Add authentication against Keystone.

Change-Id: Ifb581cc809074354d7db1404c28561ec722cf0f0 Implements-feature: MRN-1146.
2013-10-21 16:36:13 +04:00 · 2013-10-21 16:36:13 +04:00 · b6613f9ecb
commit b6613f9ecb
parent 367d90f116
6 changed files with 29 additions and 6 deletions
--- a/etc/murano-repository.conf
+++ b/etc/murano-repository.conf
@ -1,9 +1,15 @@
 [DEFAULT]
 # Address to bind the server to
 host = localhost
-#Port the bind the server to
+# Port the bind the server to
 port = 5000
-
+# Keystone related stuff
+auth_host = 172.18.124.202
+auth_port = 5000
+auth_protocol = http
+admin_user = admin
+admin_password = swordfish
+admin_tenant_name = admin

 # Provide information about data types
 # absolute path to manifest location(root directory)
--- a/muranorepository/api/v1.py
+++ b/muranorepository/api/v1.py
@ -143,7 +143,7 @@ def create_dirs(data_type, path):


@v1_api.route('/admin/<data_type>/<path:path>', methods=['DELETE'])
-def delete_dirictory_or_file(data_type, path):
+def delete_directory_or_file(data_type, path):
    _check_data_type(data_type)
    result_path = _compose_path(data_type, path)
    if not os.path.exists(result_path):
--- a/muranorepository/cmd/run.py
+++ b/muranorepository/cmd/run.py
@ -52,7 +52,14 @@ def main():

    log.setup('muranorepository')

-    app = server.make_app()
+    app = server.make_app({
+        'auth_host': cfg.CONF.auth_host,
+        'auth_port': cfg.CONF.auth_port,
+        'auth_protocol': cfg.CONF.auth_protocol,
+        'admin_user': cfg.CONF.admin_user,
+        'admin_password': cfg.CONF.admin_password,
+        'admin_tenant_name': cfg.CONF.admin_tenant_name
+    })

    wsgi.server(eventlet.listen((cfg.CONF.host, cfg.CONF.port),
                                backlog=500),
--- a/muranorepository/config.py
+++ b/muranorepository/config.py
@ -19,6 +19,12 @@ from muranorepository.consts import *
 server_opts = [
    cfg.StrOpt('host', default='127.0.0.1'),
    cfg.IntOpt('port', default=5000),
+    cfg.StrOpt('auth_host', default=None),
+    cfg.IntOpt('auth_port', default=5000),
+    cfg.StrOpt('auth_protocol', default='http'),
+    cfg.StrOpt('admin_user', default='admin'),
+    cfg.StrOpt('admin_password', default=None),
+    cfg.StrOpt('admin_tenant_name', default='admin')
 ]

 type_dirs_opts = [cfg.StrOpt(x) for x in DATA_TYPES]
--- a/muranorepository/main.py
+++ b/muranorepository/main.py
@ -13,9 +13,10 @@
 # under the License.
 import flask
 from api.v1 import v1_api
+from keystoneclient.middleware import auth_token


-def make_app():
+def make_app(kwargs):
    """
    App builder (wsgi)
    Entry point
@ -23,4 +24,6 @@ def make_app():

    app = flask.Flask(__name__)
    app.register_blueprint(v1_api, url_prefix='/v1')
+    app.wsgi_app = auth_token.filter_factory(
+        app.config, **kwargs)(app.wsgi_app)
    return app
--- a/requirements.txt
+++ b/requirements.txt
@ -8,4 +8,5 @@ PyYAML
 #openstack-common requires
 iso8601>=0.1.4
 kombu>=2.4.8
-Babel>=1.3
+Babel>=1.3
+python-keystoneclient>=0.2.0