Merge "Allow user ID for authentication"
This commit is contained in:
commit
fa49aab4e3
@ -94,7 +94,8 @@ class HTTPClient(object):
|
|||||||
|
|
||||||
USER_AGENT = 'python-neutronclient'
|
USER_AGENT = 'python-neutronclient'
|
||||||
|
|
||||||
def __init__(self, username=None, tenant_name=None, tenant_id=None,
|
def __init__(self, username=None, user_id=None,
|
||||||
|
tenant_name=None, tenant_id=None,
|
||||||
password=None, auth_url=None,
|
password=None, auth_url=None,
|
||||||
token=None, region_name=None, timeout=None,
|
token=None, region_name=None, timeout=None,
|
||||||
endpoint_url=None, insecure=False,
|
endpoint_url=None, insecure=False,
|
||||||
@ -104,6 +105,7 @@ class HTTPClient(object):
|
|||||||
**kwargs):
|
**kwargs):
|
||||||
|
|
||||||
self.username = username
|
self.username = username
|
||||||
|
self.user_id = user_id
|
||||||
self.tenant_name = tenant_name
|
self.tenant_name = tenant_name
|
||||||
self.tenant_id = tenant_id
|
self.tenant_id = tenant_id
|
||||||
self.password = password
|
self.password = password
|
||||||
@ -232,15 +234,18 @@ class HTTPClient(object):
|
|||||||
endpoint_type=self.endpoint_type)
|
endpoint_type=self.endpoint_type)
|
||||||
|
|
||||||
def _authenticate_keystone(self):
|
def _authenticate_keystone(self):
|
||||||
|
if self.user_id:
|
||||||
|
creds = {'userId': self.user_id,
|
||||||
|
'password': self.password}
|
||||||
|
else:
|
||||||
|
creds = {'username': self.username,
|
||||||
|
'password': self.password}
|
||||||
|
|
||||||
if self.tenant_id:
|
if self.tenant_id:
|
||||||
body = {'auth': {'passwordCredentials':
|
body = {'auth': {'passwordCredentials': creds,
|
||||||
{'username': self.username,
|
|
||||||
'password': self.password, },
|
|
||||||
'tenantId': self.tenant_id, }, }
|
'tenantId': self.tenant_id, }, }
|
||||||
else:
|
else:
|
||||||
body = {'auth': {'passwordCredentials':
|
body = {'auth': {'passwordCredentials': creds,
|
||||||
{'username': self.username,
|
|
||||||
'password': self.password, },
|
|
||||||
'tenantName': self.tenant_name, }, }
|
'tenantName': self.tenant_name, }, }
|
||||||
|
|
||||||
if self.auth_url is None:
|
if self.auth_url is None:
|
||||||
|
@ -52,8 +52,11 @@ class ClientManager(object):
|
|||||||
def __init__(self, token=None, url=None,
|
def __init__(self, token=None, url=None,
|
||||||
auth_url=None,
|
auth_url=None,
|
||||||
endpoint_type=None,
|
endpoint_type=None,
|
||||||
tenant_name=None, tenant_id=None,
|
tenant_name=None,
|
||||||
username=None, password=None,
|
tenant_id=None,
|
||||||
|
username=None,
|
||||||
|
user_id=None,
|
||||||
|
password=None,
|
||||||
region_name=None,
|
region_name=None,
|
||||||
api_version=None,
|
api_version=None,
|
||||||
auth_strategy=None,
|
auth_strategy=None,
|
||||||
@ -70,6 +73,7 @@ class ClientManager(object):
|
|||||||
self._tenant_name = tenant_name
|
self._tenant_name = tenant_name
|
||||||
self._tenant_id = tenant_id
|
self._tenant_id = tenant_id
|
||||||
self._username = username
|
self._username = username
|
||||||
|
self._user_id = user_id
|
||||||
self._password = password
|
self._password = password
|
||||||
self._region_name = region_name
|
self._region_name = region_name
|
||||||
self._api_version = api_version
|
self._api_version = api_version
|
||||||
@ -84,6 +88,7 @@ class ClientManager(object):
|
|||||||
if not self._url:
|
if not self._url:
|
||||||
httpclient = client.HTTPClient(
|
httpclient = client.HTTPClient(
|
||||||
username=self._username,
|
username=self._username,
|
||||||
|
user_id=self._user_id,
|
||||||
tenant_name=self._tenant_name,
|
tenant_name=self._tenant_name,
|
||||||
