def federatedAuthentication(keystoneEndpoint, realm = None, tenantFn = None, v3 = False): realms = getRealmList(keystoneEndpoint) if realm is None or {'name': realm} not in realms['realms']: realm = futils.selectRealm(realms['realms']) request = getIdPRequest(keystoneEndpoint, realm) # Load the correct protocol module according to the IdP type protocol = realm['type'].split('.')[1] processing_module = load_protocol_module(protocol) response = processing_module.getIdPResponse(request['idpEndpoint'], request['idpRequest'], realm) # print response tenantData = getUnscopedToken(keystoneEndpoint, response, realm) # print tenantData tenant = futils.getTenantId(tenantData['tenants'], tenantFn) # print tenant if tenant is None: tenant = futils.selectTenantOrDomain(tenantData['tenants']) if tenant.get("project", None) is None and tenant.get("domain", None) is None: tenant = tenant["id"] type = "tenantId" else: if tenant.get("domain", None) is None: tenant = tenant["project"]["id"] type = "tenantId" else: tenant = tenant["domain"]["id"] type = "domainId" scopedToken = swapTokens(keystoneEndpoint, tenantData['unscopedToken'], type, tenant) return scopedToken
def getScopedToken(keystoneEndpoint, idpResponse, tenantFn): response = getUnscopedToken(keystoneEndpoint, idpResponse) tenantId = futils.getTenantId(response["tenants"]) if tenantId is None: print "Error the tenant could not be found, should raise InvalidTenant" scoped = swapTokens(keystoneEndpoint, response["unscopedToken"], tenantId) return scoped
def federatedAuthentication(keystoneEndpoint, realm = None, tenantFn = None, v3 = False): realms = getRealmList(keystoneEndpoint) if realm is None or {'name': realm} not in realms['realms']: realm = futils.selectRealm(realms['realms']) request = getIdPRequest(keystoneEndpoint, realm) # Load the correct protocol module according to the IdP type protocol = realm['type'].split('.')[1] try: processing_module = load_protocol_module(protocol) except IOError as e: print "The selected Identity Service is not supported by your client, please restart the process and choose an alternative provider" sys.exit(1) response = processing_module.getIdPResponse(request['idpEndpoint'], request['idpRequest'], realm) tenantData = getUnscopedToken(keystoneEndpoint, response, realm) tenant = futils.getTenantId(tenantData['tenants'], tenantFn) if tenant is None: tenant = futils.selectTenantOrDomain(tenantData['tenants']) if tenant.get("project", None) is None and tenant.get("domain", None) is None: tenant = tenant["id"] type = "tenantId" else: if tenant.get("domain", None) is None: tenant = tenant["project"]["id"] type = "tenantId" else: tenant = tenant["domain"]["id"] type = "domainId" scopedToken = swapTokens(keystoneEndpoint, tenantData['unscopedToken'], type, tenant) return scopedToken
def federatedAuthentication(keystoneEndpoint, realm = None, tenantFn = None): realms = getRealmList(keystoneEndpoint) if realm is None or {'name': realm} not in realms['realms']: realm = futils.selectRealm(realms['realms']) request = getIdPRequest(keystoneEndpoint, realm) response = getIdPResponse(request['idpEndpoint'], request['idpRequest']) tenantData = getUnscopedToken(keystoneEndpoint, response, realm) tenant = futils.getTenantId(tenantData['tenants'], tenantFn) if tenant is None: tenant = futils.selectTenant(tenantData['tenants'])['id'] scopedToken = swapTokens(keystoneEndpoint, tenantData['unscopedToken'], tenant) return scopedToken