Merge "Application credential support follow-up"
This commit is contained in:
Zuul
@@ -62,7 +62,7 @@ except ImportError:
|
|||||||
def createLock(self):
|
def createLock(self):
|
||||||
self.lock = None
|
self.lock = None
|
||||||
|
|
||||||
ksexceptions = ksclient_v2 = ksclient_v3 = None
|
ksexceptions = ksclient_v2 = ksclient_v3 = ksa_v3 = None
|
||||||
try:
|
try:
|
||||||
from keystoneclient import exceptions as ksexceptions
|
from keystoneclient import exceptions as ksexceptions
|
||||||
# prevent keystoneclient warning us that it has no log handlers
|
# prevent keystoneclient warning us that it has no log handlers
|
||||||
@@ -72,8 +72,8 @@ except ImportError:
|
|||||||
pass
|
pass
|
||||||
try:
|
try:
|
||||||
from keystoneclient.v3 import client as ksclient_v3
|
from keystoneclient.v3 import client as ksclient_v3
|
||||||
from keystoneauth1.identity import v3
|
from keystoneauth1.identity import v3 as ksa_v3
|
||||||
from keystoneauth1 import session
|
from keystoneauth1 import session as ksa_session
|
||||||
from keystoneauth1 import exceptions as ksauthexceptions
|
from keystoneauth1 import exceptions as ksauthexceptions
|
||||||
except ImportError:
|
except ImportError:
|
||||||
pass
|
pass
|
||||||
@@ -627,22 +627,27 @@ variables to be set or overridden with -A, -U, or -K.''')
|
|||||||
filter_kwargs['attr'] = 'region'
|
filter_kwargs['attr'] = 'region'
|
||||||
filter_kwargs['filter_value'] = os_options['region_name']
|
filter_kwargs['filter_value'] = os_options['region_name']
|
||||||
|
|
||||||
if os_options.get('auth_type') == 'v3applicationcredential':
|
if os_options.get('auth_type') and os_options['auth_type'] not in (
|
||||||
try:
|
'password', 'v2password', 'v3password',
|
||||||
v3
|
'v3applicationcredential'):
|
||||||
except NameError:
|
raise ClientException(
|
||||||
|
'Swiftclient currently only supports v3applicationcredential '
|
||||||
|
'for auth_type')
|
||||||
|
elif os_options.get('auth_type') == 'v3applicationcredential':
|
||||||
|
if ksa_v3 is None:
|
||||||
raise ClientException('Auth v3applicationcredential requires '
|
raise ClientException('Auth v3applicationcredential requires '
|
||||||
'python-keystoneclient>=2.0.0')
|
'keystoneauth1 package; consider upgrading '
|
||||||
|
'to python-keystoneclient>=2.0.0')
|
||||||
|
|
||||||
try:
|
try:
|
||||||
auth = v3.ApplicationCredential(
|
auth = ksa_v3.ApplicationCredential(
|
||||||
auth_url=auth_url,
|
auth_url=auth_url,
|
||||||
application_credential_secret=os_options.get(
|
application_credential_secret=os_options.get(
|
||||||
'application_credential_secret'),
|
'application_credential_secret'),
|
||||||
application_credential_id=os_options.get(
|
application_credential_id=os_options.get(
|
||||||
'application_credential_id'))
|
'application_credential_id'))
|
||||||
sses = session.Session(auth=auth)
|
sess = ksa_session.Session(auth=auth)
|
||||||
token = sses.get_token()
|
token = sess.get_token()
|
||||||
except ksauthexceptions.Unauthorized:
|
except ksauthexceptions.Unauthorized:
|
||||||
msg = 'Unauthorized. Check application credential id and secret.'
|
msg = 'Unauthorized. Check application credential id and secret.'
|
||||||
raise ClientException(msg)
|
raise ClientException(msg)
|
||||||
@@ -650,7 +655,7 @@ variables to be set or overridden with -A, -U, or -K.''')
|
|||||||
raise ClientException('Authorization Failure. %s' % err)
|
raise ClientException('Authorization Failure. %s' % err)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
endpoint = sses.get_endpoint_data(service_type=service_type,
|
endpoint = sess.get_endpoint_data(service_type=service_type,
|
||||||
endpoint_type=endpoint_type,
|
endpoint_type=endpoint_type,
|
||||||
**filter_kwargs)
|
**filter_kwargs)
|
||||||
|
|
||||||
|
|||||||
@@ -1651,7 +1651,12 @@ def parse_args(parser, args, enforce_requires=True):
|
|||||||
return options, args
|
return options, args
|
||||||
|
|
||||||
if enforce_requires:
|
if enforce_requires:
|
||||||
if options['os_auth_type'] == 'v3applicationcredential':
|
if options['os_auth_type'] and options['os_auth_type'] not in (
|
||||||
|
'password', 'v1password', 'v2password', 'v3password',
|
||||||
|
'v3applicationcredential'):
|
||||||
|
exit('Only "v3applicationcredential" is supported for '
|
||||||
|
'--os-auth-type')
|
||||||
|
elif options['os_auth_type'] == 'v3applicationcredential':
|
||||||
if not (options['os_application_credential_id'] and
|
if not (options['os_application_credential_id'] and
|
||||||
options['os_application_credential_secret']):
|
options['os_application_credential_secret']):
|
||||||
exit('Auth version 3 (application credential) requires '
|
exit('Auth version 3 (application credential) requires '
|
||||||
@@ -1659,9 +1664,6 @@ def parse_args(parser, args, enforce_requires=True):
|
|||||||
'OS_APPLICATION_CREDENTIAL_SECRET to be set or '
|
'OS_APPLICATION_CREDENTIAL_SECRET to be set or '
|
||||||
'overridden with --os-application-credential-id and '
|
'overridden with --os-application-credential-id and '
|
||||||
'--os-application-credential-secret respectively.')
|
'--os-application-credential-secret respectively.')
|
||||||
elif options['os_auth_type']:
|
|
||||||
exit('Only "v3applicationcredential" is supported for '
|
|
||||||
'--os-auth-type')
|
|
||||||
elif options['auth_version'] == '3':
|
elif options['auth_version'] == '3':
|
||||||
if not options['auth']:
|
if not options['auth']:
|
||||||
exit('Auth version 3 requires OS_AUTH_URL to be set or '
|
exit('Auth version 3 requires OS_AUTH_URL to be set or '
|
||||||
|
|||||||
@@ -2721,7 +2721,7 @@ class TestParsing(TestBase):
|
|||||||
str(cm.exception))
|
str(cm.exception))
|
||||||
|
|
||||||
os_opts = {
|
os_opts = {
|
||||||
"auth_type": "v3password",
|
"auth_type": "v3oidcpassword",
|
||||||
"application_credential_id": "proejct_id",
|
"application_credential_id": "proejct_id",
|
||||||
"application_credential_secret": "secret",
|
"application_credential_secret": "secret",
|
||||||
"auth_url": "http://example.com:5000/v3"}
|
"auth_url": "http://example.com:5000/v3"}
|
||||||
|
|||||||
Reference in New Issue
Block a user