def _create(self):
keystone_client = self.clients.client('keystone').client
auth_plugin = auth.KeystoneAuthV2(keystone=keystone_client)
client = barbican_client.Client(auth_plugin=auth_plugin)
return client
def _create_connection(self, ctxt):
"""Creates a connection to the Barbican service.
:param ctxt: the user context for authentication
:return: a Barbican Connection object
:throws NotAuthorized: if the ctxt is None
"""
# Confirm context is provided, if not raise not authorized
if not ctxt:
msg = _("User is not authorized to use key manager.")
LOG.error(msg)
raise exception.NotAuthorized(msg)
try:
endpoint = CONF.keymgr.encryption_auth_url
keystone = keystone_client.Client(token=ctxt.auth_token,
endpoint=endpoint)
keystone_auth = auth.KeystoneAuthV2(keystone=keystone)
keystone_auth._barbican_url = CONF.keymgr.encryption_api_url
connection = barbican_client.Client(auth_plugin=keystone_auth)
return connection
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.error(_("Error creating Barbican client: %s"), (e))
def barbican(self):
if self._barbican:
return self._barbican
keystone_client = self.keystone().client
auth_plugin = auth.KeystoneAuthV2(keystone=keystone_client)
self._barbican = barbican_client.Client(auth_plugin=auth_plugin)
return self._barbican
def _barbican(self):
keystone_client = self.client('keystone').client
auth_plugin = auth.KeystoneAuthV2(keystone=keystone_client)
return barbican_client.Client(auth_plugin=auth_plugin)