Exemple #1
0
def load_backends():

    # Configure and build the cache
    cache.configure_cache_region(cache.REGION)

    # Ensure that the identity driver is created before the assignment manager.
    # The default assignment driver is determined by the identity driver, so
    # the identity driver must be available to the assignment manager.
    _IDENTITY_API = identity.Manager()

    DRIVERS = dict(assignment_api=assignment.Manager(),
                   catalog_api=catalog.Manager(),
                   credential_api=credential.Manager(),
                   endpoint_filter_api=endpoint_filter.Manager(),
                   id_generator_api=identity.generator.Manager(),
                   id_mapping_api=identity.MappingManager(),
                   identity_api=_IDENTITY_API,
                   policy_api=policy.Manager(),
                   token_api=token.Manager(),
                   trust_api=trust.Manager(),
                   token_provider_api=token.provider.Manager())

    auth.controllers.load_auth_methods()

    return DRIVERS
Exemple #2
0
def initialize_drivers():
    DRIVERS['catalog_api'] = catalog.Manager()
    DRIVERS['identity_api'] = identity.Manager()
    DRIVERS['policy_api'] = policy.Manager()
    DRIVERS['token_api'] = token.Manager()
    DRIVERS['trust_api'] = trust.Manager()
    return DRIVERS
Exemple #3
0
    def setUp(self):
        super(SqlTests, self).setUp()
        self.config([
            test.etcdir('keystone.conf.sample'),
            test.testsdir('test_overrides.conf'),
            test.testsdir('backend_sql.conf')
        ])

        # initialize managers and override drivers
        self.catalog_man = catalog.Manager()
        self.identity_man = identity.Manager()
        self.token_man = token.Manager()
        self.trust_man = trust.Manager()
        self.policy_man = policy.Manager()

        # create shortcut references to each driver
        self.catalog_api = self.catalog_man.driver
        self.identity_api = self.identity_man.driver
        self.token_api = self.token_man.driver
        self.policy_api = self.policy_man.driver
        self.trust_api = self.trust_man.driver

        # populate the engine with tables & fixtures
        self.load_fixtures(default_fixtures)
        #defaulted by the data load
        self.user_foo['enabled'] = True
Exemple #4
0
    def setUp(self):
        super(SqlTests, self).setUp()
        self.config([
            test.etcdir('keystone.conf.sample'),
            test.testsdir('test_overrides.conf'),
            test.testsdir('backend_sql.conf')
        ])

        # initialize managers and override drivers
        self.catalog_man = catalog.Manager()
        self.identity_man = identity.Manager()
        self.token_man = token.Manager()
        self.trust_man = trust.Manager()
        self.policy_man = policy.Manager()

        # create tables and keep an engine reference for cleanup.
        # this must be done after the models are loaded by the managers.
        self.engine = self.get_engine()
        sql.ModelBase.metadata.create_all(bind=self.engine)

        # create shortcut references to each driver
        self.catalog_api = self.catalog_man.driver
        self.identity_api = self.identity_man.driver
        self.token_api = self.token_man.driver
        self.policy_api = self.policy_man.driver
        self.trust_api = self.trust_man.driver

        # populate the engine with tables & fixtures
        self.load_fixtures(default_fixtures)
        #defaulted by the data load
        self.user_foo['enabled'] = True
Exemple #5
0
def load_backends():

    # Configure and build the cache
    cache.configure_cache()
    cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION)

    # Ensure that the identity driver is created before the assignment manager
    # and that the assignment driver is created before the resource manager.
    # The default resource driver depends on assignment, which in turn
    # depends on identity - hence we need to ensure the chain is available.
    _IDENTITY_API = identity.Manager()
    _ASSIGNMENT_API = assignment.Manager()

    DRIVERS = dict(assignment_api=_ASSIGNMENT_API,
                   catalog_api=catalog.Manager(),
                   credential_api=credential.Manager(),
                   domain_config_api=resource.DomainConfigManager(),
                   endpoint_policy_api=endpoint_policy.Manager(),
                   federation_api=federation.Manager(),
                   id_generator_api=identity.generator.Manager(),
                   id_mapping_api=identity.MappingManager(),
                   identity_api=_IDENTITY_API,
                   oauth_api=oauth1.Manager(),
                   policy_api=policy.Manager(),
                   resource_api=resource.Manager(),
                   revoke_api=revoke.Manager(),
                   role_api=assignment.RoleManager(),
                   token_api=token.persistence.Manager(),
                   trust_api=trust.Manager(),
                   token_provider_api=token.provider.Manager())

    auth.controllers.load_auth_methods()

    return DRIVERS
Exemple #6
0
def load_backends(include_oauth1=False):

