Ejemplo n.º 1
0
def get_configured_credentials(credential_type,
                               fill_in=True,
                               identity_version=None):
    identity_version = identity_version or CONF.identity.auth_version
    if identity_version not in ('v2', 'v3'):
        raise exceptions.InvalidConfiguration('Unsupported auth version: %s' %
                                              identity_version)
    if credential_type not in CREDENTIAL_TYPES:
        raise exceptions.InvalidCredentials()
    conf_attributes = ['username', 'password', 'tenant_name']
    if identity_version == 'v3':
        conf_attributes.append('domain_name')
    # Read the parts of credentials from config
    params = DEFAULT_PARAMS.copy()
    section, prefix = CREDENTIAL_TYPES[credential_type]
    for attr in conf_attributes:
        _section = getattr(CONF, section)
        if prefix is None:
            params[attr] = getattr(_section, attr)
        else:
            params[attr] = getattr(_section, prefix + "_" + attr)
    # Build and validate credentials. We are reading configured credentials,
    # so validate them even if fill_in is False
    credentials = get_credentials(fill_in=fill_in,
                                  identity_version=identity_version,
                                  **params)
    if not fill_in:
        if not credentials.is_valid():
            msg = ("The %s credentials are incorrectly set in the config file."
                   " Double check that all required values are assigned" %
                   credential_type)
            raise exceptions.InvalidConfiguration(msg)
    return credentials
Ejemplo n.º 2
0
    def __init__(self, credentials=None):
        """
        We allow overriding of the credentials used within the various
        client classes managed by the Manager object. Left as None, the
        standard username/password/tenant_name[/domain_name] is used.

        :param credentials: Override of the credentials
        """
        self.auth_version = CONF.identity.auth_version
        if credentials is None:
            self.credentials = cred_provider.get_configured_credentials('user')
        else:
            self.credentials = credentials
        # Check if passed or default credentials are valid
        if not self.credentials.is_valid():
            raise exceptions.InvalidCredentials()
        # Tenant isolation creates TestResources, but Accounts and some tests
        # creates Credentials
        if isinstance(credentials, cred_provider.TestResources):
            creds = self.credentials.credentials
        else:
            creds = self.credentials
        # Creates an auth provider for the credentials
        self.auth_provider = get_auth_provider(creds)
        # FIXME(andreaf) unused
        self.client_attr_names = []
Ejemplo n.º 3
0
def get_auth_provider(credentials):
    default_params = {
        'disable_ssl_certificate_validation':
        CONF.identity.disable_ssl_certificate_validation,
        'ca_certs': CONF.identity.ca_certificates_file,
        'trace_requests': CONF.debug.trace_requests
    }
    if credentials is None:
        raise exceptions.InvalidCredentials('Credentials must be specified')
    auth_provider_class, auth_url = get_auth_provider_class(credentials)
    return auth_provider_class(credentials, auth_url, **default_params)
Ejemplo n.º 4
0
    def get_client_manager(cls,
                           credential_type=None,
                           roles=None,
                           force_new=None):
        """Returns an OpenStack client manager

        Returns an OpenStack client manager based on either credential_type
        or a list of roles. If neither is specified, it defaults to
        credential_type 'primary'
        :param credential_type: string - primary, alt or admin
        :param roles: list of roles

        :returns: the created client manager
        :raises skipException: if the requested credentials are not available
        """
        if all([roles, credential_type]):
            msg = "Cannot get credentials by type and roles at the same time"
            raise ValueError(msg)
        if not any([roles, credential_type]):
            credential_type = 'primary'
        cred_provider = cls._get_credentials_provider()
        if roles:
            for role in roles:
                if not cred_provider.is_role_available(role):
                    skip_msg = (
                        "%s skipped because the configured credential provider"
                        " is not able to provide credentials with the %s role "
                        "assigned." % (cls.__name__, role))
                    raise cls.skipException(skip_msg)
            params = dict(roles=roles)
            if force_new is not None:
                params.update(force_new=force_new)
            creds = cred_provider.get_creds_by_roles(**params)
        else:
            credentials_method = 'get_%s_creds' % credential_type
            if hasattr(cred_provider, credentials_method):
                creds = getattr(cred_provider, credentials_method)()
            else:
                raise exceptions.InvalidCredentials(
                    "Invalid credentials type %s" % credential_type)
        return clients.Manager(credentials=creds, service=cls._service)