def load_app(conf, not_implemented_middleware=True): global APPCONFIGS # Build the WSGI app cfg_path = conf.api.paste_config if not os.path.isabs(cfg_path): cfg_path = conf.find_file(cfg_path) if cfg_path is None or not os.path.exists(cfg_path): LOG.debug("No api-paste configuration file found! Using default.") cfg_path = os.path.abspath( pkg_resources.resource_filename(__name__, "api-paste.ini")) config = dict(conf=conf, not_implemented_middleware=not_implemented_middleware) configkey = str(uuid.uuid4()) APPCONFIGS[configkey] = config LOG.info("WSGI config used: %s", cfg_path) appname = "gnocchi+" + conf.api.auth_mode app = deploy.loadapp("config:" + cfg_path, name=appname, global_conf={'configkey': configkey}) return cors.CORS(app, conf=conf)
def setup_app(config=None): if not config: config = get_pecan_config() q_config.set_config_defaults() app_conf = dict(config.app) db_api.setup_db() if cfg.CONF.api.enable_job_handler: LOG.info('Starting periodic tasks...') periodics.start_job_handler() app = pecan.make_app( app_conf.pop('root'), hooks=lambda: [ctx.ContextHook(), ctx.AuthHook()], logging=getattr(config, 'logging', {}), **app_conf) # Set up access control. app = access_control.setup(app) # Create HTTPProxyToWSGI wrapper app = http_proxy_to_wsgi_middleware.HTTPProxyToWSGI(app, cfg.CONF) # Create a CORS wrapper, and attach mistral-specific defaults that must be # included in all CORS responses. return cors_middleware.CORS(app, cfg.CONF)
def setup_app(config=None): if not config: config = get_pecan_config() app_conf = dict(config.app) app = pecan.make_app( app_conf.pop('root'), logging=getattr(config, 'logging', {}), wrap_app=middleware.ParsableErrorMiddleware, **app_conf ) app = auth.install(app, CONF, config.app.acl_public_routes) # CORS must be the last one. app = cors.CORS(app, CONF) app.set_latent( allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Server-Management-Url'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID', 'X-Server-Management-Url'] ) return app
def load_app(conf, indexer=None, storage=None, incoming=None, not_implemented_middleware=True): global APPCONFIGS # NOTE(sileht): We load config, storage and indexer, # so all if not storage: storage = gnocchi_storage.get_driver(conf) if not incoming: incoming = gnocchi_incoming.get_driver(conf) if not indexer: indexer = gnocchi_indexer.get_driver(conf) # Build the WSGI app cfg_path = conf.api.paste_config if not os.path.isabs(cfg_path): cfg_path = conf.find_file(cfg_path) if cfg_path is None or not os.path.exists(cfg_path): LOG.debug("No api-paste configuration file found! Using default.") cfg_path = os.path.abspath(pkg_resources.resource_filename( __name__, "api-paste.ini")) config = dict(conf=conf, indexer=indexer, storage=storage, incoming=incoming, not_implemented_middleware=not_implemented_middleware) configkey = str(uuid.uuid4()) APPCONFIGS[configkey] = config LOG.info("WSGI config used: %s", cfg_path) appname = "gnocchi+" + conf.api.auth_mode app = deploy.loadapp("config:" + cfg_path, name=appname, global_conf={'configkey': configkey}) return cors.CORS(app, conf=conf)
def initialize_application(name, post_log_configured_function=lambda: None): common.configure() # Log the options used when starting if we're in debug mode... if CONF.debug: CONF.log_opt_values(logging.getLogger(CONF.prog), logging.DEBUG) environment.use_stdlib() post_log_configured_function() def loadapp(): return keystone_service.loadapp( 'config:%s' % config.find_paste_config(), name) _unused, application = common.setup_backends( startup_application_fn=loadapp) # Create a CORS wrapper, and attach keystone-specific defaults that must be # included in all CORS responses application = cors.CORS(application, CONF) application.set_latent( allow_headers=KEYSTONE_HEADERS, allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=KEYSTONE_HEADERS) return application
def setup_app(config=None): if not config: config = get_pecan_config() m_config.set_config_defaults() app_conf = dict(config.app) db_api_v2.setup_db() if not app_conf.pop('disable_cron_trigger_thread', False): periodic.setup() coordination.Service('api_group').register_membership() app = pecan.make_app( app_conf.pop('root'), hooks=lambda: [ctx.ContextHook(), ctx.AuthHook()], logging=getattr(config, 'logging', {}), **app_conf) # Set up access control. app = access_control.setup(app) # Set up profiler. if cfg.CONF.profiler.enabled: app = osprofiler.web.WsgiMiddleware( app, hmac_keys=cfg.CONF.profiler.hmac_keys, enabled=cfg.CONF.profiler.enabled) # Create a CORS wrapper, and attach mistral-specific defaults that must be # included in all CORS responses. return cors_middleware.CORS(app, cfg.CONF)