tenant_id=self._tenant_id,
|
tenant_id=self._tenant_id,
|
||||||
password=self._password,
|
password=self._password,
|
||||||
|
@ -398,7 +398,7 @@ class NeutronShell(app.App):
|
|||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--os-tenant-id', metavar='<auth-tenant-id>',
|
'--os-tenant-id', metavar='<auth-tenant-id>',
|
||||||
default=env('OS_TENANT_ID'),
|
default=env('OS_TENANT_ID'),
|
||||||
help=_('Authentication tenant name (Env: OS_TENANT_ID)'))
|
help=_('Authentication tenant ID (Env: OS_TENANT_ID)'))
|
||||||
|
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--os-username', metavar='<auth-username>',
|
'--os-username', metavar='<auth-username>',
|
||||||
@ -408,6 +408,11 @@ class NeutronShell(app.App):
|
|||||||
'--os_username',
|
'--os_username',
|
||||||
help=argparse.SUPPRESS)
|
help=argparse.SUPPRESS)
|
||||||
|
|
||||||
|
parser.add_argument(
|
||||||
|
'--os-user-id', metavar='<auth-user-id>',
|
||||||
|
default=env('OS_USER_ID'),
|
||||||
|
help=_('Authentication user ID (Env: OS_USER_ID)'))
|
||||||
|
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--os-password', metavar='<auth-password>',
|
'--os-password', metavar='<auth-password>',
|
||||||
default=utils.env('OS_PASSWORD'),
|
default=utils.env('OS_PASSWORD'),
|
||||||
@ -590,10 +595,12 @@ class NeutronShell(app.App):
|
|||||||
|
|
||||||
else:
|
else:
|
||||||
# Validate password flow auth
|
# Validate password flow auth
|
||||||
if not self.options.os_username:
|
if (not self.options.os_username
|
||||||
|
and not self.options.os_user_id):
|
||||||
raise exc.CommandError(
|
raise exc.CommandError(
|
||||||
_("You must provide a username via"
|
_("You must provide a username or user ID via"
|
||||||
" either --os-username or env[OS_USERNAME]"))
|
" --os-username, env[OS_USERNAME] or"
|
||||||
|
" --os-user_id, env[OS_USER_ID]"))
|
||||||
|
|
||||||
if not self.options.os_password:
|
if not self.options.os_password:
|
||||||
raise exc.CommandError(
|
raise exc.CommandError(
|
||||||
@ -624,6 +631,7 @@ class NeutronShell(app.App):
|
|||||||
tenant_name=self.options.os_tenant_name,
|
tenant_name=self.options.os_tenant_name,
|
||||||
tenant_id=self.options.os_tenant_id,
|
tenant_id=self.options.os_tenant_id,
|
||||||
username=self.options.os_username,
|
username=self.options.os_username,
|
||||||
|
user_id=self.options.os_user_id,
|
||||||
password=self.options.os_password,
|
password=self.options.os_password,
|
||||||
region_name=self.options.os_region_name,
|
region_name=self.options.os_region_name,
|
||||||
api_version=self.api_version,
|
api_version=self.api_version,
|
||||||
|
@ -28,8 +28,9 @@ from neutronclient.common import utils
|
|||||||
|
|
||||||
|
|
||||||
USERNAME = 'testuser'
|
USERNAME = 'testuser'
|
||||||
|
USER_ID = 'testuser_id'
|
||||||
TENANT_NAME = 'testtenant'
|
TENANT_NAME = 'testtenant'
|
||||||
TENANT_ID = 'testtenantid'
|
TENANT_ID = 'testtenant_id'
|
||||||
PASSWORD = 'password'
|
PASSWORD = 'password'
|
||||||
AUTH_URL = 'authurl'
|
AUTH_URL = 'authurl'
|
||||||
ENDPOINT_URL = 'localurl'
|
ENDPOINT_URL = 'localurl'
|
||||||
@ -107,8 +108,10 @@ class CLITestAuthNoAuth(testtools.TestCase):
|
|||||||
|
|
||||||
class CLITestAuthKeystone(testtools.TestCase):
|
class CLITestAuthKeystone(testtools.TestCase):
|
||||||
|
|
||||||
# Auth Body expected when using tenant name
|
# Auth Body expected
|
||||||
auth_type = 'tenantName'
|
auth_body = ('{"auth": {"tenantName": "testtenant", '
|
||||||
|
'"passwordCredentials": '
|
||||||
|
'{"username": "testuser", "password": "password"}}}')
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
"""Prepare the test environment."""
