def login_to_instance(self, instance, password, token, org_url):
instances = filter(lambda i: i['id']==instance, self.instances)
if len(instances)>0:
if 'No Attributes' == instances[0]['instanceAttributes']:
return False
attributes = json.loads(instances[0]['instanceAttributes'])
session_uri = attributes['sessionUri']
org_name = attributes['orgName']
vcloud_session = VCS(session_uri, self.username, org_name, instance, instances[0]['apiUrl'], org_url, version=self.version, verify=self.verify)
result = vcloud_session.login(password, token)
if result:
self.vcloud_session = vcloud_session
return True
return False
def login_to_instance(self, instance, password, token, org_url):
instances = filter(lambda i: i['id']==instance, self.instances)
if len(instances)>0:
if 'No Attributes' == instances[0]['instanceAttributes']:
return False
attributes = json.loads(instances[0]['instanceAttributes'])
session_uri = attributes['sessionUri']
org_name = attributes['orgName']
vcloud_session = VCS(session_uri, self.username, org_name, instance, instances[0]['apiUrl'], org_url, version=self.version, verify=self.verify)
result = vcloud_session.login(password, token)
if result:
self.vcloud_session = vcloud_session
return True
return False
def login_to_org(self, service, org_name):
vdcReference = self.get_vdc_reference(service, org_name)
if vdcReference:
link = filter(lambda link: link.get_type() == "application/xml;class=vnd.vmware.vchs.vcloudsession", vdcReference.get_Link())[0]
self.response = requests.post(link.get_href(), headers=self._get_vcloud_headers(), verify=self.verify)
if self.response.status_code == requests.codes.created:
vchs = vchsType.parseString(self.response.content, True)
vdcLink = vchs.get_VdcLink()
headers = {}
headers[vdcLink.authorizationHeader] = vdcLink.authorizationToken
headers["Accept"] = "application/*+xml;version=" + self.version
self.response = requests.get(vdcLink.href, headers=headers, verify=self.verify)
if self.response.status_code == requests.codes.ok:
self.vdc = vdcType.parseString(self.response.content, True)
self.org = self.vdc.name
org_url = filter(lambda link: link.get_type() == "application/vnd.vmware.vcloud.org+xml", self.vdc.get_Link())[0].href
vcloud_session = VCS(org_url, self.username, self.org, None, org_url, org_url, version=self.version, verify=self.verify)
if vcloud_session.login(password=None, token=vdcLink.authorizationToken):
self.vcloud_session = vcloud_session
return True
return False
def login_to_org(self, service, org_name):
vdcReference = self.get_vdc_reference(service, org_name)
if vdcReference:
link = filter(lambda link: link.get_type() == "application/xml;class=vnd.vmware.vchs.vcloudsession", vdcReference.get_Link())[0]
self.response = requests.post(link.get_href(), headers=self._get_vcloud_headers(), verify=self.verify)
if self.response.status_code == requests.codes.created:
vchs = vchsType.parseString(self.response.content, True)
vdcLink = vchs.get_VdcLink()
headers = {}
headers[vdcLink.authorizationHeader] = vdcLink.authorizationToken
headers["Accept"] = "application/*+xml;version=" + self.version
self.response = requests.get(vdcLink.href, headers=headers, verify=self.verify)
if self.response.status_code == requests.codes.ok:
self.vdc = vdcType.parseString(self.response.content, True)
self.org = self.vdc.name
org_url = filter(lambda link: link.get_type() == "application/vnd.vmware.vcloud.org+xml", self.vdc.get_Link())[0].href
vcloud_session = VCS(org_url, self.username, self.org, None, org_url, org_url, version=self.version, verify=self.verify)
if vcloud_session.login(password=None, token=vdcLink.authorizationToken):
self.vcloud_session = vcloud_session
return True
return False
def check_authorization_vcloud(vcloud_org_url, vcloud_token, vcloud_version):
if not _is_valid_url(vcloud_org_url):
logger.error("Unauthorized. Invalid 'vcloud_org_url'. Aborting.")
return make_response("Unauthorized:"
" 'vcloud_org_url' value not allowed", 401)
vcs = VCS(vcloud_org_url, None, None, None,
vcloud_org_url, vcloud_org_url,
version=vcloud_version)
result = vcs.login(token=vcloud_token)
if result:
logger.info("Organization authorized successfully.")
