def register_argparse_arguments(parser, argv):
    """Register CLI options needed to create a plugin.

    The function inspects the provided arguments so that it can also register
    the options required for that specific plugin if available.

    :param argparse.ArgumentParser: the parser to attach argparse options to.
    :param list argv: the arguments provided to the appliation.

    :returns: The plugin class that will be loaded or None if not provided.

    :raises exceptions.NoMatchingPlugin: if a plugin cannot be created.
    """
    in_parser = argparse.ArgumentParser(add_help=False)
    env_plugin = os.environ.get('OS_AUTH_PLUGIN')
    for p in (in_parser, parser):
        p.add_argument('--os-auth-plugin',
                       metavar='<name>',
                       default=env_plugin,
                       help='The auth plugin to load')

    options, _args = in_parser.parse_known_args(argv)
    name = options.os_auth_plugin

    if not name:
        return None

    msg = 'Options specific to the %s plugin.' % name
    group = parser.add_argument_group('Authentication Options', msg)

    plugin = base.get_plugin_class(name)
    plugin.register_argparse_arguments(group)
    return plugin
Exemple #2
0
def build_auth_params(auth_plugin_name, cmd_options):
    auth_params = {}
    if auth_plugin_name:
        LOG.debug('auth_type: %s', auth_plugin_name)
        auth_plugin_class = base.get_plugin_class(auth_plugin_name)
        plugin_options = auth_plugin_class.get_options()
        for option in plugin_options:
            option_name = 'os_' + option.dest
            LOG.debug('fetching option %s' % option_name)
            auth_params[option.dest] = getattr(cmd_options, option_name, None)
        # grab tenant from project for v2.0 API compatibility
        if auth_plugin_name.startswith("v2"):
            auth_params['tenant_id'] = getattr(
                cmd_options,
                'os_project_id',
                None,
            )
            auth_params['tenant_name'] = getattr(
                cmd_options,
                'os_project_name',
                None,
            )
    else:
        LOG.debug('no auth_type')
        # delay the plugin choice, grab every option
        plugin_options = set([o.replace('-', '_') for o in OPTIONS_LIST])
        for option in plugin_options:
            option_name = 'os_' + option
            LOG.debug('fetching option %s' % option_name)
            auth_params[option] = getattr(cmd_options, option_name, None)
    return (auth_plugin_class, auth_params)
Exemple #3
0
def load_from_conf_options(conf, group, **kwargs):
    """Load a plugin from an oslo.config CONF object.

    Each plugin will register their own required options and so there is no
    standard list and the plugin should be consulted.

    The base options should have been registered with register_conf_options
    before this function is called.

    :param conf: A conf object.
    :type conf: oslo.config.cfg.ConfigOpts
    :param string group: The group name that options should be read from.

    :returns: An authentication Plugin or None if a name is not provided
    :rtype: :py:class:`keystoneclient.auth.BaseAuthPlugin`

    :raises keystoneclient.exceptions.NoMatchingPlugin: if a plugin cannot be
                                                        created.
    """
    # NOTE(jamielennox): plugins are allowed to specify a 'section' which is
    # the group that auth options should be taken from. If not present they
    # come from the same as the base options were registered in.
    if conf[group].auth_section:
        group = conf[group].auth_section

    name = conf[group].auth_plugin
    if not name:
        return None

    plugin_class = base.get_plugin_class(name)
    plugin_class.register_conf_options(conf, group)
    return plugin_class.load_from_conf_options(conf, group, **kwargs)
Exemple #4
0
def build_auth_params(cmd_options):
    auth_params = {}
    if cmd_options.os_auth_plugin:
        LOG.debug('auth_plugin: %s', cmd_options.os_auth_plugin)
        auth_plugin = base.get_plugin_class(cmd_options.os_auth_plugin)
        plugin_options = auth_plugin.get_options()
        for option in plugin_options:
            option_name = 'os_' + option.dest
            LOG.debug('fetching option %s' % option_name)
            auth_params[option.dest] = getattr(cmd_options, option_name, None)
        # grab tenant from project for v2.0 API compatibility
        if cmd_options.os_auth_plugin.startswith("v2"):
            auth_params['tenant_id'] = getattr(
                cmd_options,
                'os_project_id',
                None,
            )
            auth_params['tenant_name'] = getattr(
                cmd_options,
                'os_project_name',
                None,
            )
    else:
        LOG.debug('no auth_plugin')
        # delay the plugin choice, grab every option
        plugin_options = set([o.replace('-', '_') for o in OPTIONS_LIST])
        for option in plugin_options:
            option_name = 'os_' + option
            LOG.debug('fetching option %s' % option_name)
            auth_params[option] = getattr(cmd_options, option_name, None)
    return auth_params
Exemple #5
0
    def make(cls, plugin_name, protocol="http", host="localhost", port=8082, **kwargs):
        """Initialize a session to Contrail API server

