openstack/python-zaqarclient
Code Issues Proposed changes
python-zaqarclient/marconiclient/auth/keystone.py
Flavio Percoco d1a0c1f405 Remove the dependency on oslo.config 
Client libraries shouldn't depend on specific configuration libraries,
since that will make it difficult for other applications to adopt the
library.

This patch replaces all oslo.config usages with dictionaries. The client
will use those as options holders and all parameters are considered
optional.

Notice that `options` was preferred instead of `**options` since this
dictionary is considered a 'config object' and not a set of optional
parameters. This will make it easier for applications using
marconiclient to hold a single, mutable instance of options to pass
around.

Partially-Implements blueprint python-marconiclient-v1

Change-Id: Ib41f2957689545f05dab19338842fd9a953f2f76
2013-11-19 16:58:13 +01:00

100 lines
3.5 KiB
Python
Raw Blame History

# Copyright (c) 2013 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from keystoneclient.v2_0 import client as ksclient
from marconiclient.auth import base
# NOTE(flaper87): Some of the code below
# was brought to you by the very unique
# work of ceilometerclient.
class KeystoneAuth(base.AuthBackend):
"""Keystone Auth backend
:params conf: A dictionary with Keystone's
custom parameters:
- os_username
- os_password
- os_project_id
- os_project_name
- os_auth_url
- os_auth_token
- os_region_name
- os_service_type
- os_service_type
- os_endpoint_type
:type conf: `dict`
"""
def _get_ksclient(self, **kwargs):
"""Get an endpoint and auth token from Keystone.
:param kwargs: keyword args containing credentials:
* username: name of user
* password: user's password
* auth_url: endpoint to authenticate against
* insecure: allow insecure SSL (no cert verification)
* project_{name|id}: name or ID of project
"""
return ksclient.Client(**kwargs)
def _get_endpoint(self, client, **extra):
"""Get an endpoint using the provided keystone client."""
return client.service_catalog.url_for(**extra)
def authenticate(self, api_version, request):
"""Get an authtenticated client, based on the credentials
in the keyword args.
:param api_version: the API version to use ('1' or '2')
:param request: The request spec instance to modify with
the auth information.
"""
token = self.conf.get('os_auth_token')
if not token or not request.endpoint:
# NOTE(flaper87): Lets assume all the
# required information was provided
# either through env variables or CLI
# params. Let keystoneclient fail otherwise.
ks_kwargs = {
'username': self.conf.get('os_username'),
'password': self.conf.get('os_password'),
'tenant_id': self.conf.get('os_project_id'),
'tenant_name': self.conf.get('os_project_name'),
'auth_url': self.conf.get('os_auth_url'),
'insecure': self.conf.get('insecure'),
}
_ksclient = self._get_ksclient(**ks_kwargs)
if not token:
token = _ksclient.auth_token
if not request.endpoint:
extra = {
'service_type': self.conf.get('os_service_type',
'queuing'),
'endpoint_type': self.conf.get('os_endpoint_type',
'publicURL'),
}
request.endpoint = self._get_endpoint(_ksclient, **extra)
# NOTE(flaper87): Update the request spec
# with the final token.
request.headers['X-Auth-Token'] = token
return request
View Git Blame Copy Permalink