def setup_app(pecan_config=None, extra_hooks=None): policy.init() app_hooks = [ hooks.ConfigHook(), #hooks.DBHook(), hooks.ContextHook(pecan_config.app.acl_public_routes), #hooks.RPCHook(), #hooks.NoExceptionTracebackHook() ] if extra_hooks: app_hooks.extend(extra_hooks) if not pecan_config: pecan_config = get_pecan_config() pecan.configuration.set_config(dict(pecan_config), overwrite=True) app = pecan.make_app( pecan_config.app.root, static_root=pecan_config.app.static_root, debug=cfg.CONF.api.pecan_debug, force_canonical=getattr(pecan_config.app, 'force_canonical', True), hooks=app_hooks, wrap_app=middleware.ParsableErrorMiddleware, ) if pecan_config.app.enable_acl: app = acl.install(app, cfg.CONF, pecan_config.app.acl_public_routes) # Create a CORS wrapper, and attach ironic-specific defaults that must be # included in all CORS responses. app = cors_middleware.CORS(app, cfg.CONF) return app
def _wrap_app(app): """Wraps wsgi app with additional middlewares.""" app = request_id.RequestId(app) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exceptions.InputFileError( file_name=CONF.audit.audit_map_file, reason=e) if cfg.CONF.api_settings.auth_strategy == constants.KEYSTONE: app = keystone.SkippingAuthProtocol(app, {}) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, cfg.CONF) cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'], allow_methods=['GET', 'PUT', 'POST', 'DELETE'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id']) return app
def _wrap_app(app): app = request_id.RequestId(app) if cfg.CONF.auth_strategy == 'noauth': pass elif cfg.CONF.auth_strategy == 'keystone': app = auth_token.AuthProtocol(app, {}) else: raise n_exc.InvalidConfigurationOption( opt_name='auth_strategy', opt_value=cfg.CONF.auth_strategy) # version can be unauthenticated so it goes outside of auth app = versions.Versions(app) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, cfg.CONF) app.set_latent(allow_headers=[ 'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ 'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC' ]) return app
def setup_app(pecan_config=None, extra_hooks=None): app_hooks = [ hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(pecan_config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook() ] if extra_hooks: app_hooks.extend(extra_hooks) if not pecan_config: pecan_config = get_pecan_config() pecan.configuration.set_config(dict(pecan_config), overwrite=True) app = pecan.make_app( pecan_config.app.root, debug=CONF.pecan_debug, static_root=pecan_config.app.static_root if CONF.pecan_debug else None, force_canonical=getattr(pecan_config.app, 'force_canonical', True), hooks=app_hooks, wrap_app=middleware.ParsableErrorMiddleware, ) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exception.InputFileError(file_name=CONF.audit.audit_map_file, reason=e) if CONF.auth_strategy == "keystone": app = auth_token.AuthTokenMiddleware( app, dict(cfg.CONF), public_api_routes=pecan_config.app.acl_public_routes) # Create a CORS wrapper, and attach ironic-specific defaults that must be # included in all CORS responses. app = cors_middleware.CORS(app, CONF) cors_middleware.set_defaults( allow_headers=[ base.Version.max_string, base.Version.min_string, base.Version.string ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ base.Version.max_string, base.Version.min_string, base.Version.string ]) return app
def add_cors_middleware(app): """Create a CORS wrapper Attach ironic-inspector-specific defaults that must be included in all CORS responses. :param app: application """ app.wsgi_app = cors_middleware.CORS(app.wsgi_app, CONF)
def setUp(self): super(CORSTestLatentProperties, self).setUp() # Set up the config fixture. config = self.useFixture(fixture.Config(cfg.CONF)) config.load_raw_values(group='cors', allowed_origin='http://default.example.com', allow_credentials='True', max_age='', expose_headers='X-Configured', allow_methods='GET', allow_headers='X-Configured') # Now that the config is set up, create our application. self.application = cors.CORS(test_application, cfg.CONF)