        :param plugin_name: auth plugin to use:
            - http: basic HTTP authentification
            - v2password: keystone v2 auth
            - v3password: keystone v3 auth
        :type plugin_name: str

        :param protocol: protocol used to connect to the API server (default: http)
        :type protocol: str
        :param host: API server host (default: localhost)
        :type host: str
        :param port: API server port (default: 8082)
        :type port: int

        :param kwargs: plugin arguments
        """
        cls.protocol = protocol
        cls.host = host
        cls.port = port
        plugin_cls = base.get_plugin_class(plugin_name)
        plugin_options = {opt.dest: kwargs.pop("os_%s" % opt.dest)
                          for opt in plugin_cls.get_options()}
        plugin = plugin_cls.load_from_options(**plugin_options)
        args = Namespace(**kwargs)
        session = cls.load_from_cli_options(args,
                                            auth=plugin)
        ResourceBase.session = session
        cls.session = session
        return session
Exemple #6
0
def get_plugin_options(name):
    """Get the oslo.config options for a specific plugin.

    This will be the list of config options that is registered and loaded by
    the specified plugin.

    :returns: A list of oslo.config options.
    """
    return base.get_plugin_class(name).get_options()
    def __init__(self, auth_options, api_version=None, verify=True):
        # If no plugin is named by the user, select one based on
        # the supplied options
        if not auth_options.os_auth_plugin:
            auth_options.os_auth_plugin = auth.select_auth_plugin(auth_options)

        self._auth_plugin = auth_options.os_auth_plugin
        self._url = auth_options.os_url
        self._auth_params = auth.build_auth_params(auth_options)
        self._region_name = auth_options.os_region_name
        self._api_version = api_version
        self.timing = auth_options.timing

        # For compatibility until all clients can be updated
        if 'project_name' in self._auth_params:
            self._project_name = self._auth_params['project_name']
        elif 'tenant_name' in self._auth_params:
            self._project_name = self._auth_params['tenant_name']

        # verify is the Requests-compatible form
        self._verify = verify
        # also store in the form used by the legacy client libs
        self._cacert = None
        if isinstance(verify, bool):
            self._insecure = not verify
        else:
            self._cacert = verify
            self._insecure = False

        # Get logging from root logger
        root_logger = logging.getLogger('')
        LOG.setLevel(root_logger.getEffectiveLevel())

        LOG.debug('Using auth plugin: %s' % self._auth_plugin)
        auth_plugin = base.get_plugin_class(self._auth_plugin)
        self.auth = auth_plugin.load_from_options(**self._auth_params)
        # needed by SAML authentication
        request_session = requests.session()
        self.session = session.Session(
            auth=self.auth,
            session=request_session,
            verify=verify,
        )

        self.auth_ref = None
        if 'token' not in self._auth_params:
            LOG.debug("Get service catalog")
            self.auth_ref = self.auth.get_auth_ref(self.session)

        return
Exemple #8
0
    def __init__(self, auth_options, api_version=None, verify=True):
        # If no plugin is named by the user, select one based on
        # the supplied options
        if not auth_options.os_auth_plugin:
            auth_options.os_auth_plugin = auth.select_auth_plugin(auth_options)

        self._auth_plugin = auth_options.os_auth_plugin
        self._url = auth_options.os_url
        self._auth_params = auth.build_auth_params(auth_options)
        self._region_name = auth_options.os_region_name
        self._api_version = api_version
        self.timing = auth_options.timing