    # Ensure that the identity driver is created before the assignment manager.
    # The default assignment driver is determined by the identity driver, so
    # the identity driver must be available to the assignment manager.
    _IDENTITY_API = identity.Manager()

    DRIVERS = dict(
        assignment_api=assignment.Manager(),
        catalog_api=catalog.Manager(),
        credential_api=credential.Manager(),
        endpoint_filter_api=endpoint_filter.Manager(),
        identity_api=_IDENTITY_API,
        policy_api=policy.Manager(),
        token_api=token.Manager(),
        trust_api=trust.Manager(),
        token_provider_api=token.provider.Manager())

    if include_oauth1:
        from keystone.contrib import oauth1
        DRIVERS['oauth1_api'] = oauth1.Manager()

    dependency.resolve_future_dependencies()

    return DRIVERS
Exemple #7
0
 def __init__(self):
     self.catalog_api = catalog.Manager()
     self.identity_api = identity.Manager()
     self.token_api = token.Manager()
     self.policy_api = policy.Manager()
     self.ec2_api = Manager()
     super(Ec2Controller, self).__init__()
Exemple #8
0
    def setUp(self):
        super(TestV2CatalogAPISQL, self).setUp()
        self.useFixture(database.Database())
        self.catalog_api = catalog.Manager()

        service = unit.new_service_ref()
        self.service_id = service['id']
        self.catalog_api.create_service(self.service_id, service)

        self.create_endpoint(service_id=self.service_id)
Exemple #9
0
 def setUp(self):
     super(SqlCatalog, self).setUp()
     self.config([
         test.etcdir('keystone.conf.sample'),
         test.testsdir('test_overrides.conf'),
         test.testsdir('backend_sql.conf')
     ])
     sql_util.setup_test_database()
     self.catalog_api = catalog_sql.Catalog()
     self.catalog_man = catalog.Manager()
     self.load_fixtures(default_fixtures)
Exemple #10
0
    def setUp(self):
        super(TestV2CatalogAPISQL, self).setUp()
        self.useFixture(database.Database())
        self.catalog_api = catalog.Manager()

        self.service_id = uuid.uuid4().hex
        service = {'id': self.service_id, 'name': uuid.uuid4().hex}
        self.catalog_api.create_service(self.service_id, service)

        endpoint = self.new_endpoint_ref(service_id=self.service_id)
        self.catalog_api.create_endpoint(endpoint['id'], endpoint)
Exemple #11
0
def load_backends():

    # Configure and build the cache
    cache.configure_cache()
    cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION)
    cache.apply_invalidation_patch(
        region=catalog.COMPUTED_CATALOG_REGION,
        region_name=catalog.COMPUTED_CATALOG_REGION.name)
    cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION)
    cache.apply_invalidation_patch(
        region=assignment.COMPUTED_ASSIGNMENTS_REGION,
        region_name=assignment.COMPUTED_ASSIGNMENTS_REGION.name)
    cache.configure_cache(region=revoke.REVOKE_REGION)
    cache.apply_invalidation_patch(region=revoke.REVOKE_REGION,
                                   region_name=revoke.REVOKE_REGION.name)
    cache.configure_cache(region=token.provider.TOKENS_REGION)
    cache.configure_cache(region=identity.ID_MAPPING_REGION)
    cache.apply_invalidation_patch(region=identity.ID_MAPPING_REGION,
                                   region_name=identity.ID_MAPPING_REGION.name)

    # Ensure that the identity driver is created before the assignment manager
    # and that the assignment driver is created before the resource manager.
    # The default resource driver depends on assignment, which in turn
    # depends on identity - hence we need to ensure the chain is available.
    # TODO(morganfainberg): In "O" release move _IDENTITY_API to be directly
    # instantiated in the DRIVERS dict once assignment driver being selected
    # based upon [identity]/driver is removed.
    _IDENTITY_API = identity.Manager()
    _ASSIGNMENT_API = assignment.Manager()