|
"""Prepare the test environment."""
|
||||||
@ -127,7 +130,6 @@ class CLITestAuthKeystone(testtools.TestCase):
|
|||||||
instantiated with predefined token.
|
instantiated with predefined token.
|
||||||
"""
|
"""
|
||||||
client_ = client.HTTPClient(username=USERNAME,
|
client_ = client.HTTPClient(username=USERNAME,
|
||||||
tenant_id=TENANT_ID,
|
|
||||||
tenant_name=TENANT_NAME,
|
tenant_name=TENANT_NAME,
|
||||||
token=TOKEN,
|
token=TOKEN,
|
||||||
password=PASSWORD,
|
password=PASSWORD,
|
||||||
@ -146,7 +148,7 @@ class CLITestAuthKeystone(testtools.TestCase):
|
|||||||
|
|
||||||
self.client.request(
|
self.client.request(
|
||||||
AUTH_URL + '/tokens', 'POST',
|
AUTH_URL + '/tokens', 'POST',
|
||||||
body=mox.StrContains(self.auth_type), headers=mox.IsA(dict)
|
body=self.auth_body, headers=mox.IsA(dict)
|
||||||
).AndReturn((res200, json.dumps(KS_TOKEN_RESULT)))
|
).AndReturn((res200, json.dumps(KS_TOKEN_RESULT)))
|
||||||
self.client.request(
|
self.client.request(
|
||||||
mox.StrContains(ENDPOINT_URL + '/resource'), 'GET',
|
mox.StrContains(ENDPOINT_URL + '/resource'), 'GET',
|
||||||
@ -447,13 +449,15 @@ class CLITestAuthKeystone(testtools.TestCase):
|
|||||||
|
|
||||||
class CLITestAuthKeystoneWithId(CLITestAuthKeystone):
|
class CLITestAuthKeystoneWithId(CLITestAuthKeystone):
|
||||||
|
|
||||||
# Auth Body expected when using tenant Id
|
# Auth Body expected
|
||||||
auth_type = 'tenantId'
|
auth_body = ('{"auth": {"passwordCredentials": '
|
||||||
|
'{"password": "password", "userId": "testuser_id"}, '
|
||||||
|
'"tenantId": "testtenant_id"}}')
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
"""Prepare the test environment."""
|
"""Prepare the test environment."""
|
||||||
super(CLITestAuthKeystoneWithId, self).setUp()
|
super(CLITestAuthKeystoneWithId, self).setUp()
|
||||||
self.client = client.HTTPClient(username=USERNAME,
|
self.client = client.HTTPClient(user_id=USER_ID,
|
||||||
tenant_id=TENANT_ID,
|
tenant_id=TENANT_ID,
|
||||||
password=PASSWORD,
|
password=PASSWORD,
|
||||||
auth_url=AUTH_URL,
|
auth_url=AUTH_URL,
|
||||||
@ -462,13 +466,16 @@ class CLITestAuthKeystoneWithId(CLITestAuthKeystone):
|
|||||||
|
|
||||||
class CLITestAuthKeystoneWithIdandName(CLITestAuthKeystone):
|
class CLITestAuthKeystoneWithIdandName(CLITestAuthKeystone):
|
||||||
|
|
||||||
# Auth Body expected when using tenant Id
|
# Auth Body expected
|
||||||
auth_type = 'tenantId'
|
auth_body = ('{"auth": {"passwordCredentials": '
|
||||||
|
'{"password": "password", "userId": "testuser_id"}, '
|
||||||
|
'"tenantId": "testtenant_id"}}')
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
"""Prepare the test environment."""
|
"""Prepare the test environment."""
