Colleen Murphy 5203cc9707 Remove auth_with_unscoped_saml decorator
The auth_with_unscoped_saml decorator existed to make sure the user
selected the right auth plugin before trying to call either a
'federation domain' or 'federation project' command. This is outdated,
because openstackclient now uses keystoneauth[1] and keystoneauth
removed its entrypoints for the federation plugins[2] since its
_Rescoped class no longer needs them. This patch removes the decorator
since that validation check was the only thing standing in the way of
the commands working correctly. Also removed the '*_list_wrong_auth'
tests since those only existed to test the decorator, and stopped
setting the plugin in the positive tests since the
automatically-determined token plugin should now be fine.

[1] http://git.openstack.org/cgit/openstack/python-openstackclient/commit/?id=6ae0d2e8a54fd5139e63a990ab4bdce634e73c5e
[2] http://git.openstack.org/cgit/openstack/keystoneauth/commit/?id=d9e4d26bb86f8d48e43188b88bab9d7fe778d2c1

Change-Id: Id981739663113447a7bba8ddba81ba9394a19e07
Closes-bug: #1624115
2016-12-04 18:59:09 +00:00

52 lines
1.8 KiB
Python

# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
"""Identity v3 unscoped SAML auth action implementations.
The first step of federated auth is to fetch an unscoped token. From there,
the user can list domains and projects they are allowed to access, and request
a scoped token."""
from osc_lib.command import command
from osc_lib import utils
from openstackclient.i18n import _
class ListAccessibleDomains(command.Lister):
_description = _("List accessible domains")
def take_action(self, parsed_args):
columns = ('ID', 'Enabled', 'Name', 'Description')
identity_client = self.app.client_manager.identity
data = identity_client.federation.domains.list()
return (columns,
(utils.get_item_properties(
s, columns,
formatters={},
) for s in data))
class ListAccessibleProjects(command.Lister):
_description = _("List accessible projects")
def take_action(self, parsed_args):
columns = ('ID', 'Domain ID', 'Enabled', 'Name')
identity_client = self.app.client_manager.identity
data = identity_client.federation.projects.list()
return (columns,
(utils.get_item_properties(
s, columns,
formatters={},
) for s in data))