def authenticate(self, username=None, password=None, api_key=None, tenant_id=None, connect=False): """ Using the supplied credentials, connects to the specified authentication endpoint and attempts to log in. Credentials can either be passed directly to this method, or previously-stored credentials can be used. If authentication is successful, the token and service catalog information is stored, and clients for each service and region are created. The 'connect' parameter is retained for backwards compatibility. It no longer has any effect. """ self.username = username or self.username or pyos.get_setting( "username") # Different identity systems may pass these under inconsistent names. self.password = password or self.password or api_key or self.api_key self.api_key = api_key or self.api_key or self.password self.tenant_id = tenant_id or self.tenant_id or pyos.get_setting( "tenant_id") creds = self._format_credentials() headers = { "Content-Type": "application/json", "Accept": "application/json", } resp, resp_body = self.method_post("tokens", data=creds, headers=headers, std_headers=False) if resp.status_code == 401: # Invalid authorization raise exc.AuthenticationFailed("Incorrect/unauthorized " "credentials received") elif 500 <= resp.status_code < 600: # Internal Server Error try: error_msg = resp_body[list(resp_body.keys())[0]]["message"] except KeyError: error_msg = "Service Currently Unavailable" raise exc.InternalServerError(error_msg) elif resp.status_code > 299: try: msg = resp_body[list(resp_body.keys())[0]]["message"] except KeyError: msg = None if msg: err = "%s - %s." % (resp.reason, msg) else: err = "%s." % resp.reason raise exc.AuthenticationFailed(err) self._parse_response(resp_body) self.authenticated = True
def test_read_config(self): dummy_cfg = fakes.fake_config_file sav_region = pyos.default_region sav_USER_AGENT = pyos.USER_AGENT with utils.SelfDeletingTempfile() as cfgfile: with open(cfgfile, "w") as cfg: cfg.write(dummy_cfg) pyos.settings.read_config(cfgfile) self.assertEqual(pyos.get_setting("region"), "FAKE") self.assertTrue(pyos.get_setting("user_agent").startswith("FAKE ")) pyos.default_region = sav_region pyos.USER_AGENT = sav_USER_AGENT
def authenticate(self, username=None, password=None, api_key=None, tenant_id=None, connect=False): """ Using the supplied credentials, connects to the specified authentication endpoint and attempts to log in. Credentials can either be passed directly to this method, or previously-stored credentials can be used. If authentication is successful, the token and service catalog information is stored, and clients for each service and region are created. The 'connect' parameter is retained for backwards compatibility. It no longer has any effect. """ self.username = username or self.username or pyos.get_setting( "username") # Different identity systems may pass these under inconsistent names. self.password = password or self.password or api_key or self.api_key self.api_key = api_key or self.api_key or self.password self.tenant_id = tenant_id or self.tenant_id or pyos.get_setting( "tenant_id") creds = self._format_credentials() headers = {"Content-Type": "application/json", "Accept": "application/json", } resp, resp_body = self.method_post("tokens", data=creds, headers=headers, std_headers=False) if resp.status_code == 401: # Invalid authorization raise exc.AuthenticationFailed("Incorrect/unauthorized " "credentials received") elif 500 <= resp.status_code < 600: # Internal Server Error try: error_msg = resp_body[list(resp_body.keys())[0]]["message"] except KeyError: error_msg = "Service Currently Unavailable" raise exc.InternalServerError(error_msg) elif resp.status_code > 299: try: msg = resp_body[list(resp_body.keys())[0]]["message"] except KeyError: msg = None if msg: err = "%s - %s." % (resp.reason, msg) else: err = "%s." % resp.reason raise exc.AuthenticationFailed(err) self._parse_response(resp_body) self.authenticated = True
