openstack/python-mistralclient
Code Issues Proposed changes
Files
b8946b70497d2f231b9bd50c3df42b4ac1839805
python-mistralclient/mistralclient/auth/keystone.py
Boris Bobrov b8946b7049 Change service type to workflowv2 
workflowv2 is currently used type for Mistral. Old service type did not
really cause any issues, because if not specified, the default value
from --os-mistral-service-type is used, which is correct. Anyway, it is
worth fixing so that it doesn't cause confusion.

Change-Id: I2c4f33d38d9ce487bde6b99455bfdb42f4f21f85
Closes-Bug: 1688219
2017-05-05 14:25:18 +03:00

147 lines
5.3 KiB
Python
Raw Blame History

# Copyright 2016 - Nokia Networks
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from keystoneclient import client
from mistralclient import auth
from oslo_serialization import jsonutils
import mistralclient.api.httpclient as api
class KeystoneAuthHandler(auth.AuthHandler):
def authenticate(self, req, session=None):
"""Performs authentication via Keystone.
:param req: Request dict containing list of parameters required
for Keystone authentication.
"""
if not isinstance(req, dict):
raise TypeError('The input "req" is not typeof dict.')
session = session
mistral_url = req.get('mistral_url')
endpoint_type = req.get('endpoint_type', 'publicURL')
service_type = req.get('service_type', 'workflowv2')
auth_url = req.get('auth_url')
username = req.get('username')
user_id = req.get('user_id')
api_key = req.get('api_key')
auth_token = req.get('auth_token')
project_name = req.get('project_name')
project_id = req.get('project_id')
region_name = req.get('region_name')
user_domain_name = req.get('user_domain_name', 'Default')
project_domain_name = req.get('project_domain_name', 'Default')
cacert = req.get('cacert')
insecure = req.get('insecure', False)
target_auth_url = req.get('target_auth_url')
target_username = req.get('target_username')
target_user_id = req.get('target_user_id')
target_api_key = req.get('target_api_key')
target_auth_token = req.get('target_auth_token')
target_project_name = req.get('target_project_name')
target_project_id = req.get('target_project_id')
target_region_name = req.get('target_region_name')
target_user_domain_name = req.get('target_user_domain_name', 'Default')
target_project_domain_name = req.get(
'target_project_domain_name',
'Default'
)
target_cacert = req.get('target_cacert')
target_insecure = req.get('target_insecure')
if project_name and project_id:
raise RuntimeError(
'Only project name or project id should be set'
)
if username and user_id:
raise RuntimeError(
'Only user name or user id should be set'
)
auth_response = {}
if session:
keystone = client.Client(session=session)
elif auth_url:
keystone = client.Client(
username=username,
user_id=user_id,
password=api_key,
token=auth_token,
tenant_id=project_id,
tenant_name=project_name,
auth_url=auth_url,
cacert=cacert,
insecure=insecure,
user_domain_name=user_domain_name,
project_domain_name=project_domain_name
)
keystone.authenticate()
auth_response.update({
api.AUTH_TOKEN: keystone.auth_token,
api.PROJECT_ID: keystone.project_id,
api.USER_ID: keystone.user_id,
})
if session or auth_url:
if not mistral_url:
try:
mistral_url = keystone.service_catalog.url_for(
service_type=service_type,
endpoint_type=endpoint_type,
region_name=region_name
)
except Exception:
mistral_url = None
auth_response['mistral_url'] = mistral_url
if target_auth_url:
target_keystone = client.Client(
username=target_username,
user_id=target_user_id,
password=target_api_key,
token=target_auth_token,
tenant_id=target_project_id,
tenant_name=target_project_name,
project_id=target_project_id,
project_name=target_project_name,
auth_url=target_auth_url,
cacert=target_cacert,
insecure=target_insecure,
region_name=target_region_name,
user_domain_name=target_user_domain_name,
project_domain_name=target_project_domain_name
)
target_keystone.authenticate()
auth_response.update({
api.TARGET_AUTH_TOKEN: target_keystone.auth_token,
api.TARGET_PROJECT_ID: target_keystone.project_id,
api.TARGET_USER_ID: target_keystone.user_id,
api.TARGET_AUTH_URI: target_auth_url,
api.TARGET_SERVICE_CATALOG: jsonutils.dumps(
target_keystone.auth_ref
)
})
return auth_response
View Git Blame Copy Permalink