def _get_barbican_client(self, context):
        """Creates a client to connect to the Barbican service.

        :param context: the user context for authentication
        :return: a Barbican Client object
        :raises Forbidden: if the context is None
        :raises KeyManagerError: if context is missing tenant or tenant is
                                 None or error occurs while creating client
        """

        # Confirm context is provided, if not raise forbidden
        if not context:
            msg = u._("User is not authorized to use key manager.")
            LOG.error(msg)
            raise exception.Forbidden(msg)

        if not hasattr(context, 'tenant') or context.tenant is None:
            msg = u._("Unable to create Barbican Client without tenant "
                      "attribute in context object.")
            LOG.error(msg)
            raise exception.KeyManagerError(reason=msg)

        if self._barbican_client and self._current_context == context:
            return self._barbican_client

        try:
            self._current_context = context
            auth = self._get_keystone_auth(context)
            sess = session.Session(auth=auth)

            self._barbican_endpoint = self._get_barbican_endpoint(auth, sess)
            self._barbican_client = barbican_client.Client(
                session=sess, endpoint=self._barbican_endpoint)

        except Exception as e:
            LOG.error(u._LE("Error creating Barbican client: %s"), e)
            raise exception.KeyManagerError(reason=e)

        self._base_url = self._create_base_url(auth, sess,
                                               self._barbican_endpoint)

        return self._barbican_client
    def _get_barbican_client(self, context):
        """Creates a client to connect to the Barbican service.

        :param context: the user context for authentication
        :return: a Barbican Client object
        :raises Forbidden: if the context is None
        :raises KeyManagerError: if context is missing tenant or tenant is
                                 None or error occurs while creating client
        """

        # Confirm context is provided, if not raise forbidden
        if not context:
            msg = u._("User is not authorized to use key manager.")
            LOG.error(msg)
            raise exception.Forbidden(msg)

        if not hasattr(context, "tenant") or context.tenant is None:
            msg = u._("Unable to create Barbican Client without tenant " "attribute in context object.")
            LOG.error(msg)
            raise exception.KeyManagerError(reason=msg)

        if self._barbican_client and self._current_context == context:
            return self._barbican_client

        try:
            self._current_context = context
            auth = self._get_keystone_auth(context)
            sess = session.Session(auth=auth)

            self._barbican_endpoint = self._get_barbican_endpoint(auth, sess)
            self._barbican_client = barbican_client.Client(session=sess, endpoint=self._barbican_endpoint)

        except Exception as e:
            LOG.error(u._LE("Error creating Barbican client: %s"), e)
            raise exception.KeyManagerError(reason=e)

        self._base_url = self._create_base_url(auth, sess, self._barbican_endpoint)

        return self._barbican_client
Beispiel #3
0
class CastellanException(Exception):
    """Base Castellan Exception

    To correctly use this class, inherit from it and define
    a 'message' property. That message will get printf'd
    with the keyword arguments provided to the constructor.
    """
    message = u._("An unknown exception occurred")

    def __init__(self, message_arg=None, *args, **kwargs):
        if not message_arg:
            message_arg = self.message
        try:
            self.message = message_arg % kwargs
        except Exception as e:
            if _FATAL_EXCEPTION_FORMAT_ERRORS:
                raise e
            else:
                # at least get the core message out if something happened
                pass
        super(CastellanException, self).__init__(self.message)
Beispiel #4
0
class InsufficientCredentialDataError(CastellanException):
    message = u._("Insufficient credential data was provided, either "
                  "\"token\" must be set in the passed conf, or a context "
                  "with an \"auth_token\" property must be passed.")
Beispiel #5
0
class AuthTypeInvalidError(CastellanException):
    message = u._("Invalid auth_type was specified, auth_type: %(type)s")
Beispiel #6
0
class ManagedObjectNotFoundError(CastellanException):
    message = u._("Key not found, uuid: %(uuid)s")
Beispiel #7
0
class KeyManagerError(CastellanException):
    message = u._("Key manager error: %(reason)s")
Beispiel #8
0
class Forbidden(CastellanException):
    message = u._("You are not authorized to complete this action.")