def _wrap_app(app): """Wraps wsgi app with additional middlewares.""" app = request_id.RequestId(app) if cfg.CONF.auth_strategy == constants.KEYSTONE: app = auth_token.AuthProtocol(app, {}) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, cfg.CONF) app.set_latent(allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'], allow_methods=['GET', 'PUT', 'POST', 'DELETE'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id']) return app
def setup_app(pecan_config=None, extra_hooks=None): app_hooks = [ hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(pecan_config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook() ] if extra_hooks: app_hooks.extend(extra_hooks) if not pecan_config: pecan_config = get_pecan_config() if pecan_config.app.enable_acl: app_hooks.append(hooks.TrustedCallHook()) pecan.configuration.set_config(dict(pecan_config), overwrite=True) app = pecan.make_app( pecan_config.app.root, static_root=pecan_config.app.static_root, debug=CONF.pecan_debug, force_canonical=getattr(pecan_config.app, 'force_canonical', True), hooks=app_hooks, wrap_app=middleware.ParsableErrorMiddleware, ) if pecan_config.app.enable_acl: app = acl.install(app, cfg.CONF, pecan_config.app.acl_public_routes) # Create a CORS wrapper, and attach ironic-specific defaults that must be # included in all CORS responses. app = cors_middleware.CORS(app, CONF) app.set_latent( allow_headers=[Version.max_string, Version.min_string, Version.string], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ Version.max_string, Version.min_string, Version.string ]) # Insert the proxy support middleware to generate decent application links. app = proxy_middleware.HTTPProxyToWSGI(app, CONF) return app
def load_app(conf, indexer=None, storage=None, incoming=None, coord=None, not_implemented_middleware=True): global APPCONFIGS if not storage: if not coord: # NOTE(jd) This coordinator is never stop. I don't think it's a # real problem since the Web app can never really be stopped # anyway, except by quitting it entirely. coord = metricd.get_coordinator_and_start(conf.coordination_url) storage = gnocchi_storage.get_driver(conf, coord) if not incoming: incoming = gnocchi_incoming.get_driver(conf) if not indexer: indexer = gnocchi_indexer.get_driver(conf) # Build the WSGI app cfg_path = conf.api.paste_config if not os.path.isabs(cfg_path): cfg_path = conf.find_file(cfg_path) if cfg_path is None or not os.path.exists(cfg_path): LOG.debug("No api-paste configuration file found! Using default.") cfg_path = os.path.abspath( pkg_resources.resource_filename(__name__, "api-paste.ini")) config = dict(conf=conf, indexer=indexer, storage=storage, incoming=incoming, not_implemented_middleware=not_implemented_middleware) configkey = str(uuid.uuid4()) APPCONFIGS[configkey] = config LOG.info("WSGI config used: %s", cfg_path) appname = "gnocchi+" + conf.api.auth_mode app = deploy.loadapp("config:" + cfg_path, name=appname, global_conf={'configkey': configkey}) return cors.CORS(app, conf=conf)
def setup_app(config=None): if not config: config = get_pecan_config() app_conf = dict(config.app) app = pecan.make_app(app_conf.pop('root'), logging=getattr(config, 'logging', {}), **app_conf) app = auth.install(app, CONF) # Create a CORS wrapper, and attach solum-specific defaults that must be # supported on all CORS responses. app = cors_middleware.CORS(app, CONF) return app
def setup_app(config=None): if not config: config = get_pecan_config() m_config.set_config_defaults() app_conf = dict(config.app) db_api_v2.setup_db() # TODO(rakhmerov): Why do we run cron triggers in the API layer? # Should we move it to engine?s if cfg.CONF.cron_trigger.enabled: periodic.setup() coordination.Service('api_group').register_membership() app = pecan.make_app( app_conf.pop('root'), hooks=lambda: [ctx.AuthHook(), ctx.ContextHook()], logging=getattr(config, 'logging', {}), **app_conf) # Set up access control. app = access_control.setup(app) # TODO(rakhmerov): need to get rid of this call. # Set up RPC related flags in config rpc.get_transport() # Set up profiler. if cfg.CONF.profiler.enabled: app = osprofiler.web.WsgiMiddleware( app, hmac_keys=cfg.CONF.profiler.hmac_keys, enabled=cfg.CONF.profiler.enabled) # Create HTTPProxyToWSGI wrapper app = http_proxy_to_wsgi_middleware.HTTPProxyToWSGI(app, cfg.CONF) # Create a CORS wrapper, and attach mistral-specific defaults that must be # included in all CORS responses. return cors_middleware.CORS(app, cfg.CONF)
