From 6025fa83f193fe422cff1fdc93f658ec457e0136 Mon Sep 17 00:00:00 2001 From: Steve Martinelli Date: Thu, 8 Jan 2015 02:02:55 -0500 Subject: [PATCH] Request token creation docs + tweaks Added command docs, and changed request token to take in name or id of a project, and also support a domain option. Change-Id: I87363274e5b7a0c687e234f5a4bcaaf166d28840 --- doc/source/command-objects/request-token.rst | 37 ++++++++++++++++ doc/source/commands.rst | 2 +- openstackclient/identity/v3/token.py | 43 ++++++++++++++----- .../tests/identity/v3/test_oauth.py | 12 +++++- 4 files changed, 80 insertions(+), 14 deletions(-) create mode 100644 doc/source/command-objects/request-token.rst diff --git a/doc/source/command-objects/request-token.rst b/doc/source/command-objects/request-token.rst new file mode 100644 index 0000000000..501f67a57f --- /dev/null +++ b/doc/source/command-objects/request-token.rst @@ -0,0 +1,37 @@ +============= +request token +============= + +Identity v3 + +`Requires: OS-OAUTH1 extension` + +request token create +-------------------- + +Create a request token + +.. program:: request token create +.. code:: bash + + os request token create + --consumer-key + --consumer-secret + --project + [--domain ] + +.. option:: --consumer-key + + Consumer key (required) + +.. option:: --description + + Consumer secret (required) + +.. option:: --project + + Project that consumer wants to access (name or ID) (required) + +.. option:: --domain + + Domain owning (name or ID) diff --git a/doc/source/commands.rst b/doc/source/commands.rst index 9d60984354..1136f0a2bd 100644 --- a/doc/source/commands.rst +++ b/doc/source/commands.rst @@ -100,7 +100,7 @@ referring to both Compute and Volume quotas. * ``project``: (**Identity**) owns a group of resources * ``quota``: (**Compute**, **Volume**) resource usage restrictions * ``region``: (**Identity**) a subset of an OpenStack deployment -* ``request token``: Identity - temporary OAuth-based token +* ``request token``: (**Identity**) temporary OAuth-based token * ``role``: (**Identity**) a policy object used to determine authorization * ``role assignment``: (**Identity**) a relationship between roles, users or groups, and domains or projects * ``security group``: Compute, Network - groups of network access rules diff --git a/openstackclient/identity/v3/token.py b/openstackclient/identity/v3/token.py index 5b09b69f61..86f31a2a4d 100644 --- a/openstackclient/identity/v3/token.py +++ b/openstackclient/identity/v3/token.py @@ -20,6 +20,9 @@ import six from cliff import show +from openstackclient.common import utils +from openstackclient.identity import common + class AuthorizeRequestToken(show.ShowOne): """Authorize request token""" @@ -53,6 +56,7 @@ class AuthorizeRequestToken(show.ShowOne): verifier_pin = identity_client.oauth1.request_tokens.authorize( parsed_args.request_key, roles) + info = {} info.update(verifier_pin._info) return zip(*sorted(six.iteritems(info))) @@ -110,7 +114,7 @@ class CreateAccessToken(show.ShowOne): class CreateRequestToken(show.ShowOne): - """Create request token""" + """Create a request token""" log = logging.getLogger(__name__ + '.CreateRequestToken') @@ -119,33 +123,50 @@ class CreateRequestToken(show.ShowOne): parser.add_argument( '--consumer-key', metavar='', - help='Consumer key', + help='Consumer key (required)', required=True ) parser.add_argument( '--consumer-secret', metavar='', - help='Consumer secret', + help='Consumer secret (required)', required=True ) parser.add_argument( - '--project-id', - metavar='', - help='Requested project ID', + '--project', + metavar='', + help='Project that consumer wants to access (name or ID)' + ' (required)', required=True ) + parser.add_argument( + '--domain', + metavar='', + help='Domain owning (name or ID)', + ) return parser def take_action(self, parsed_args): self.log.debug('take_action(%s)' % parsed_args) - token_client = self.app.client_manager.identity.oauth1.request_tokens + + identity_client = self.app.client_manager.identity + + if parsed_args.domain: + domain = common.find_domain(identity_client, parsed_args.domain) + project = utils.find_resource(identity_client.projects, + parsed_args.project, + domain_id=domain.id) + else: + project = utils.find_resource(identity_client.projects, + parsed_args.project) + + token_client = identity_client.oauth1.request_tokens + request_token = token_client.create( parsed_args.consumer_key, parsed_args.consumer_secret, - parsed_args.project_id) - info = {} - info.update(request_token._info) - return zip(*sorted(six.iteritems(info))) + project.id) + return zip(*sorted(six.iteritems(request_token._info))) class IssueToken(show.ShowOne): diff --git a/openstackclient/tests/identity/v3/test_oauth.py b/openstackclient/tests/identity/v3/test_oauth.py index 15ba04e33f..36a65e4cf9 100644 --- a/openstackclient/tests/identity/v3/test_oauth.py +++ b/openstackclient/tests/identity/v3/test_oauth.py @@ -26,6 +26,8 @@ class TestOAuth1(identity_fakes.TestOAuth1): self.access_tokens_mock.reset_mock() self.request_tokens_mock = identity_client.oauth1.request_tokens self.request_tokens_mock.reset_mock() + self.projects_mock = identity_client.projects + self.projects_mock.reset_mock() class TestRequestTokenCreate(TestOAuth1): @@ -39,18 +41,24 @@ class TestRequestTokenCreate(TestOAuth1): loaded=True, ) + self.projects_mock.get.return_value = fakes.FakeResource( + None, + copy.deepcopy(identity_fakes.PROJECT), + loaded=True, + ) + self.cmd = token.CreateRequestToken(self.app, None) def test_create_request_tokens(self): arglist = [ '--consumer-key', identity_fakes.consumer_id, '--consumer-secret', identity_fakes.consumer_secret, - '--project-id', identity_fakes.project_id, + '--project', identity_fakes.project_id, ] verifylist = [ ('consumer_key', identity_fakes.consumer_id), ('consumer_secret', identity_fakes.consumer_secret), - ('project_id', identity_fakes.project_id), + ('project', identity_fakes.project_id), ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) columns, data = self.cmd.take_action(parsed_args)