6ae0d2e8a5
Currently OpenStackClient uses keystoneclient for authentication. This change will update OpenStackClient to use keystoneauth for authentication. All dependant test have been updated. Updating how auth_ref is set in the tests to use KSA fixtures had some racy side-effects. The user_role_list tests failed when they picked up an auth_ref that was a fixture. This exposed a weakness in ListUserRole that needed to be fixed at the same time re handling of unscoped tokens and options. Change-Id: I4ddb2dbbb3bf2ab37494468eaf65cef9213a6e00 Closes-Bug: 1533369
69 lines
2.1 KiB
Python
69 lines
2.1 KiB
Python
# Copyright 2014 eBay Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
#
|
|
|
|
"""Identity v2 Token action implementations"""
|
|
|
|
import six
|
|
|
|
from openstackclient.common import command
|
|
from openstackclient.common import exceptions
|
|
from openstackclient.i18n import _
|
|
|
|
|
|
class IssueToken(command.ShowOne):
|
|
"""Issue new token"""
|
|
|
|
# scoped token is optional
|
|
required_scope = False
|
|
|
|
def get_parser(self, prog_name):
|
|
parser = super(IssueToken, self).get_parser(prog_name)
|
|
return parser
|
|
|
|
def take_action(self, parsed_args):
|
|
auth_ref = self.app.client_manager.auth_ref
|
|
if not auth_ref:
|
|
raise exceptions.AuthorizationFailure(
|
|
"Only an authorized user may issue a new token.")
|
|
|
|
data = {}
|
|
if auth_ref.auth_token:
|
|
data['id'] = auth_ref.auth_token
|
|
if auth_ref.expires:
|
|
data['expires'] = auth_ref.expires
|
|
if auth_ref.project_id:
|
|
data['project_id'] = auth_ref.project_id
|
|
if auth_ref.user_id:
|
|
data['user_id'] = auth_ref.user_id
|
|
return zip(*sorted(six.iteritems(data)))
|
|
|
|
|
|
class RevokeToken(command.Command):
|
|
"""Revoke existing token"""
|
|
|
|
def get_parser(self, prog_name):
|
|
parser = super(RevokeToken, self).get_parser(prog_name)
|
|
parser.add_argument(
|
|
'token',
|
|
metavar='<token>',
|
|
help=_('Token to be deleted'),
|
|
)
|
|
return parser
|
|
|
|
def take_action(self, parsed_args):
|
|
identity_client = self.app.client_manager.identity
|
|
|
|
identity_client.tokens.delete(parsed_args.token)
|