g.tenant_id = vcs.organization.id[vcs.organization.id.rfind(':') + 1:]
g.token = vcloud_token
g.org_url = vcloud_org_url
logger.info("Org-ID: %s.", g.tenant_id)
if not service_limit.check_endpoint_url(
vcloud_org_url, 'vcloud'
):
logger.error("Unauthorized. Aborting authorization "
"for Org-ID: %s.", g.tenant_id)
return make_response("Unauthorized.", 401)
g.current_tenant = service_limit.get_endpoint_tenant(
vcloud_org_url, g.tenant_id
)
if g.current_tenant:
logger.info("Tenant entity: %s",
g.current_tenant.to_dict())
logger.info("Tenant for Org-ID:%s were found.", g.tenant_id)
g.cc = CloudifyClient(host=g.current_tenant.cloudify_host,
port=g.current_tenant.cloudify_port)
else:
logger.error("No limits were defined for Org-ID: %s", g.tenant_id)
return make_response("Limits for Org-ID: %s were not defined. "
"Please contact administrator."
% g.tenant_id, 403)
else:
logger.error(str(vcs.response.status_code))
return make_response(str(vcs.response.reason),
vcs.response.status_code)
def setUp(self):
super(BaseWalleAPIClient, self).setUp()
config_file = os.getenv('WALLE_INT_TESTS_CONF')
if not config_file or not os.path.exists(config_file):
raise exceptions.Unauthorized()
with open(config_file, 'r') as stream:
login_cfg = yaml.load(stream)
cloudify_host = login_cfg.get('cloudify_host')
cloudify_port = login_cfg.get('cloudify_port')
deployment_limits = login_cfg.get('deployment_limits')
self.service_version = login_cfg.get('service_version')
# login to VCA
attempt = 3
while attempt:
self.vca = self._login_to_vca(login_cfg)
if self.vca:
break
attempt -= 1
if not self.vca:
raise exceptions.Unauthorized()
# headers
self.setup_headers()
vcloud_org_url = self.vca.vcloud_session.org_url
self.vcs = VCS(vcloud_org_url, None, None, None,
vcloud_org_url, vcloud_org_url,
version=self.service_version)
# login to VCS
result = self.vcs.login(token=self.headers['x-vcloud-authorization'])
if not result:
raise exceptions.Forbidden()
self.org_id = self.vcs.organization.id[
self.vcs.organization.id.rfind(':') + 1:]
self.organization = models.AllowedOrgs(self.org_id)
self.model_limits = models.OrgIDToCloudifyAssociationWithLimits(
self.organization.org_id, cloudify_host, cloudify_port,
deployment_limits=deployment_limits)
self.addCleanup(self.vca.logout)
def login(self, password=None, token=None, org=None, org_url=None):
"""
Request to login to vCloud Air
:param password: The password.
:param token: The token from a previous successful login, None if this is a new login request.
:return: True if the user was successfully logged in, False otherwise.
"""
if self.service_type == 'subscription':
if token:
headers = {}
headers["x-vchs-authorization"] = token
headers["Accept"] = "application/xml;version=" + self.version
self.response = requests.get(self.host + "/api/vchs/services",
headers=headers,
verify=self.verify)
if self.response.status_code == requests.codes.ok:
self.services = serviceType.parseString(
self.response.content, True)
self.token = token
return True
else:
return False
else:
url = self.host + "/api/vchs/sessions"
encode = "Basic " + base64.standard_b64encode(self.username +
":" + password)
headers = {}
headers["Authorization"] = encode.rstrip()
headers["Accept"] = "application/xml;version=" + self.version
self.response = requests.post(url,
headers=headers,
verify=self.verify)
if self.response.status_code == requests.codes.created:
self.token = self.response.headers["x-vchs-authorization"]
self.services = self._get_services()
return True
else:
return False
elif self.service_type == 'ondemand':
if token:
self.token = token
self.instances = self.get_instances()
return self.instances != None
else:
url = self.host + "/api/iam/login"
encode = "Basic " + base64.standard_b64encode(self.username +
":" + password)
headers = {}
headers["Authorization"] = encode.rstrip()
headers[
"Accept"] = "application/json;version=%s" % self.version