|
||||||
super(CLITestAuthKeystoneWithIdandName, self).setUp()
|
super(CLITestAuthKeystoneWithIdandName, self).setUp()
|
||||||
self.client = client.HTTPClient(username=USERNAME,
|
self.client = client.HTTPClient(username=USERNAME,
|
||||||
|
user_id=USER_ID,
|
||||||
tenant_id=TENANT_ID,
|
tenant_id=TENANT_ID,
|
||||||
tenant_name=TENANT_NAME,
|
tenant_name=TENANT_NAME,
|
||||||
password=PASSWORD,
|
password=PASSWORD,
|
||||||
|
@ -117,13 +117,15 @@ class ShellTest(testtools.TestCase):
|
|||||||
'either --os-url or env[OS_URL]', stderr.strip())
|
'either --os-url or env[OS_URL]', stderr.strip())
|
||||||
|
|
||||||
def test_auth(self):
|
def test_auth(self):
|
||||||
|
#import pdb; pdb.set_trace()
|
||||||
neutron_shell = openstack_shell.NeutronShell('2.0')
|
neutron_shell = openstack_shell.NeutronShell('2.0')
|
||||||
self.addCleanup(self.mox.UnsetStubs)
|
self.addCleanup(self.mox.UnsetStubs)
|
||||||
self.mox.StubOutWithMock(clientmanager.ClientManager, '__init__')
|
self.mox.StubOutWithMock(clientmanager.ClientManager, '__init__')
|
||||||
self.mox.StubOutWithMock(neutron_shell, 'run_subcommand')
|
self.mox.StubOutWithMock(neutron_shell, 'run_subcommand')
|
||||||
clientmanager.ClientManager.__init__(
|
clientmanager.ClientManager.__init__(
|
||||||
token='', url='', auth_url='http://127.0.0.1:5000/',
|
token='', url='', auth_url='http://127.0.0.1:5000/',
|
||||||
tenant_name='test', tenant_id='tenant_id', username='test',
|
tenant_name='test', tenant_id='tenant_id',
|
||||||
|
username='test', user_id='',
|
||||||
password='test', region_name='', api_version={'network': '2.0'},
|
password='test', region_name='', api_version={'network': '2.0'},
|
||||||
auth_strategy='keystone', service_type='network',
|
auth_strategy='keystone', service_type='network',
|
||||||
endpoint_type='publicURL', insecure=False, ca_cert=None,
|
endpoint_type='publicURL', insecure=False, ca_cert=None,
|
||||||
|
@ -61,6 +61,7 @@ class TestSSL(testtools.TestCase):
|
|||||||
token=mox.IgnoreArg(),
|
token=mox.IgnoreArg(),
|
||||||
url=mox.IgnoreArg(),
|
url=mox.IgnoreArg(),
|
||||||
username=mox.IgnoreArg(),
|
username=mox.IgnoreArg(),
|
||||||
|
user_id=mox.IgnoreArg(),
|
||||||
log_credentials=mox.IgnoreArg(),
|
log_credentials=mox.IgnoreArg(),
|
||||||
)
|
)
|
||||||
openstack_shell.NeutronShell.interact().AndReturn(0)
|
openstack_shell.NeutronShell.interact().AndReturn(0)
|
||||||
@ -91,6 +92,7 @@ class TestSSL(testtools.TestCase):
|
|||||||
token=mox.IgnoreArg(),
|
token=mox.IgnoreArg(),
|
||||||
url=mox.IgnoreArg(),
|
url=mox.IgnoreArg(),
|
||||||
username=mox.IgnoreArg(),
|
username=mox.IgnoreArg(),
|
||||||
|
user_id=mox.IgnoreArg(),
|
||||||
log_credentials=mox.IgnoreArg(),
|
log_credentials=mox.IgnoreArg(),
|
||||||
)
|
)
|
||||||
openstack_shell.NeutronShell.interact().AndReturn(0)
|
openstack_shell.NeutronShell.interact().AndReturn(0)
|
||||||
|
@ -108,6 +108,7 @@ class Client(object):
|
|||||||
"""Client for the OpenStack Neutron v2.0 API.
|
"""Client for the OpenStack Neutron v2.0 API.
|
||||||
|
|
||||||
:param string username: Username for authentication. (optional)
|
:param string username: Username for authentication. (optional)
|
||||||
|
:param string user_id: User ID for authentication. (optional)
|
||||||
:param string password: Password for authentication. (optional)
|
:param string password: Password for authentication. (optional)
|
||||||
:param string token: Token for authentication. (optional)
|
:param string token: Token for authentication. (optional)
|
||||||
:param string tenant_name: Tenant name. (optional)
|
:param string tenant_name: Tenant name. (optional)
|
||||||
|
Loading…
Reference in New Issue
Block a user