Change approach to saharaclient authentication

We'll commit to the idea of constructing a session based on token auth here in the sahara-dashboard code itself. And in preparation for some upcoming python-saharaclient changes, move certificate settings into that session object. Change-Id: I5f76af0e14822513849af2e75445af837af85285 Story: 1747838
2018-07-09 12:44:40 -04:00 · 2018-07-09 12:44:40 -04:00 · b742987174
commit b742987174
parent 56b69d6477
2 changed files with 8 additions and 5 deletions
--- a/requirements.txt
+++ b/requirements.txt
@ -7,6 +7,7 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0
 Django<2,>=1.11;python_version<'3.0'  # BSD
 Django<2.1,>=1.11;python_version>='3.0'  # BSD
 django-compressor>=2.0 # MIT
+keystoneauth1>=3.4.0 # Apache-2.0
 oslo.log>=3.36.0 # Apache-2.0
 oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
 python-designateclient>=2.7.0 # Apache-2.0
--- a/sahara_dashboard/api/sahara.py
+++ b/sahara_dashboard/api/sahara.py
@ -93,16 +93,18 @@ def safe_call(func, *args, **kwargs):
 def client(request):
    insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
    cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
-    # TODO(jfreud): pass token directly to client after bug 1747838 resolved
    auth = identity.Token(auth_url=request.user.endpoint,
                          token=request.user.token.id,
                          project_id=request.user.project_id)
-    sess = session.Session(auth=auth)
+    verify = False
+    if cacert:
+        verify = cacert
+    elif not insecure:
+        verify = True
+    sess = session.Session(auth=auth, verify=verify)
    return api_client.Client(VERSIONS.get_active_version()["version"],
                             service_type=SAHARA_SERVICE,
-                             session=sess,
-                             insecure=insecure,
-                             cacert=cacert)
+                             session=sess)


 def prepare_acl_update_dict(is_public=None, is_protected=None):