def setup_app(config=None): app_hooks = [ hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook() ] app_conf = dict(config.app) app = make_app(app_conf.pop('root'), hooks=app_hooks, force_canonical=getattr(config.app, 'force_canonical', True), wrap_app=middleware.ParsableErrorMiddleware, **app_conf) if CONF.auth_strategy == "keystone": app = auth_token.AuthTokenMiddleware( app, dict(cfg.CONF), public_api_routes=config.app.acl_public_routes) # Create a CORS wrapper, and attach iotronic-specific defaults that must be # included in all CORS responses. app = cors_middleware.CORS(app, CONF) cors_middleware.set_defaults( allow_headers=[ base.Version.max_string, base.Version.min_string, base.Version.string ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ base.Version.max_string, base.Version.min_string, base.Version.string ]) return app
def _wrap_app(app): app = request_id.RequestId(app) if cfg.CONF.auth_strategy == 'noauth': pass elif cfg.CONF.auth_strategy == 'keystone': app = auth_token.AuthProtocol(app, {}) else: raise n_exc.InvalidConfigurationOption( opt_name='auth_strategy', opt_value=cfg.CONF.auth_strategy) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, cfg.CONF) app.set_latent(allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id']) return app
def _wrap_app(app): app = request_id.RequestId(app) if CONF.api.auth_strategy == 'noauth': pass elif CONF.api.auth_strategy == 'keystone': app = auth_token.AuthProtocol(app, {}) LOG.info("Keystone authentication is enabled") else: raise g_exc.InvalidConfigurationOption(opt_name='auth_strategy', opt_value=CONF.auth_strategy) # dont bother authenticating version # app = versions.Versions(app) # gluon server is behind the proxy app = http_proxy_to_wsgi.HTTPProxyToWSGI(app) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, CONF) cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ 'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC' ]) return app
def setUp(self): """Setup the tests.""" super(CORSRegularRequestTest, self).setUp() # Set up the config fixture. config = self.useFixture(fixture.Config(cfg.CONF)) config.load_raw_values(group='cors', allowed_origin='http://valid.example.com', allow_credentials='False', max_age='', expose_headers='', allow_methods='GET', allow_headers='') config.load_raw_values(group='cors.credentials', allowed_origin='http://creds.example.com', allow_credentials='True') config.load_raw_values(group='cors.exposed-headers', allowed_origin='http://headers.example.com', expose_headers='X-Header-1,X-Header-2', allow_headers='X-Header-1,X-Header-2') config.load_raw_values(group='cors.cached', allowed_origin='http://cached.example.com', max_age='3600') config.load_raw_values(group='cors.get-only', allowed_origin='http://get.example.com', allow_methods='GET') config.load_raw_values(group='cors.all-methods', allowed_origin='http://all.example.com', allow_methods='GET,PUT,POST,DELETE,HEAD') # Now that the config is set up, create our application. self.application = cors.CORS(test_application, cfg.CONF)
def setup_app(config=None): if not config: config = get_pecan_config() app_conf = dict(config.app) db_api_v2.setup_db() periodic.setup() coordination.Service('api_group').register_membership() app = pecan.make_app( app_conf.pop('root'), hooks=lambda: [ctx.ContextHook(), ctx.AuthHook()], logging=getattr(config, 'logging', {}), **app_conf) # Set up access control. app = access_control.setup(app) # Create a CORS wrapper, and attach mistral-specific defaults that must be # included in all CORS responses. app = cors_middleware.CORS(app, cfg.CONF) app.set_latent(allow_headers=[ 'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id' 'X-Project-Id', 'X-User-Name', 'X-Project-Name' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ 'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-Project-Id', 'X-User-Name', 'X-Project-Name' ]) return app
def app_factory(global_config, **local_conf): global APPCONFIGS appconfig = APPCONFIGS.get(global_config.get('configkey')) app = _setup_app(root=local_conf.get('root'), **appconfig) return cors.CORS(app, conf=appconfig['conf'])
def __init__(self, app, auth_app, conf): self._app = cors.CORS(app, conf) # We don't auth here. It's just used for keeping consistence. self._auth_app = auth_app