_shell_commands(self, cmds_dict): def _set_shell_commands(self, cmds_dict):
for k, v in cmds_dict.items(): for k, v in cmds_dict.items():