openstack/python-openstackclient
Code Issues Proposed changes

Merge "Change --os-auth-plugin to --os-auth-type"

Browse Source
This commit is contained in:
Jenkins 2014-10-24 16:11:42 +00:00 committed by Gerrit Code Review
commit 747a62494c
4 changed files with 66 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
openstackclient/api/auth.py
View File

@ -36,8 +36,6 @@ PLUGIN_LIST = stevedore.ExtensionManager(
invoke_on_load=False,
propagate_map_exceptions=True,
)
# TODO(dtroyer): add some method to list the plugins for the
# --os_auth_plugin option
# Get the command line options so the help action has them available
OPTIONS_LIST = {}
@ -56,50 +54,53 @@ for plugin in PLUGIN_LIST:
def select_auth_plugin(options):
"""If no auth plugin was specified, pick one based on other options"""
"""Pick an auth plugin based on --os-auth-type or other options"""
auth_plugin_name = None
if options.os_auth_type in [plugin.name for plugin in PLUGIN_LIST]:
# A direct plugin name was given, use it
return options.os_auth_type
auth_plugin = None
if options.os_url and options.os_token:
# service token authentication
auth_plugin = 'token_endpoint'
auth_plugin_name = 'token_endpoint'
elif options.os_username:
if options.os_identity_api_version == '3':
auth_plugin = 'v3password'
auth_plugin_name = 'v3password'
elif options.os_identity_api_version == '2.0':
auth_plugin = 'v2password'
auth_plugin_name = 'v2password'
else:
# let keystoneclient figure it out itself
auth_plugin = 'password'
auth_plugin_name = 'password'
elif options.os_token:
if options.os_identity_api_version == '3':
auth_plugin = 'v3token'
auth_plugin_name = 'v3token'
elif options.os_identity_api_version == '2.0':
auth_plugin = 'v2token'
auth_plugin_name = 'v2token'
else:
# let keystoneclient figure it out itself
auth_plugin = 'token'
auth_plugin_name = 'token'
else:
raise exc.CommandError(
"Could not figure out which authentication method "
"to use, please set --os-auth-plugin"
"Authentication type must be selected with --os-auth-type"
)
LOG.debug("No auth plugin selected, picking %s from other "
"options" % auth_plugin)
return auth_plugin
LOG.debug("Auth plugin %s selected" % auth_plugin_name)
return auth_plugin_name
def build_auth_params(cmd_options):
def build_auth_params(auth_plugin_name, cmd_options):
auth_params = {}
if cmd_options.os_auth_plugin:
LOG.debug('auth_plugin: %s', cmd_options.os_auth_plugin)
auth_plugin = base.get_plugin_class(cmd_options.os_auth_plugin)
plugin_options = auth_plugin.get_options()
if auth_plugin_name:
LOG.debug('auth_type: %s', auth_plugin_name)
auth_plugin_class = base.get_plugin_class(auth_plugin_name)
plugin_options = auth_plugin_class.get_options()
for option in plugin_options:
option_name = 'os_' + option.dest
LOG.debug('fetching option %s' % option_name)
auth_params[option.dest] = getattr(cmd_options, option_name, None)
# grab tenant from project for v2.0 API compatibility
if cmd_options.os_auth_plugin.startswith("v2"):
if auth_plugin_name.startswith("v2"):
auth_params['tenant_id'] = getattr(
cmd_options,
'os_project_id',
@ -111,14 +112,14 @@ def build_auth_params(cmd_options):
None,
)
else:
LOG.debug('no auth_plugin')
LOG.debug('no auth_type')
# delay the plugin choice, grab every option
plugin_options = set([o.replace('-', '_') for o in OPTIONS_LIST])
for option in plugin_options:
option_name = 'os_' + option
LOG.debug('fetching option %s' % option_name)
auth_params[option] = getattr(cmd_options, option_name, None)
return auth_params
return (auth_plugin_class, auth_params)
def build_auth_plugins_option_parser(parser):
@ -130,15 +131,12 @@ def build_auth_plugins_option_parser(parser):
"""
available_plugins = [plugin.name for plugin in PLUGIN_LIST]
parser.add_argument(
'--os-auth-plugin',
metavar='<OS_AUTH_PLUGIN>',
default=utils.env('OS_AUTH_PLUGIN'),
help='The authentication method to use. If this option is not set, '
'openstackclient will attempt to guess the authentication method '
'to use based on the other options. If this option is set, '
'the --os-identity-api-version argument must be consistent '
'with the version of the method.\nAvailable methods are ' +
', '.join(available_plugins),
'--os-auth-type',
metavar='<auth-type>',
default=utils.env('OS_AUTH_TYPE'),
help='Select an auhentication type. Available types: ' +
', '.join(available_plugins) +
'. Default: selected based on --os-username/--os-token',
choices=available_plugins
)
# make sur we catch old v2.0 env values