self.response = requests.post(url,
headers=headers,
verify=self.verify)
if self.response.status_code == requests.codes.created:
self.token = self.response.headers["vchs-authorization"]
self.instances = self.get_instances()
return True
else:
return False
elif self.service_type == 'vcd':
if token:
url = self.host + '/api/sessions'
vcloud_session = VCS(url,
self.username,
org,
None,
org_url,
org_url,
version=self.version,
verify=self.verify)
result = vcloud_session.login(token=token)
if result:
self.org = org
self.vcloud_session = vcloud_session
return result
else:
url = self.host + '/api/sessions'
vcloud_session = VCS(url,
self.username,
org,
None,
org_url,
org_url,
version=self.version,
verify=self.verify)
result = vcloud_session.login(password=password)
if result:
self.token = vcloud_session.token
self.org = org
self.vcloud_session = vcloud_session
return result
else:
return False
return False
def load_config(self, profile=None, profile_file='~/.vcarc'):
self.config.read(os.path.expanduser(profile_file))
if profile is not None:
self.profile = profile
else:
section = 'Global'
if self.config.has_option(section, 'profile'):
self.profile = self.config.get(section, 'profile')
else:
self.profile = 'default'
host = 'vca.vmware.com'
user = None
password = None
token = None
service_type = None
version = None
section = 'Profile-%s' % self.profile
instance = None
org = None
org_url = None
session_token = None
session_uri = None
vdc = None
gateway = None
host_score = 'score.vca.io'
if self.config.has_section(section):
if self.config.has_option(section, 'host'):
host = self.config.get(section, 'host')
if self.config.has_option(section, 'user'):
user = self.config.get(section, 'user')
if self.config.has_option(section, 'password'):
password = self.config.get(section, 'password')
if len(password) > 0:
cipher_suite = Fernet(self.crypto_key)
password = cipher_suite.decrypt(password)
if self.config.has_option(section, 'token'):
token = self.config.get(section, 'token')
if self.config.has_option(section, 'service_type'):
service_type = self.config.get(section, 'service_type')
if self.config.has_option(section, 'service_version'):
version = self.config.get(section, 'service_version')
if self.config.has_option(section, 'instance'):
instance = self.config.get(section, 'instance')
if self.config.has_option(section, 'org'):
org = self.config.get(section, 'org')
if self.config.has_option(section, 'org_url'):
org_url = self.config.get(section, 'org_url')
if self.config.has_option(section, 'session_token'):
session_token = self.config.get(section, 'session_token')
if self.config.has_option(section, 'session_uri'):
session_uri = self.config.get(section, 'session_uri')
if self.config.has_option(section, 'vdc'):
vdc = self.config.get(section, 'vdc')
if self.config.has_option(section, 'gateway'):
gateway = self.config.get(section, 'gateway')
if self.config.has_option(section, 'host_score'):
host_score = self.config.get(section, 'host_score')
self.host_score = host_score
self.vca = VCA(host=host,
username=user,
service_type=service_type,
version=version,
verify=self.verify,
log=self.debug)
self.password = password
self.vca.token = token
self.vca.org = org
self.instance = instance
if session_token is not None:
vcloud_session = VCS(url=session_uri,
username=user,
org=org,
instance=instance,
api_url=org_url,
org_url=org_url,
version=version,
verify=self.verify,
log=self.debug)
vcloud_session.token = session_token
self.vca.vcloud_session = vcloud_session
self.vdc_name = vdc
self.gateway = gateway
Log.debug(self.logger, 'restored vca %s' % self.vca)
if self.vca.vcloud_session is not None:
Log.debug(self.logger,
'restored vcloud_session %s' % self.vca.vcloud_session)
Log.debug(self.logger, 'restored org=%s' % self.vca.org)
if self.vca.vcloud_session.token is not None:
Log.debug(
self.logger, 'restored vcloud_session token %s' %
self.vca.vcloud_session.token)
