def _get_ksclient(token=None): auth_url = CONF.keystone_authtoken.auth_uri if not auth_url: raise exception.KeystoneFailure(_('Keystone API endpoint is missing')) auth_version = CONF.keystone_authtoken.auth_version api_v3 = _is_apiv3(auth_url, auth_version) if api_v3: from keystoneclient.v3 import client else: from keystoneclient.v2_0 import client auth_url = get_keystone_url(auth_url, auth_version) try: if token: return client.Client(token=token, auth_url=auth_url) else: return client.Client( username=CONF.keystone_authtoken.admin_user, password=CONF.keystone_authtoken.admin_password, tenant_name=CONF.keystone_authtoken.admin_tenant_name, auth_url=auth_url) except ksexception.Unauthorized: raise exception.KeystoneUnauthorized() except ksexception.AuthorizationFailure as err: raise exception.KeystoneFailure( _('Could not authorize in Keystone:' ' %s') % err)
def wrapper(*args, **kwargs): try: return f(*args, **kwargs) except ks_exception.EndpointNotFound: service_type = kwargs.get('service_type', 'baremetal') endpoint_type = kwargs.get('endpoint_type', 'internal') raise exception.CatalogNotFound(service_type=service_type, endpoint_type=endpoint_type) except (ks_exception.Unauthorized, ks_exception.AuthorizationFailure): raise exception.KeystoneUnauthorized() except (ks_exception.NoMatchingPlugin, ks_exception.MissingRequiredOptions) as e: raise exception.ConfigInvalid(str(e)) except Exception as e: LOG.exception('Keystone request failed: %(msg)s', {'msg': str(e)}) raise exception.KeystoneFailure(str(e))