        # For compatibility until all clients can be updated
        if 'project_name' in self._auth_params:
            self._project_name = self._auth_params['project_name']
        elif 'tenant_name' in self._auth_params:
            self._project_name = self._auth_params['tenant_name']

        # verify is the Requests-compatible form
        self._verify = verify
        # also store in the form used by the legacy client libs
        self._cacert = None
        if isinstance(verify, bool):
            self._insecure = not verify
        else:
            self._cacert = verify
            self._insecure = False

        # Get logging from root logger
        root_logger = logging.getLogger('')
        LOG.setLevel(root_logger.getEffectiveLevel())

        LOG.debug('Using auth plugin: %s' % self._auth_plugin)
        auth_plugin = base.get_plugin_class(self._auth_plugin)
        self.auth = auth_plugin.load_from_options(**self._auth_params)
        # needed by SAML authentication
        request_session = requests.session()
        self.session = session.Session(
            auth=self.auth,
            session=request_session,
            verify=verify,
        )

        self.auth_ref = None
        if 'token' not in self._auth_params:
            LOG.debug("Get service catalog")
            self.auth_ref = self.auth.get_auth_ref(self.session)

        return
def load_from_argparse_arguments(namespace, **kwargs):
    """Retrieve the created plugin from the completed argparse results.

    Loads and creates the auth plugin from the information parsed from the
    command line by argparse.

    :param Namespace namespace: The result from CLI parsing.

    :returns: An auth plugin, or None if a name is not provided.

    :raises exceptions.NoMatchingPlugin: if a plugin cannot be created.
    """
    if not namespace.os_auth_plugin:
        return None

    plugin = base.get_plugin_class(namespace.os_auth_plugin)
    return plugin.load_from_argparse_arguments(namespace, **kwargs)
def register_argparse_arguments(parser, argv):
    """Register CLI options needed to create a plugin.

    The function inspects the provided arguments so that it can also register
    the options required for that specific plugin if available.

    :param argparse.ArgumentParser: the parser to attach argparse options to.
    :param list argv: the arguments provided to the appliation.

    :returns: The plugin class that will be loaded or None if not provided.

    :raises exceptions.NoMatchingPlugin: if a plugin cannot be created.
    """
    in_parser = argparse.ArgumentParser(add_help=False)
    env_plugin = os.environ.get('OS_AUTH_PLUGIN')
    for p in (in_parser, parser):
        p.add_argument('--os-auth-plugin',
                       metavar='<name>',
                       default=env_plugin,
                       help='The auth plugin to load')

    options, _args = in_parser.parse_known_args(argv)

    if not options.os_auth_plugin:
        return None

    msg = 'Options specific to the %s plugin.' % options.os_auth_plugin
    group = parser.add_argument_group('Authentication Options', msg)
    plugin = base.get_plugin_class(options.os_auth_plugin)

    for opt in plugin.get_options():
        if opt.default is None:
            env_name = opt.name.replace('-', '_').upper()
            default = os.environ.get('OS_' + env_name)
        else:
            default = opt.default

        group.add_argument('--os-' + opt.name,
                           default=default,
                           metavar=opt.metavar,
                           help=opt.help,
                           dest=opt.dest)

    return plugin
Exemple #11
0
def register_argparse_arguments(parser, argv, default=None):
    """Register CLI options needed to create a plugin.

    The function inspects the provided arguments so that it can also register
    the options required for that specific plugin if available.

    :param argparse.ArgumentParser: the parser to attach argparse options to.
    :param List argv: the arguments provided to the application.
    :param str/class default: a default plugin name or a plugin object to use
                              if one isn't specified by the CLI. default: None.

