def get_openstack_clients(self, username, password=None, tenant_name=None):
        # TODO: I could replace with identity.. but should I?
        # Build credentials for each manager
        all_creds = self._get_openstack_credentials(
            username, password, tenant_name)
        # Initialize managers with respective credentials
        image_creds = self._build_image_creds(all_creds)
        net_creds = self._build_network_creds(all_creds)
        sdk_creds = self._build_sdk_creds(all_creds)

        if self.identity_version > 2:
            openstack_sdk = _connect_to_openstack_sdk(**sdk_creds)
        else:
            openstack_sdk = None

        neutron = self.network_manager.new_connection(**net_creds)
        keystone, nova, glance = self.image_manager._new_connection(
            **image_creds)

        return {
            "glance": glance,
            "keystone": keystone,
            "nova": nova,
            "neutron": neutron,
            "openstack_sdk": openstack_sdk,
            "horizon": self._get_horizon_url(keystone.tenant_id)
        }
    def __init__(self, provider=None, *args, **kwargs):
        super(AccountDriver, self).__init__()
        if provider:
            all_creds = self._init_by_provider(provider, *args, **kwargs)
        else:
            all_creds = kwargs
        if 'location' in all_creds:
            self.namespace = "Atmosphere_OpenStack:%s" % all_creds['location']
        else:
            logger.info("Using default namespace.. Could cause conflicts if "
                        "switching between providers. To avoid ambiguity, "
                        "provide the kwarg: location='provider_prefix'")
        # Build credentials for each manager
        self.credentials = all_creds

        ex_auth_version = all_creds.get("ex_force_auth_version", '2.0_password')
        if ex_auth_version.startswith('2'):
            self.identity_version = 2
        elif ex_auth_version.startswith('3'):
            self.identity_version = 3
        else:
            raise Exception("Could not determine identity_version of %s"
                            % ex_auth_version)

        user_creds = self._build_user_creds(all_creds)
        image_creds = self._build_image_creds(all_creds)
        net_creds = self._build_network_creds(all_creds)
        sdk_creds = self._build_sdk_creds(all_creds)

        # Initialize managers with respective credentials
        self.user_manager = UserManager(**user_creds)
        self.image_manager = ImageManager(**image_creds)
        self.network_manager = NetworkManager(**net_creds)
        self.openstack_sdk = _connect_to_openstack_sdk(**sdk_creds)
Example #3
0
    def authenticate(self, request):
        """
        TODO: This method might take an already-logged in user who possesses a KEYSTONE TOKEN -- one could then determine if the token was still 'valid' and use that truth-value to authenticate the request.
        The entire user-object would need to be returned, and the dependencies for this method would have to include rtwo/openstacksdk which might make this entire process out-of-scope for django-giji-auth
        TODO: Ideally, more things would be passed through headers to tell us:
            - What KEYSTONE_SERVER to authenticate with
            - What the username or other information is *expected* to be..
            - ??
        """
        auth = request.META.get('HTTP_AUTHORIZATION', '').split()
        auth_url = auth_settings.KEYSTONE_SERVER
        region_name = "RegionOne"  # This could be passed in via header _OR_ as an auth_settings.KEYSTONE_REGION_NAME
        domain_name = "Default"  # This could be passed in via header _OR_ as an auth_settings.KEYSTONE_DOMAIN_NAME
        parsed_auth_url = urlparse(auth_url)
        hostname = parsed_auth_url.hostname
        token_key = None
        if len(auth) == 2 and auth[0].lower() == "token":
            token_key = auth[1]
        if not token_key:
            return None
        try:
            from rtwo.drivers.common import _connect_to_openstack_sdk
        except ImportError:
            logger.exception(
                "Cannot use OpenstackTokenAuthentication without `rtwo`."
                " Please `pip install rtwo` and try again!")
            return None

        sdk_args = {
            'auth_url': auth_url.replace('5000', '35357'),
            'ex_force_base_url': auth_url.replace(":5000/v3", ":8774/v2/"),
            'identity_api_version': 3,
            'project_domain_name': domain_name,
            'region_name': region_name,
            'user_domain_name': domain_name,
            "auth_plugin": "token",
            "token": token_key
        }
        stack_sdk = _connect_to_openstack_sdk(**sdk_args)
        try:
            stack_sdk.authorize()
            whoami = stack_sdk.session.auth.auth_ref
            username = whoami.username
            new_profile = {
                'username': username,
                'firstName': username,
                'lastName': "",
                'email': "%s@%s" % (username, hostname),
            }
            logger.debug("Openstack Profile: %s", new_profile)
            user = get_or_create_user(new_profile['username'], new_profile)
            auth_token = get_or_create_token(
                user, token_key, issuer="OpenstackTokenAuthentication")
            user_logged_in.send(sender=user.__class__,
                                request=request,
                                user=user)
            return auth_token
        except:
            return None
Example #4
0
 def get_openstack_clients(self, username, password=None, tenant_name=None):
     # TODO: I could replace with identity.. but should I?
     from rtwo.drivers.common import _connect_to_openstack_sdk
     user_creds = self._get_openstack_credentials(
         username, password, tenant_name)
     neutron = self.network_manager.new_connection(**user_creds)
     keystone, nova, glance = self.image_manager._new_connection(
         **user_creds)
     openstack_sdk = _connect_to_openstack_sdk(**user_creds)
     return {
         "glance": glance,
         "keystone": keystone,
         "nova": nova,
         "neutron": neutron,
         "horizon": self._get_horizon_url(keystone.tenant_id)
     }
    def get_openstack_clients(self, username, password=None, tenant_name=None):
        # Build credentials for each manager
        all_creds = self._get_openstack_credentials(
            username, password, tenant_name)
        # Initialize managers with respective credentials
        image_creds = self._build_image_creds(all_creds)
        net_creds = self._build_network_creds(all_creds)
        sdk_creds = self._build_sdk_creds(all_creds)
        user_creds = self._build_user_creds(all_creds)
        openstack_sdk = _connect_to_openstack_sdk(**sdk_creds)
        (keystone, nova, swift) = self.user_manager.new_connection(
            **user_creds)
        neutron = self.network_manager.new_connection(**net_creds)
        _, _, glance = self.image_manager._new_connection(
            **image_creds)

        return {
            "glance": glance,
            "keystone": keystone,
            "nova": nova,
            "neutron": neutron,
            "openstack_sdk": openstack_sdk,
            "horizon": self._get_horizon_url(keystone.tenant_id)
        }
Example #6
0
 def get_openstack_sdk_client(self, all_creds):
     sdk_creds = self._build_sdk_creds(all_creds)
     openstack_sdk = _connect_to_openstack_sdk(**sdk_creds)
     return openstack_sdk