openstack/python-mistralclient
Code Issues Proposed changes
Files
f7c04df5ec07426a97ff8a0fa72b718ef8e84cbd
python-mistralclient/mistralclient/api/client.py
Renat Akhmerov f7c04df5ec Add KeyCloak OpenID Connect authentication 
Questions:
* The implementation is now KeyCloak specific in part of using realms
  as a substition for Keystone projects (multitenancy). Based on a realm
  name (in fact, project name) we build a url where we send auth requests.
  Can we move away from KeyCloak specifics and provide a pure OpenID
  Connect implementation?

TODO:
* Reusing existing token
* Refreshin a token

NOTE: This addition now looks slightly hacky because we try to put
all possible auth parameters into Client initializer. Ideally,
authentication method should be pluggable similar to the new Keystone
approach with separation sessions and authentication methods (see
keystoneauth project). This separation can be addressed only in Mistral
future versions because all changes in API/CLI v2 have to be backwards
compatible. API/CLI v3 must address this architectural issue.

Change-Id: I845b2bfbc1877e6f4b0c1a523d136e01c3742865
2016-07-04 11:49:56 +07:00

56 lines
1.9 KiB
Python
Raw Blame History

# Copyright 2013 - Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import six
from mistralclient.api.v2 import client as client_v2
from mistralclient.auth import auth_types
def client(mistral_url=None, username=None, api_key=None,
project_name=None, auth_url=None, project_id=None,
endpoint_type='publicURL', service_type='workflow',
auth_token=None, user_id=None, cacert=None, insecure=False,
profile=None, auth_type=auth_types.KEYSTONE, client_id=None,
client_secret=None):
if mistral_url and not isinstance(mistral_url, six.string_types):
raise RuntimeError('Mistral url should be a string.')
return client_v2.Client(
mistral_url=mistral_url,
username=username,
api_key=api_key,
project_name=project_name,
auth_url=auth_url,
project_id=project_id,
endpoint_type=endpoint_type,
service_type=service_type,
auth_token=auth_token,
user_id=user_id,
cacert=cacert,
insecure=insecure,
profile=profile,
auth_type=auth_type,
client_id=client_id,
client_secret=client_secret
)
def determine_client_version(mistral_version):
if mistral_version.find("v2") != -1:
return 2
raise RuntimeError("Can not determine mistral API version")
View Git Blame Copy Permalink