class RealWalleAPIClient(BaseWalleAPIClient, common.vCloudLogin):
def setUp(self):
super(BaseWalleAPIClient, self).setUp()
config_file = os.getenv('WALLE_INT_TESTS_CONF')
if not config_file or not os.path.exists(config_file):
raise exceptions.Unauthorized()
with open(config_file, 'r') as stream:
login_cfg = yaml.load(stream)
cloudify_host = login_cfg.get('cloudify_host')
cloudify_port = login_cfg.get('cloudify_port')
deployment_limits = login_cfg.get('deployment_limits')
self.service_version = login_cfg.get('service_version')
# login to VCA
attempt = 3
while attempt:
self.vca = self._login_to_vca(login_cfg)
if self.vca:
break
attempt -= 1
if not self.vca:
raise exceptions.Unauthorized()
# headers
self.setup_headers()
vcloud_org_url = self.vca.vcloud_session.org_url
self.vcs = VCS(vcloud_org_url, None, None, None,
vcloud_org_url, vcloud_org_url,
version=self.service_version)
# login to VCS
result = self.vcs.login(token=self.headers['x-vcloud-authorization'])
if not result:
raise exceptions.Forbidden()
self.org_id = self.vcs.organization.id[
self.vcs.organization.id.rfind(':') + 1:]
self.organization = models.AllowedOrgs(self.org_id)
self.model_limits = models.OrgIDToCloudifyAssociationWithLimits(
self.organization.org_id, cloudify_host, cloudify_port,
deployment_limits=deployment_limits)
self.addCleanup(self.vca.logout)
def try_auth(self, headers=None):
if not headers:
self.vca.logout()
return self.client.get('/', headers=headers)
self.model_limits.delete()
return self.client.get('/', headers=self.headers)
def execute_get_request_with_route(self, route, params=None):
return self.client.get(route, headers=self.headers,
query_string=params)
def execute_delete_request_with_route(self, route, params=None):
return self.client.delete(route, headers=self.headers,
query_string=params)
def execute_put_request_with_route(self, route, params=None, data=None,
content_type=None):
return self.client.put(route, headers=self.headers,
query_string=params, data=data,
content_type=content_type)
def execute_post_request_with_route(self, route, params=None, data=None,
content_type=None):
return self.client.post(route, headers=self.headers,
query_string=params, data=data,
content_type=content_type)
def make_deployment(self, blueprint_id):
deployment_id = 'postgresql_test_deployment'
response = self._start_deployment(blueprint_id, deployment_id)
return response
def _start_deployment(self, blueprint_id, deployment_id):
content_type = 'application/json'
data = {'blueprint_id': blueprint_id}
return self.execute_put_request_with_route(
'/deployments/%s' % deployment_id, data=json.dumps(data),
content_type=content_type)
def make_execution(self, deployment_id, workflow_id):
params_deployment_id = {'deployment_id': deployment_id}
attempt = 15
print('Wait until execution will be available(attempts) \n'
'attempts: %s' % attempt)
while attempt:
response = self.execute_get_request_with_route(
"/executions", params=params_deployment_id)
status = json.loads(response.data)[0]['status']
if 'terminated' in status:
return self._start_execution(deployment_id, workflow_id)
time.sleep(10)
attempt -= 1
print('attempts: %s' % attempt)
raise exceptions.Forbidden()
def _start_execution(self, deployment_id, workflow_id,
allow_custom_parameters=False,
parameters=None, force=False):
content_type = 'application/json'
data = {
'deployment_id': deployment_id,
'workflow_id': workflow_id,
'parameters': parameters,
'allow_custom_parameters': allow_custom_parameters,
'force': force
}
return self.execute_post_request_with_route(
'/executions', data=json.dumps(data),
content_type=content_type)
def login(self, password=None, token=None, org=None, org_url=None):
"""
Request to login to vCloud Air
:param password: The password.
:param token: The token from a previous successful login, None if this is a new login request.
:return: True if the user was successfully logged in, False otherwise.
