102 lines
2.8 KiB
Python
102 lines
2.8 KiB
Python
# Copyright (c) 2015 Huawei, Tech. Co,. Ltd.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import pecan
|
|
|
|
from keystonemiddleware import auth_token
|
|
from oslo_config import cfg
|
|
from oslo_middleware import request_id
|
|
from oslo_service import service
|
|
from oslo_service import wsgi
|
|
|
|
from dcorch.common import context as ctx
|
|
from dcorch.common.i18n import _
|
|
|
|
|
|
def setup_app(*args, **kwargs):
|
|
|
|
opts = cfg.CONF.pecan
|
|
config = {
|
|
'server': {
|
|
'port': cfg.CONF.bind_port,
|
|
'host': cfg.CONF.bind_host
|
|
},
|
|
'app': {
|
|
'root': 'dcorch.api.controllers.root.RootController',
|
|
'modules': ['dcorch.api'],
|
|
"debug": opts.debug,
|
|
"auth_enable": opts.auth_enable,
|
|
'errors': {
|
|
400: '/error',
|
|
'__force_dict__': True
|
|
}
|
|
}
|
|
}
|
|
|
|
pecan_config = pecan.configuration.conf_from_dict(config)
|
|
|
|
# app_hooks = [], hook collection will be put here later
|
|
|
|
app = pecan.make_app(
|
|
pecan_config.app.root,
|
|
debug=False,
|
|
wrap_app=_wrap_app,
|
|
force_canonical=False,
|
|
hooks=lambda: [ctx.AuthHook()],
|
|
guess_content_type_from_ext=True
|
|
)
|
|
|
|
return app
|
|
|
|
|
|
def load_paste_app(app_name=None):
|
|
"""Loads a WSGI app from a paste config file."""
|
|
if app_name is None:
|
|
app_name = cfg.CONF.prog
|
|
|
|
loader = wsgi.Loader(cfg.CONF)
|
|
app = loader.load_app(app_name)
|
|
return app
|
|
|
|
|
|
def _wrap_app(app):
|
|
app = request_id.RequestId(app)
|
|
if cfg.CONF.pecan.auth_enable and cfg.CONF.auth_strategy == 'keystone':
|
|
conf = dict(cfg.CONF.keystone_authtoken)
|
|
# Change auth decisions of requests to the app itself.
|
|
conf.update({'delay_auth_decision': True})
|
|
|
|
# NOTE: Policy enforcement works only if Keystone
|
|
# authentication is enabled. No support for other authentication
|
|
# types at this point.
|
|
return auth_token.AuthProtocol(app, conf)
|
|
else:
|
|
return app
|
|
|
|
|
|
_launcher = None
|
|
|
|
|
|
def serve(api_service, conf, workers=1):
|
|
global _launcher
|
|
if _launcher:
|
|
raise RuntimeError(_('serve() can only be called once'))
|
|
|
|
_launcher = service.launch(conf, api_service, workers=workers)
|
|
|
|
|
|
def wait():
|
|
_launcher.wait()
|