Beispiel #1
0
def federatedAuthentication(keystoneEndpoint, realm = None, tenantFn = None, v3 = False):
    realms = getRealmList(keystoneEndpoint)
    if realm is None or {'name': realm} not in realms['realms']:
        realm = futils.selectRealm(realms['realms'])
    request = getIdPRequest(keystoneEndpoint, realm)
    # Load the correct protocol module according to the IdP type
    protocol = realm['type'].split('.')[1]
    processing_module = load_protocol_module(protocol)
    response = processing_module.getIdPResponse(request['idpEndpoint'], request['idpRequest'], realm)
#    print response
    tenantData = getUnscopedToken(keystoneEndpoint, response, realm)
#    print tenantData
    tenant = futils.getTenantId(tenantData['tenants'], tenantFn)
#   print tenant
    if tenant is None:
        tenant = futils.selectTenantOrDomain(tenantData['tenants'])
        if tenant.get("project", None) is None and tenant.get("domain", None) is None:
            tenant = tenant["id"]
            type = "tenantId"
        else:
            if tenant.get("domain", None) is None:
                tenant = tenant["project"]["id"]
                type = "tenantId"
            else:
                tenant = tenant["domain"]["id"]
                type = "domainId"
    scopedToken = swapTokens(keystoneEndpoint, tenantData['unscopedToken'], type, tenant)
    return scopedToken
Beispiel #2
0
def getScopedToken(keystoneEndpoint, idpResponse, tenantFn):
    response = getUnscopedToken(keystoneEndpoint, idpResponse)
    tenantId = futils.getTenantId(response["tenants"])
    if tenantId is None:
        print "Error the tenant could not be found, should raise InvalidTenant"
    scoped = swapTokens(keystoneEndpoint, response["unscopedToken"], tenantId)
    return scoped
Beispiel #3
0
def federatedAuthentication(keystoneEndpoint, realm = None, tenantFn = None, v3 = False):
    realms = getRealmList(keystoneEndpoint)
    if realm is None or {'name': realm} not in realms['realms']:
        realm = futils.selectRealm(realms['realms'])
    request = getIdPRequest(keystoneEndpoint, realm)
    # Load the correct protocol module according to the IdP type
    protocol = realm['type'].split('.')[1]
    try:
        processing_module = load_protocol_module(protocol)
    except IOError as e:
        print "The selected Identity Service is not supported by your client, please restart the process and choose an alternative provider"
        sys.exit(1)
	
    response = processing_module.getIdPResponse(request['idpEndpoint'], request['idpRequest'], realm)
    tenantData = getUnscopedToken(keystoneEndpoint, response, realm)
    tenant = futils.getTenantId(tenantData['tenants'], tenantFn)
    if tenant is None:
        tenant = futils.selectTenantOrDomain(tenantData['tenants'])
        if tenant.get("project", None) is None and tenant.get("domain", None) is None:
            tenant = tenant["id"]
            type = "tenantId"
        else:
            if tenant.get("domain", None) is None:
                tenant = tenant["project"]["id"]
                type = "tenantId"
            else:
                tenant = tenant["domain"]["id"]
                type = "domainId"
    scopedToken = swapTokens(keystoneEndpoint, tenantData['unscopedToken'], type, tenant)
    return scopedToken
Beispiel #4
0
def federatedAuthentication(keystoneEndpoint, realm = None, tenantFn = None):
    realms = getRealmList(keystoneEndpoint)
    if realm is None or {'name': realm} not in realms['realms']:
        realm = futils.selectRealm(realms['realms'])
    request = getIdPRequest(keystoneEndpoint, realm)
    response = getIdPResponse(request['idpEndpoint'], request['idpRequest'])
    tenantData = getUnscopedToken(keystoneEndpoint, response, realm)
    tenant = futils.getTenantId(tenantData['tenants'], tenantFn)
    if tenant is None:
        tenant = futils.selectTenant(tenantData['tenants'])['id']
    scopedToken = swapTokens(keystoneEndpoint, tenantData['unscopedToken'], tenant)
    return scopedToken