    DRIVERS = dict(
        assignment_api=_ASSIGNMENT_API,
        catalog_api=catalog.Manager(),
        credential_api=credential.Manager(),
        domain_config_api=resource.DomainConfigManager(),
        endpoint_policy_api=endpoint_policy.Manager(),
        federation_api=federation.Manager(),
        id_generator_api=identity.generator.Manager(),
        id_mapping_api=identity.MappingManager(),
        identity_api=_IDENTITY_API,
        shadow_users_api=identity.ShadowUsersManager(),
        oauth_api=oauth1.Manager(),
        policy_api=policy.Manager(),
        resource_api=resource.Manager(),
        revoke_api=revoke.Manager(),
        role_api=assignment.RoleManager(),
        token_api=token.persistence.Manager(),
        trust_api=trust.Manager(),
        token_provider_api=token.provider.Manager())

    auth.controllers.load_auth_methods()

    return DRIVERS
Exemple #12
0
    def setUp(self):
        super(TestV2CatalogAPISQL, self).setUp()
        self.load_backends()
        self.load_fixtures(default_fixtures)

        self.catalog_api = catalog.Manager()

        self.service_id = uuid.uuid4().hex
        service = {'id': self.service_id, 'name': uuid.uuid4().hex}
        self.catalog_api.create_service(self.service_id, service)

        endpoint = self.new_endpoint_ref(service_id=self.service_id)
        self.catalog_api.create_endpoint(endpoint['id'], endpoint)
Exemple #13
0
def load_backends():

    # Configure and build the cache
    cache.configure_cache()
    cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION)
    cache.apply_invalidation_patch(
        region=catalog.COMPUTED_CATALOG_REGION,
        region_name=catalog.COMPUTED_CATALOG_REGION.name)
    cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION)
    cache.apply_invalidation_patch(
        region=assignment.COMPUTED_ASSIGNMENTS_REGION,
        region_name=assignment.COMPUTED_ASSIGNMENTS_REGION.name)

    # Ensure that the assignment driver is created before the resource manager.
    # The default resource driver depends on assignment.
    _ASSIGNMENT_API = assignment.Manager()

    DRIVERS = dict(assignment_api=_ASSIGNMENT_API,
                   catalog_api=catalog.Manager(),
                   credential_api=credential.Manager(),
                   domain_config_api=resource.DomainConfigManager(),
                   endpoint_policy_api=endpoint_policy.Manager(),
                   federation_api=federation.Manager(),
                   id_generator_api=identity.generator.Manager(),
                   id_mapping_api=identity.MappingManager(),
                   identity_api=identity.Manager(),
                   oauth_api=oauth1.Manager(),
                   policy_api=policy.Manager(),
                   resource_api=resource.Manager(),
                   revoke_api=revoke.Manager(),
                   role_api=assignment.RoleManager(),
                   token_api=token.persistence.Manager(),
                   trust_api=trust.Manager(),
                   token_provider_api=token.provider.Manager())

    auth.controllers.load_auth_methods()

    return DRIVERS
Exemple #14
0
def load_backends():

    # Configure and build the cache
    cache.configure_cache_region(cache.REGION)

    # Ensure that the identity driver is created before the assignment manager.
    # The default assignment driver is determined by the identity driver, so
    # the identity driver must be available to the assignment manager.
    _IDENTITY_API = identity.Manager()

    DRIVERS = dict(
        assignment_api=assignment.Manager(),
        catalog_api=catalog.Manager(),
        credential_api=credential.Manager(),
        domain_config_api=resource.DomainConfigManager(),
        endpoint_filter_api=endpoint_filter.Manager(),
        endpoint_policy_api=endpoint_policy.Manager(),
        federation_api=federation.Manager(),
        id_generator_api=identity.generator.Manager(),
        id_mapping_api=identity.MappingManager(),
        identity_api=_IDENTITY_API,
        oauth_api=oauth1.Manager(),
        policy_api=policy.Manager(),
        resource_api=resource.Manager(),
        revoke_api=revoke.Manager(),
        role_api=assignment.RoleManager(),
        token_api=token.persistence.Manager(),
        trust_api=trust.Manager(),
        token_provider_api=token.provider.Manager(),
        # admin_api=moon.AdminManager(),
        # authz_api=moon.AuthzManager()
        )

    auth.controllers.load_auth_methods()

    return DRIVERS
Exemple #15
0
def load_backends():