18
openstackclient/common/clientmanager.py
View File

@ -19,7 +19,6 @@ import logging
import pkg_resources
import sys
from keystoneclient.auth import base
from keystoneclient import session
import requests
@ -78,20 +77,22 @@ class ClientManager(object):
returns a string containig the password
"""
# If no plugin is named by the user, select one based on
# If no auth type is named by the user, select one based on
# the supplied options
if not auth_options.os_auth_plugin:
auth_options.os_auth_plugin = auth.select_auth_plugin(auth_options)
self._auth_plugin = auth_options.os_auth_plugin
self.auth_plugin_name = auth.select_auth_plugin(auth_options)
# Horrible hack alert...must handle prompt for null password if
# password auth is requested.
if (self._auth_plugin.endswith('password') and
if (self.auth_plugin_name.endswith('password') and
not auth_options.os_password):
auth_options.os_password = pw_func()
(auth_plugin, self._auth_params) = auth.build_auth_params(
self.auth_plugin_name,
auth_options,
)
self._url = auth_options.os_url
self._auth_params = auth.build_auth_params(auth_options)
self._region_name = auth_options.os_region_name
self._api_version = api_version
self._auth_ref = None
@ -117,8 +118,7 @@ class ClientManager(object):
root_logger = logging.getLogger('')
LOG.setLevel(root_logger.getEffectiveLevel())
LOG.debug('Using auth plugin: %s' % self._auth_plugin)
auth_plugin = base.get_plugin_class(self._auth_plugin)
LOG.debug('Using auth plugin: %s' % self.auth_plugin_name)
self.auth = auth_plugin.load_from_options(**self._auth_params)
# needed by SAML authentication
request_session = requests.session()

16
openstackclient/tests/common/test_clientmanager.py
View File

@ -44,7 +44,7 @@ class FakeOptions(object):
def __init__(self, **kwargs):
for option in auth.OPTIONS_LIST:
setattr(self, 'os_' + option.replace('-', '_'), None)
self.os_auth_plugin = None
self.os_auth_type = None
self.os_identity_api_version = '2.0'
self.timing = None
self.os_region_name = None
@ -81,7 +81,7 @@ class TestClientManager(utils.TestCase):
client_manager = clientmanager.ClientManager(
auth_options=FakeOptions(os_token=fakes.AUTH_TOKEN,
os_url=fakes.AUTH_URL,
os_auth_plugin='token_endpoint'),
os_auth_type='token_endpoint'),
api_version=API_VERSION,
verify=True
)
@ -105,7 +105,7 @@ class TestClientManager(utils.TestCase):
client_manager = clientmanager.ClientManager(
auth_options=FakeOptions(os_token=fakes.AUTH_TOKEN,
os_auth_url=fakes.AUTH_URL,
os_auth_plugin='v2token'),
os_auth_type='v2token'),
api_version=API_VERSION,
verify=True
)
@ -183,7 +183,7 @@ class TestClientManager(utils.TestCase):
auth_options=FakeOptions(os_auth_url=fakes.AUTH_URL,
os_username=fakes.USERNAME,
os_password=fakes.PASSWORD,
os_auth_plugin='v2password'),
os_auth_type='v2password'),
api_version=API_VERSION,
verify='cafile',
)
@ -192,8 +192,8 @@ class TestClientManager(utils.TestCase):
self.assertTrue(client_manager._verify)
self.assertEqual('cafile', client_manager._cacert)
def _select_auth_plugin(self, auth_params, api_version, auth_plugin):
auth_params['os_auth_plugin'] = auth_plugin
def _select_auth_plugin(self, auth_params, api_version, auth_plugin_name):
auth_params['os_auth_type'] = auth_plugin_name
auth_params['os_identity_api_version'] = api_version
client_manager = clientmanager.ClientManager(
auth_options=FakeOptions(**auth_params),
@ -201,8 +201,8 @@ class TestClientManager(utils.TestCase):
verify=True
)
self.assertEqual(
auth_plugin,
client_manager._auth_plugin,
auth_plugin_name,
client_manager.auth_plugin_name,
)
def test_client_manager_select_auth_plugin(self):

36
openstackclient/tests/test_shell.py
View File

@ -108,8 +108,8 @@ class TestShell(utils.TestCase):
default_args["region_name"])
self.assertEqual(_shell.options.os_trust_id,
default_args["trust_id"])
self.assertEqual(_shell.options.os_auth_plugin,
default_args['auth_plugin'])
self.assertEqual(_shell.options.os_auth_type,
default_args['auth_type'])
def _assert_token_auth(self, cmd_options, default_args):
with mock.patch("openstackclient.shell.OpenStackShell.initialize_app",
@ -190,7 +190,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -210,7 +210,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -230,7 +230,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -250,7 +250,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -270,7 +270,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -290,7 +290,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -310,7 +310,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -330,7 +330,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -350,7 +350,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -370,7 +370,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -390,7 +390,7 @@ class TestShellPasswordAuth(TestShell):
"password": DEFAULT_PASSWORD,
"region_name": "",
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -410,7 +410,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": DEFAULT_REGION_NAME,
"trust_id": "",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
@ -430,12 +430,12 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "1234",
"auth_plugin": "",
"auth_type": "",
}
self._assert_password_auth(flag, kwargs)
def test_only_auth_plugin_flow(self):
flag = "--os-auth-plugin " + "v2password"
def test_only_auth_type_flow(self):
flag = "--os-auth-type " + "v2password"
kwargs = {
"auth_url": "",
"project_id": "",
@ -450,7 +450,7 @@ class TestShellPasswordAuth(TestShell):
"password": "",
"region_name": "",
"trust_id": "",
"auth_plugin": DEFAULT_AUTH_PLUGIN
"auth_type": DEFAULT_AUTH_PLUGIN
}
self._assert_password_auth(flag, kwargs)