From b6613f9ecb5b90baf070f5c581a218d503b47e19 Mon Sep 17 00:00:00 2001 From: Timur Sufiev Date: Mon, 21 Oct 2013 16:36:13 +0400 Subject: [PATCH] Add authentication against Keystone. Change-Id: Ifb581cc809074354d7db1404c28561ec722cf0f0 Implements-feature: MRN-1146. --- etc/murano-repository.conf | 10 ++++++++-- muranorepository/api/v1.py | 2 +- muranorepository/cmd/run.py | 9 ++++++++- muranorepository/config.py | 6 ++++++ muranorepository/main.py | 5 ++++- requirements.txt | 3 ++- 6 files changed, 29 insertions(+), 6 deletions(-) diff --git a/etc/murano-repository.conf b/etc/murano-repository.conf index 8078e89..d80b25b 100644 --- a/etc/murano-repository.conf +++ b/etc/murano-repository.conf @@ -1,9 +1,15 @@ [DEFAULT] # Address to bind the server to host = localhost -#Port the bind the server to +# Port the bind the server to port = 5000 - +# Keystone related stuff +auth_host = 172.18.124.202 +auth_port = 5000 +auth_protocol = http +admin_user = admin +admin_password = swordfish +admin_tenant_name = admin # Provide information about data types # absolute path to manifest location(root directory) diff --git a/muranorepository/api/v1.py b/muranorepository/api/v1.py index 72c1611..18b3f31 100644 --- a/muranorepository/api/v1.py +++ b/muranorepository/api/v1.py @@ -143,7 +143,7 @@ def create_dirs(data_type, path): @v1_api.route('/admin//', methods=['DELETE']) -def delete_dirictory_or_file(data_type, path): +def delete_directory_or_file(data_type, path): _check_data_type(data_type) result_path = _compose_path(data_type, path) if not os.path.exists(result_path): diff --git a/muranorepository/cmd/run.py b/muranorepository/cmd/run.py index f31548f..03d5a16 100644 --- a/muranorepository/cmd/run.py +++ b/muranorepository/cmd/run.py @@ -52,7 +52,14 @@ def main(): log.setup('muranorepository') - app = server.make_app() + app = server.make_app({ + 'auth_host': cfg.CONF.auth_host, + 'auth_port': cfg.CONF.auth_port, + 'auth_protocol': cfg.CONF.auth_protocol, + 'admin_user': cfg.CONF.admin_user, + 'admin_password': cfg.CONF.admin_password, + 'admin_tenant_name': cfg.CONF.admin_tenant_name + }) wsgi.server(eventlet.listen((cfg.CONF.host, cfg.CONF.port), backlog=500), diff --git a/muranorepository/config.py b/muranorepository/config.py index d0dd507..34575e7 100644 --- a/muranorepository/config.py +++ b/muranorepository/config.py @@ -19,6 +19,12 @@ from muranorepository.consts import * server_opts = [ cfg.StrOpt('host', default='127.0.0.1'), cfg.IntOpt('port', default=5000), + cfg.StrOpt('auth_host', default=None), + cfg.IntOpt('auth_port', default=5000), + cfg.StrOpt('auth_protocol', default='http'), + cfg.StrOpt('admin_user', default='admin'), + cfg.StrOpt('admin_password', default=None), + cfg.StrOpt('admin_tenant_name', default='admin') ] type_dirs_opts = [cfg.StrOpt(x) for x in DATA_TYPES] diff --git a/muranorepository/main.py b/muranorepository/main.py index b7716db..61073e2 100644 --- a/muranorepository/main.py +++ b/muranorepository/main.py @@ -13,9 +13,10 @@ # under the License. import flask from api.v1 import v1_api +from keystoneclient.middleware import auth_token -def make_app(): +def make_app(kwargs): """ App builder (wsgi) Entry point @@ -23,4 +24,6 @@ def make_app(): app = flask.Flask(__name__) app.register_blueprint(v1_api, url_prefix='/v1') + app.wsgi_app = auth_token.filter_factory( + app.config, **kwargs)(app.wsgi_app) return app diff --git a/requirements.txt b/requirements.txt index 6b1f5c6..0b6d5b5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,4 +8,5 @@ PyYAML #openstack-common requires iso8601>=0.1.4 kombu>=2.4.8 -Babel>=1.3 \ No newline at end of file +Babel>=1.3 +python-keystoneclient>=0.2.0