Remove message signing in API plugin (after discussion with ceilometer team).

Signing doesn't prevent replay attacks. Use HTTPS to not reinvent the wheel.
Remove ceilometer-pollster directory (it has been merged with Ceilometer).

ceilometer-pollster/README

@@ -1,9 +0,0 @@
-#### With Devstack ####
-
-Copy "kwapi" to /opt/stack/ceilometer/ceilometer/.
-
-Modify /opt/stack/ceilometer/setup.py:
-    [ceilometer.poll.central]
-        kwapi = ceilometer.kwapi.kwapi:KwapiPollster
-
-Run "sudo easy_install /opt/stack/ceilometer/".

ceilometer-pollster/kwapi/kwapi.py

@@ -1,80 +0,0 @@
-# -*- coding: utf-8 -*-
-
-from keystoneclient.v2_0 import client as ksclient
-import requests
-
-from ceilometer import counter
-from ceilometer import meter
-from ceilometer.central import plugin
-from ceilometer.openstack.common import cfg
-from ceilometer.openstack.common import log
-from ceilometer.openstack.common import timeutils
-
-class KwapiClient():
-    """Kwapi API client."""
-    
-    def __init__(self, url, token=None):
-        """Initializes client."""
-        self.url = url
-        self.token = token
-    
-    def list_probes(self):
-        """Returns a list of dicts describing all probes."""
-        probes_url = self.url + '/probes/'
-        headers = {}
-        if self.token is not None:
-            headers = {'X-Auth-Token': self.token}
-        request = requests.get(probes_url, headers=headers)
-        message = request.json
-        
-        probe_list = []
-        
-        if meter.verify_signature(message, cfg.CONF['metering_secret']):
-            probes = message['probes']
-            for key, value in probes.iteritems():
-                probe_dict = value
-                probe_dict['id'] = key
-                probe_list.append(probe_dict)
-            
-        return probe_list
-
-class _Base(plugin.CentralPollster):
-    """Base class for the Kwapi pollster, derived from CentralPollster."""
-    
-    @staticmethod
-    def get_kwapi_client():
-        """Returns a KwapiClient configured with the proper url and token."""
-        keystone = ksclient.Client(username=cfg.CONF.os_username,
-                            password=cfg.CONF.os_password,
-                            tenant_id=cfg.CONF.os_tenant_id,
-                            tenant_name=cfg.CONF.os_tenant_name,
-                            auth_url=cfg.CONF.os_auth_url)
-        endpoint = keystone.service_catalog.url_for(service_type='metering', endpoint_type='internalURL')
-        return KwapiClient(endpoint, keystone.auth_token)
-    
-    def iter_probes(self):
-        """Iterate over all probes."""
-        client = self.get_kwapi_client()
-        return client.list_probes()
-
-class KwapiPollster(_Base):
-    """Kwapi pollster derived from the base class."""
-    
-    LOG = log.getLogger(__name__ + '.kwapi')
-    
-    def get_counters(self, manager, context):
-        """Returns all counters."""
-        for probe in self.iter_probes():
-            yield counter.Counter(
-                name='kwapi',
-                type=counter.TYPE_CUMULATIVE,
-                volume=probe['kwh'],
-                user_id=None,
-                project_id=None,
-                resource_id=probe['id'],
-                timestamp=timeutils.utcnow().isoformat(),
-                resource_metadata={
-                        'timestamp': probe['timestamp'],
-                        'w': probe['w']
-                    }
-            )

etc/kwapi/api.conf

@@ -8,7 +8,6 @@ acl_auth_url = http://10.0.0.2:5000/v2.0
 
 # Signature
 signature_checking = true
-api_metering_secret = change this or be hacked
 driver_metering_secret = Change This Or Be Hacked
 
 # Communication

kwapi/plugins/api/v1.py

@@ -8,15 +8,6 @@ import hmac
 import flask
 
 from kwapi.openstack.common import cfg
-from kwapi import security
-
-v1_opts = [
-    cfg.StrOpt('api_metering_secret',
-               required=True,
-               ),
-    ]
-
-cfg.CONF.register_opts(v1_opts)
 
 blueprint = flask.Blueprint('v1', __name__)
 
@@ -30,7 +21,6 @@ def list_probes_ids():
     """Returns all known probes IDs."""
     message = {}
     message['probe_ids'] = flask.request.database.keys()
-    security.append_signature(message, cfg.CONF.api_metering_secret)
     return flask.jsonify(message)
 
 @blueprint.route('/probes/')
@@ -38,7 +28,6 @@ def list_probes():
     """Returns all information about all known probes."""
     message = {}
     message['probes'] = flask.request.database
-    security.append_signature(message, cfg.CONF.api_metering_secret)
     return flask.jsonify(message)
 
 @blueprint.route('/probes/<probe>/')
@@ -49,7 +38,6 @@ def probe_info(probe):
         message[probe] = flask.request.database[probe]
     except KeyError:
         flask.abort(404)
-    security.append_signature(message, cfg.CONF.api_metering_secret)
     return flask.jsonify(message)
 
 @blueprint.route('/probes/<probe>/<meter>/')
@@ -60,5 +48,4 @@ def probe_value(probe, meter):
         message[probe] = {meter: flask.request.database[probe][meter]}
     except KeyError:
         flask.abort(404)
-    security.append_signature(message, cfg.CONF.api_metering_secret)
     return flask.jsonify(message)