openstack/python-openstackclient
Code Issues Proposed changes

Refactor check_valid_auth_options function

Browse Source 
The functions check_valid_auth_options() function was relying on the name
for checking the set of required options, but this could cause errors
with external auth plugins. If somebody defines an auth plugin plugin
named "footoken" the check function would check for a "token" option,
even if the plugin has not defined that option. This change tries to
improve this situation, cheking for some options only if they have been
defined in the plugin.

Change-Id: I4255f2e7d4d23449c95be957ea7b6b60983f2608
This commit is contained in:
Alvaro Lopez Garcia 2016-05-18 17:55:19 +02:00
parent 7cda2b2a06
commit 78ae57112c
1 changed files with 21 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
openstackclient/api/auth.py
View File

@ -147,29 +147,28 @@ def check_valid_authorization_options(options, auth_plugin_name):
def check_valid_authentication_options(options, auth_plugin_name): def check_valid_authentication_options(options, auth_plugin_name):
"""Validate authentication options, and provide helpful error messages.""" """Validate authentication options, and provide helpful error messages."""
# Get all the options defined within the plugin.
plugin_opts = base.get_plugin_options(auth_plugin_name)
plugin_opts = {opt.dest: opt for opt in plugin_opts}
# NOTE(aloga): this is an horrible hack. We need a way to specify the
# required options in the plugins. Using the "required" argument for
# the oslo_config.cfg.Opt does not work, as it is not possible to load the
# plugin if the option is not defined, so the error will simply be:
# "NoMatchingPlugin: The plugin foobar could not be found"
msgs = [] msgs = []
if auth_plugin_name.endswith('password'): if 'password' in plugin_opts and not options.auth.get('username'):
if not options.auth.get('username'):
msgs.append(_('Set a username with --os-username, OS_USERNAME,' msgs.append(_('Set a username with --os-username, OS_USERNAME,'
' or auth.username')) ' or auth.username'))
if not options.auth.get('auth_url'): if 'auth_url' in plugin_opts and not options.auth.get('auth_url'):
msgs.append(_('Set an authentication URL, with --os-auth-url,'
' OS_AUTH_URL or auth.auth_url'))
elif auth_plugin_name.endswith('token'):
if not options.auth.get('token'):
msgs.append(_('Set a token with --os-token, OS_TOKEN or '
'auth.token'))
if not options.auth.get('auth_url'):
msgs.append(_('Set a service AUTH_URL, with --os-auth-url, ' msgs.append(_('Set a service AUTH_URL, with --os-auth-url, '
'OS_AUTH_URL or auth.auth_url')) 'OS_AUTH_URL or auth.auth_url'))
elif auth_plugin_name == 'token_endpoint': if 'url' in plugin_opts and not options.auth.get('url'):
if not options.auth.get('token'): msgs.append(_('Set a service URL, with --os-url, '
msgs.append(_('Set a token with --os-token, OS_TOKEN or ' 'OS_URL or auth.url'))
'auth.token')) if 'token' in plugin_opts and not options.auth.get('token'):
if not options.auth.get('url'): msgs.append(_('Set a token with --os-token, '
msgs.append(_('Set a service URL, with --os-url, OS_URL or ' 'OS_TOKEN or auth.token'))
'auth.url'))
if msgs: if msgs:
raise exc.CommandError( raise exc.CommandError(
_('Missing parameter(s): \n%s') % '\n'.join(msgs)) _('Missing parameter(s): \n%s') % '\n'.join(msgs))