    :returns: The plugin class that will be loaded or None if not provided.
    :rtype: :py:class:`keystoneclient.auth.BaseAuthPlugin`

    :raises keystoneclient.exceptions.NoMatchingPlugin: if a plugin cannot be
                                                        created.
    """
    in_parser = argparse.ArgumentParser(add_help=False)
    env_plugin = os.environ.get('OS_AUTH_PLUGIN', default)
    for p in (in_parser, parser):
        p.add_argument('--os-auth-plugin',
                       metavar='<name>',
                       default=env_plugin,
                       help='The auth plugin to load')

    options, _args = in_parser.parse_known_args(argv)

    if not options.os_auth_plugin:
        return None

    if isinstance(options.os_auth_plugin, type):
        msg = 'Default Authentication options'
        plugin = options.os_auth_plugin
    else:
        msg = 'Options specific to the %s plugin.' % options.os_auth_plugin
        plugin = base.get_plugin_class(options.os_auth_plugin)

    group = parser.add_argument_group('Authentication Options', msg)
    plugin.register_argparse_arguments(group)
    return plugin
Exemple #12
0
def register_argparse_arguments(parser, argv, default=None):
    """Register CLI options needed to create a plugin.

    The function inspects the provided arguments so that it can also register
    the options required for that specific plugin if available.

    :param argparse.ArgumentParser: the parser to attach argparse options to.
    :param list argv: the arguments provided to the appliation.
    :param str/class default: a default plugin name or a plugin object to use
                              if one isn't specified by the CLI. default: None.

    :returns: The plugin class that will be loaded or None if not provided.
    :rtype: :py:class:`keystoneclient.auth.BaseAuthPlugin`

    :raises keystoneclient.exceptions.NoMatchingPlugin: if a plugin cannot be
                                                        created.
    """
    in_parser = argparse.ArgumentParser(add_help=False)
    env_plugin = os.environ.get('OS_AUTH_PLUGIN', default)
    for p in (in_parser, parser):
        p.add_argument('--os-auth-plugin',
                       metavar='<name>',
                       default=env_plugin,
                       help='The auth plugin to load')

    options, _args = in_parser.parse_known_args(argv)

    if not options.os_auth_plugin:
        return None

    if isinstance(options.os_auth_plugin, type):
        msg = 'Default Authentication options'
        plugin = options.os_auth_plugin
    else:
        msg = 'Options specific to the %s plugin.' % options.os_auth_plugin
        plugin = base.get_plugin_class(options.os_auth_plugin)

    group = parser.add_argument_group('Authentication Options', msg)
    plugin.register_argparse_arguments(group)
    return plugin
Exemple #13
0
def load_from_argparse_arguments(namespace, **kwargs):
    """Retrieve the created plugin from the completed argparse results.

    Loads and creates the auth plugin from the information parsed from the
    command line by argparse.

    :param Namespace namespace: The result from CLI parsing.

    :returns: An auth plugin, or None if a name is not provided.

    :raises keystoneclient.exceptions.NoMatchingPlugin: if a plugin cannot be
                                                        created.
    """
    if not namespace.os_auth_plugin:
        return None

    if isinstance(namespace.os_auth_plugin, type):
        plugin = namespace.os_auth_plugin
    else:
        plugin = base.get_plugin_class(namespace.os_auth_plugin)

    return plugin.load_from_argparse_arguments(namespace, **kwargs)
def build_auth_params(auth_plugin_name, cmd_options):