    # Configure and build the cache
    cache.configure_cache()
    cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION)
    cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION)
    cache.configure_cache(region=revoke.REVOKE_REGION)
    cache.configure_cache(region=token.provider.TOKENS_REGION)
    cache.configure_cache(region=identity.ID_MAPPING_REGION)
    cache.configure_invalidation_region()

    # NOTE(knikolla): The assignment manager must be instantiated before the
    # resource manager. The current dictionary ordering ensures that.
    DRIVERS = dict(assignment_api=assignment.Manager(),
                   catalog_api=catalog.Manager(),
                   credential_api=credential.Manager(),
                   credential_provider_api=credential.provider.Manager(),
                   domain_config_api=resource.DomainConfigManager(),
                   endpoint_policy_api=endpoint_policy.Manager(),
                   federation_api=federation.Manager(),
                   id_generator_api=identity.generator.Manager(),
                   id_mapping_api=identity.MappingManager(),
                   identity_api=identity.Manager(),
                   shadow_users_api=identity.ShadowUsersManager(),
                   oauth_api=oauth1.Manager(),
                   policy_api=policy.Manager(),
                   resource_api=resource.Manager(),
                   revoke_api=revoke.Manager(),
                   role_api=assignment.RoleManager(),
                   token_api=token.persistence.Manager(),
                   trust_api=trust.Manager(),
                   token_provider_api=token.provider.Manager())

    auth.core.load_auth_methods()

    return DRIVERS
Exemple #16
0
 def __init__(self, context):
     self.identity_api = identity.Manager()
     self.catalog_api = catalog.Manager()
     self.trust_api = trust.Manager()
     self.context = context
Exemple #17
0
from keystone.common import logging
from keystone.common import wsgi
from keystone import config
from keystone.contrib import ec2
from keystone import controllers
from keystone import credential
from keystone import identity
from keystone import policy
from keystone import routers
from keystone import token
from keystone import trust

CONF = config.CONF
LOG = logging.getLogger(__name__)

DRIVERS = dict(catalog_api=catalog.Manager(),
               credentials_api=credential.Manager(),
               ec2_api=ec2.Manager(),
               identity_api=identity.Manager(),
               policy_api=policy.Manager(),
               token_api=token.Manager(),
               trust_api=trust.Manager())


@logging.fail_gracefully
def public_app_factory(global_conf, **local_conf):
    controllers.register_version('v2.0')
    conf = global_conf.copy()
    conf.update(local_conf)
    return wsgi.ComposingRouter(routes.Mapper(), [
        identity.routers.Public(),
Exemple #18
0
 def setUp(self):
     super(TestCatalogAPISQLRegions, self).setUp()
     self.useFixture(database.Database())
     self.catalog_api = catalog.Manager()
Exemple #19
0
 def setUp(self):
     super(KvsCatalog, self).setUp()
     self.catalog_api = catalog_kvs.Catalog(db={})
     self.catalog_man = catalog.Manager()
     self.load_fixtures(default_fixtures)
     self._load_fake_catalog()
Exemple #20
0
    def __init__(self):
        mapper = routes.Mapper()

        apis = dict(catalog_api=catalog.Manager(),
                    identity_api=identity.Manager(),
                    policy_api=policy.Manager(),
                    token_api=token.Manager())

        # Catalog

        self.crud_routes(mapper, catalog.ServiceControllerV3(**apis),
                         'services', 'service')

        self.crud_routes(mapper, catalog.EndpointControllerV3(**apis),
                         'endpoints', 'endpoint')