def keyring_auth(self, username=None): """ Uses the keyring module to retrieve the user's password or api_key. """ if not keyring: # Module not installed raise exc.KeyringModuleNotInstalled( "The 'keyring' Python module " "is not installed on this system.") if username is None: username = pyos.get_setting("keyring_username") if not username: raise exc.KeyringUsernameMissing("No username specified for " "keyring authentication.") password = keyring.get_password("pyos", username) if password is None: raise exc.KeyringPasswordNotFound("No password was found for the " "username '%s'." % username) style = self._creds_style or self._default_creds_style # Keyring username may be different than the credentials. Use the # existing username, if present; otherwise, use the supplied username. username = self.username or username if style == "apikey": return self.authenticate(username=username, api_key=password) else: return self.authenticate(username=username, password=password)
def keyring_auth(self, username=None): """ Uses the keyring module to retrieve the user's password or api_key. """ if not keyring: # Module not installed raise exc.KeyringModuleNotInstalled("The 'keyring' Python module " "is not installed on this system.") if username is None: username = pyos.get_setting("keyring_username") if not username: raise exc.KeyringUsernameMissing("No username specified for " "keyring authentication.") password = keyring.get_password("pyos", username) if password is None: raise exc.KeyringPasswordNotFound("No password was found for the " "username '%s'." % username) style = self._creds_style or self._default_creds_style # Keyring username may be different than the credentials. Use the # existing username, if present; otherwise, use the supplied username. username = self.username or username if style == "apikey": return self.authenticate(username=username, api_key=password) else: return self.authenticate(username=username, password=password)
def test_connect_to_cloudfiles_ServiceNet(self): orig = pyos.get_setting("use_servicenet") pyos.set_setting("use_servicenet", True) pyos.cloudfiles = None pyos.connect_to_cloudfiles = self.orig_connect_to_cloudfiles sav = pyos._create_client pyos._create_client = Mock() cf = pyos.connect_to_cloudfiles(public=False) pyos._create_client.assert_called_once_with(ep_name="object_store", region=None, public=False) pyos.set_setting("use_servicenet", orig) pyos._create_client = sav
def test_settings_get_from_env(self): pyos.settings._settings = {"default": {}} pyos.settings.env_dct = {"identity_type": "fake"} typ = utils.random_unicode() ident = utils.random_unicode() sav_env = os.environ sav_imp = pyos._import_identity pyos._import_identity = Mock(return_value=ident) os.environ = {"fake": typ} ret = pyos.get_setting("identity_class") pyos._import_identity = sav_imp os.environ = sav_env
def _create_client(self, clt_class, url, public=True, special=False): """ Creates a client instance for the service. """ verify_ssl = pyos.get_setting("verify_ssl") if self.service == "compute" and not special: # Novaclient requires different parameters. client = pyos.connect_to_cloudservers(region=self.region, context=self.identity) client.identity = self.identity else: client = clt_class(self.identity, region_name=self.region, management_url=url, verify_ssl=verify_ssl) return client
def test_safe_region(self): # Pass direct reg = utils.random_unicode() ret = pyos._safe_region(reg) self.assertEqual(reg, ret) # From config setting orig_reg = pyos.get_setting("region") reg = utils.random_unicode() pyos.set_setting("region", reg) ret = pyos._safe_region() self.assertEqual(reg, ret) # Identity default pyos.set_setting("region", None) orig_defreg = pyos.identity.get_default_region reg = utils.random_unicode() pyos.identity.get_default_region = Mock(return_value=reg) ret = pyos._safe_region() self.assertEqual(reg, ret) pyos.identity.get_default_region = orig_defreg pyos.set_setting("region", orig_reg)
def _get_auth_endpoint(self): """ Broken out in case subclasses need to determine endpoints dynamically. """ return self._auth_endpoint or pyos.get_setting("auth_endpoint")
def test_settings_set_region(self): key = "region" val = utils.random_unicode() pyos.settings.set(key, val) self.assertEqual(pyos.get_setting(key), val)
def test_settings_set_verify_ssl(self): key = "verify_ssl" val = utils.random_unicode() pyos.settings.set(key, val) self.assertEqual(pyos.get_setting(key), val)
def test_settings_get(self): def_ep = pyos.get_setting("auth_endpoint", "default") alt_ep = pyos.get_setting("auth_endpoint", "alternate") self.assertEqual(def_ep, "DEFAULT_AUTH") self.assertEqual(alt_ep, "ALT_AUTH")