"""
if self.service_type == 'subscription':
if token:
headers = {}
headers["x-vchs-authorization"] = token
headers["Accept"] = "application/xml;version=" + self.version
self.response = requests.get(self.host + "/api/vchs/services", headers=headers, verify=self.verify)
if self.response.status_code == requests.codes.ok:
self.services = serviceType.parseString(self.response.content, True)
self.token = token
return True
else:
return False
else:
url = self.host + "/api/vchs/sessions"
encode = "Basic " + base64.standard_b64encode(self.username + ":" + password)
headers = {}
headers["Authorization"] = encode.rstrip()
headers["Accept"] = "application/xml;version=" + self.version
self.response = requests.post(url, headers=headers, verify=self.verify)
if self.response.status_code == requests.codes.created:
self.token = self.response.headers["x-vchs-authorization"]
self.services = self._get_services()
return True
else:
return False
elif self.service_type == 'ondemand':
if token:
self.token = token
self.instances = self.get_instances()
return self.instances != None
else:
url = self.host + "/api/iam/login"
encode = "Basic " + base64.standard_b64encode(self.username + ":" + password)
headers = {}
headers["Authorization"] = encode.rstrip()
headers["Accept"] = "application/json;version=%s" % self.version
self.response = requests.post(url, headers=headers, verify=self.verify)
if self.response.status_code == requests.codes.created:
self.token = self.response.headers["vchs-authorization"]
self.instances = self.get_instances()
return True
else:
return False
elif self.service_type == 'vcd':
if token:
url = self.host + '/api/sessions'
vcloud_session = VCS(url, self.username, org, None, org_url, org_url, version=self.version, verify=self.verify)
result = vcloud_session.login(token=token)
if result:
self.org = org
self.vcloud_session = vcloud_session
return result
else:
url = self.host + '/api/sessions'
vcloud_session = VCS(url, self.username, org, None, org_url, org_url, version=self.version, verify=self.verify)
result = vcloud_session.login(password=password)
if result:
self.token = vcloud_session.token
self.org = org
self.vcloud_session = vcloud_session
return result
else:
return False
return False
def load_config(self, profile=None, profile_file='~/.vcarc'):
self.config.read(os.path.expanduser(profile_file))
if profile is not None:
self.profile = profile
else:
section = 'Global'
if self.config.has_option(section, 'profile'):
self.profile = self.config.get(section, 'profile')
else:
self.profile = 'default'
host = 'vca.vmware.com'
user = None
password = None
token = None
service_type = None
version = None
section = 'Profile-%s' % self.profile
instance = None
org = None
org_url = None
session_token = None
session_uri = None
vdc = None
gateway = None
host_score = 'score.vca.io'
if self.config.has_section(section):
if self.config.has_option(section, 'host'):
host = self.config.get(section, 'host')
if self.config.has_option(section, 'user'):
user = self.config.get(section, 'user')
if self.config.has_option(section, 'password'):
password = self.config.get(section, 'password')
if len(password) > 0:
cipher_suite = Fernet(self.crypto_key)
password = cipher_suite.decrypt(password)
if self.config.has_option(section, 'token'):
token = self.config.get(section, 'token')
if self.config.has_option(section, 'service_type'):
service_type = self.config.get(section, 'service_type')
if self.config.has_option(section, 'service_version'):
version = self.config.get(section, 'service_version')
if self.config.has_option(section, 'instance'):
instance = self.config.get(section, 'instance')
if self.config.has_option(section, 'org'):
org = self.config.get(section, 'org')
if self.config.has_option(section, 'org_url'):
org_url = self.config.get(section, 'org_url')
if self.config.has_option(section, 'session_token'):
session_token = self.config.get(section, 'session_token')
if self.config.has_option(section, 'session_uri'):
session_uri = self.config.get(section, 'session_uri')
if self.config.has_option(section, 'vdc'):
vdc = self.config.get(section, 'vdc')
if self.config.has_option(section, 'gateway'):
gateway = self.config.get(section, 'gateway')
if self.config.has_option(section, 'host_score'):
host_score = self.config.get(section, 'host_score')
self.host_score = host_score
self.vca = VCA(host=host, username=user,
service_type=service_type, version=version,
verify=self.verify, log=self.debug)
self.password = password
self.vca.token = token
self.vca.org = org
self.instance = instance
if session_token is not None:
vcloud_session = VCS(url=session_uri,
username=user,
org=org,
instance=instance,
api_url=org_url,
org_url=org_url,
version=version,
verify=self.verify,
log=self.debug)
vcloud_session.token = session_token
self.vca.vcloud_session = vcloud_session
self.vdc_name = vdc
self.gateway = gateway
Log.debug(self.logger, 'restored vca %s' % self.vca)
if self.vca.vcloud_session is not None:
Log.debug(self.logger, 'restored vcloud_session %s' %
self.vca.vcloud_session)
Log.debug(self.logger, 'restored org=%s' % self.vca.org)
if self.vca.vcloud_session.token is not None:
Log.debug(self.logger, 'restored vcloud_session token %s' %
self.vca.vcloud_session.token)