        # Identity

        self.crud_routes(mapper, identity.DomainControllerV3(**apis),
                         'domains', 'domain')

        project_controller = identity.ProjectControllerV3(**apis)
        self.crud_routes(mapper, project_controller, 'projects', 'project')
        mapper.connect('/users/{user_id}/projects',
                       controller=project_controller,
                       action='list_user_projects',
                       conditions=dict(method=['GET']))

        self.crud_routes(mapper, identity.UserControllerV3(**apis), 'users',
                         'user')

        self.crud_routes(mapper, identity.CredentialControllerV3(**apis),
                         'credentials', 'credential')

        role_controller = identity.RoleControllerV3(**apis)
        self.crud_routes(mapper, role_controller, 'roles', 'role')
        mapper.connect(
            '/projects/{project_id}/users/{user_id}/roles/{role_id}',
            controller=role_controller,
            action='create_grant',
            conditions=dict(method=['PUT']))
        mapper.connect(
            '/projects/{project_id}/users/{user_id}/roles/{role_id}',
            controller=role_controller,
            action='check_grant',
            conditions=dict(method=['HEAD']))
        mapper.connect('/projects/{project_id}/users/{user_id}/roles',
                       controller=role_controller,
                       action='list_grants',
                       conditions=dict(method=['GET']))
        mapper.connect(
            '/projects/{project_id}/users/{user_id}/roles/{role_id}',
            controller=role_controller,
            action='revoke_grant',
            conditions=dict(method=['DELETE']))
        mapper.connect('/domains/{domain_id}/users/{user_id}/roles/{role_id}',
                       controller=role_controller,
                       action='create_grant',
                       conditions=dict(method=['PUT']))
        mapper.connect('/domains/{domain_id}/users/{user_id}/roles/{role_id}',
                       controller=role_controller,
                       action='check_grant',
                       conditions=dict(method=['HEAD']))
        mapper.connect('/domains/{domain_id}/users/{user_id}/roles',
                       controller=role_controller,
                       action='list_grants',
                       conditions=dict(method=['GET']))
        mapper.connect('/domains/{domain_id}/users/{user_id}/roles/{role_id}',
                       controller=role_controller,
                       action='revoke_grant',
                       conditions=dict(method=['DELETE']))

        # Policy

        policy_controller = policy.PolicyControllerV3(**apis)
        self.crud_routes(mapper, policy_controller, 'policies', 'policy')

        # Token
        """
        # v2.0 LEGACY
        mapper.connect('/tokens/{token_id}',
                       controller=auth_controller,
                       action='validate_token',
                       conditions=dict(method=['GET']))
        mapper.connect('/tokens/{token_id}',
                       controller=auth_controller,
                       action='validate_token_head',
                       conditions=dict(method=['HEAD']))
        mapper.connect('/tokens/{token_id}',
                       controller=auth_controller,
                       action='delete_token',
                       conditions=dict(method=['DELETE']))
        mapper.connect('/tokens/{token_id}/endpoints',
                       controller=auth_controller,
                       action='endpoints',
                       conditions=dict(method=['GET']))
        """

        super(V3Router, self).__init__(mapper, [])
Exemple #21
0
    def __init__(self, version_type):
        self.catalog_api = catalog.Manager()
        self.url_key = "%sURL" % version_type

        super(VersionController, self).__init__()
Exemple #22
0
 def setUp(self):
     super(TestTemplatedCatalog, self).setUp()
     self.opt_in_group('catalog', template_file=DEFAULT_CATALOG_TEMPLATES)
     self.catalog_api = catalog_templated.TemplatedCatalog()
     self.catalog_man = catalog.Manager()
     self.load_fixtures(default_fixtures)
Exemple #23
0
from keystone import token
from keystone import trust

CONF = config.CONF
LOG = logging.getLogger(__name__)

# Ensure the cache is configured and built before we instantiate the managers
cache.configure_cache_region(cache.REGION)

# Ensure that the identity driver is created before the assignment manager.
# The default assignment driver is determined by the identity driver, so the
# identity driver must be available to the assignment manager.
_IDENTITY_API = identity.Manager()

DRIVERS = dict(assignment_api=assignment.Manager(),
               catalog_api=catalog.Manager(),
               credentials_api=credential.Manager(),
               endpoint_filter_api=endpoint_filter.Manager(),
               identity_api=_IDENTITY_API,
               policy_api=policy.Manager(),
               token_api=token.Manager(),
               trust_api=trust.Manager(),
               token_provider_api=token.provider.Manager())

dependency.resolve_future_dependencies()


def fail_gracefully(f):
    """Logs exceptions and aborts."""
    @functools.wraps(f)
    def wrapper(*args, **kw):