    auth_params = dict(cmd_options.auth)
    if auth_plugin_name:
        LOG.debug('auth_type: %s', auth_plugin_name)
        auth_plugin_class = base.get_plugin_class(auth_plugin_name)
        # grab tenant from project for v2.0 API compatibility
        if auth_plugin_name.startswith("v2"):
            if 'project_id' in auth_params:
                auth_params['tenant_id'] = auth_params['project_id']
                del auth_params['project_id']
            if 'project_name' in auth_params:
                auth_params['tenant_name'] = auth_params['project_name']
                del auth_params['project_name']
    else:
        LOG.debug('no auth_type')
        # delay the plugin choice, grab every option
        auth_plugin_class = None
        plugin_options = set([o.replace('-', '_') for o in get_options_list()])
        for option in plugin_options:
            LOG.debug('fetching option %s' % option)
            auth_params[option] = getattr(cmd_options.auth, option, None)
    return (auth_plugin_class, auth_params)
Exemple #15
0
def build_auth_params(cmd_options):
    auth_params = {}
    if cmd_options.os_auth_plugin:
        LOG.debug("auth_plugin: %s", cmd_options.os_auth_plugin)
        auth_plugin = base.get_plugin_class(cmd_options.os_auth_plugin)
        plugin_options = auth_plugin.get_options()
        for option in plugin_options:
            option_name = "os_" + option.dest
            LOG.debug("fetching option %s" % option_name)
            auth_params[option.dest] = getattr(cmd_options, option_name, None)
        # grab tenant from project for v2.0 API compatibility
        if cmd_options.os_auth_plugin.startswith("v2"):
            auth_params["tenant_id"] = getattr(cmd_options, "os_project_id", None)
            auth_params["tenant_name"] = getattr(cmd_options, "os_project_name", None)
    else:
        LOG.debug("no auth_plugin")
        # delay the plugin choice, grab every option
        plugin_options = set([o.replace("-", "_") for o in OPTIONS_LIST])
        for option in plugin_options:
            option_name = "os_" + option
            LOG.debug("fetching option %s" % option_name)
            auth_params[option] = getattr(cmd_options, option_name, None)
    return auth_params
Exemple #16
0
    def make(cls,
             plugin_name,
             protocol="http",
             host="localhost",
             port=8082,
             **kwargs):
        """Initialize a session to Contrail API server

        :param plugin_name: auth plugin to use:
            - http: basic HTTP authentification
            - v2password: keystone v2 auth
            - v3password: keystone v3 auth
        :type plugin_name: str

        :param protocol: protocol used to connect to the API server (default: http)
        :type protocol: str
        :param host: API server host (default: localhost)
        :type host: str
        :param port: API server port (default: 8082)
        :type port: int

        :param kwargs: plugin arguments
        """
        cls.protocol = protocol
        cls.host = host
        cls.port = port
        plugin_cls = base.get_plugin_class(plugin_name)
        plugin_options = {
            opt.dest: kwargs.pop("os_%s" % opt.dest)
            for opt in plugin_cls.get_options()
        }
        plugin = plugin_cls.load_from_options(**plugin_options)
        args = Namespace(**kwargs)
        session = cls.load_from_cli_options(args, auth=plugin)
        ResourceBase.session = session
        cls.session = session
        return session
def load_from_conf_options(conf, group, **kwargs):
    """Load a plugin from an oslo.config CONF object.

    Each plugin will register there own required options and so there is no
    standard list and the plugin should be consulted.

    The base options should have been registered with register_conf_options
    before this function is called.

    :param conf: An oslo.config conf object.
    :param string group: The group name that options should be read from.

    :returns plugin: An authentication Plugin.

    :raises exceptions.NoMatchingPlugin: if a plugin cannot be created.
    """
    # NOTE(jamielennox): plugins are allowed to specify a 'section' which is
    # the group that auth options should be taken from. If not present they
    # come from the same as the base options were registered in.
    if conf[group].auth_section:
        group = conf[group].auth_section

    name = conf[group].auth_plugin
    if not name:
        raise exceptions.NoMatchingPlugin('No plugin name provided for config')

    plugin_class = base.get_plugin_class(name)
    plugin_opts = plugin_class.get_options()
    conf.register_opts(plugin_opts, group=group)

    for opt in plugin_opts:
        val = conf[group][opt.dest]
        if val is not None:
            val = opt.type(val)
        kwargs.setdefault(opt.dest, val)

    return plugin_class.load_from_options(**kwargs)
def load_from_argparse_arguments(namespace, **kwargs):
    """Retrieve the created plugin from the completed argparse results.

    Loads and creates the auth plugin from the information parsed from the
    command line by argparse.

    :param Namespace namespace: The result from CLI parsing.

    :returns: An auth plugin, or None if a name is not provided.

    :raises exceptions.NoMatchingPlugin: if a plugin cannot be created.
    """
    if not namespace.os_auth_plugin:
        return None

    plugin_class = base.get_plugin_class(namespace.os_auth_plugin)

    for opt in plugin_class.get_options():
        val = getattr(namespace, opt.dest)
        if val is not None:
            val = opt.type(val)
        kwargs.setdefault(opt.dest, val)

    return plugin_class.load_from_options(**kwargs)