Exemple #1
0
 def _confirm_token_not_expired(self, data):
     if not data:
         raise InvalidUserToken('Token authorization failed')
     if self._token_is_v2(data):
         timestamp = data['access']['token']['expires']
     elif self._token_is_v3(data):
         timestamp = data['token']['expires_at']
     else:
         raise InvalidUserToken('Token authorization failed')
     expires = timeutils.parse_isotime(timestamp).strftime('%s')
     if time.time() >= float(expires):
         self.LOG.debug('Token expired a %s', timestamp)
         raise InvalidUserToken('Token authorization failed')
     return expires
Exemple #2
0
 def _confirm_token_not_expired(self, data):
     if not data:
         raise InvalidUserToken('Token authorization failed')
     if self._token_is_v2(data):
         timestamp = data['access']['token']['expires']
     elif self._token_is_v3(data):
         timestamp = data['token']['expires_at']
     else:
         raise InvalidUserToken('Token authorization failed')
     expires = timeutils.parse_isotime(timestamp).strftime('%s')
     if time.time() >= float(expires):
         self.LOG.debug('Token expired a %s', timestamp)
         raise InvalidUserToken('Token authorization failed')
     return expires
Exemple #3
0
    def _request_admin_token(self):
        """Retrieve new token as admin user from monitor.

        :return token id upon success
        :raises ServerError when unable to communicate with monitor

        Irrespective of the auth version we are going to use for the
        user token, for simplicity we always use a v2 admin token to
        validate the user token.

        """
        params = {
            'auth': {
                'passwordCredentials': {
                    'username': self.admin_user,
                    'password': self.admin_password,
                },
                'tenantName': self.admin_tenant_name,
            }
        }

        response, data = self._json_request('POST',
                                            '/v2.0/tokens',
                                            body=params)

        try:
            token = data['access']['token']['id']
            expiry = data['access']['token']['expires']
            assert token
            assert expiry
            datetime_expiry = timeutils.parse_isotime(expiry)
            return (token, timeutils.normalize_time(datetime_expiry))
        except (AssertionError, KeyError):
            self.LOG.warn(
                "Unexpected response from monitor service: %s", data)
            raise ServiceError('invalid json response')
        except (ValueError):
            self.LOG.warn(
                "Unable to parse expiration time from token: %s", data)
            raise ServiceError('invalid json response')
Exemple #4
0
    def _request_admin_token(self):
        """Retrieve new token as admin user from monitor.

        :return token id upon success
        :raises ServerError when unable to communicate with monitor

        Irrespective of the auth version we are going to use for the
        user token, for simplicity we always use a v2 admin token to
        validate the user token.

        """
        params = {
            'auth': {
                'passwordCredentials': {
                    'username': self.admin_user,
                    'password': self.admin_password,
                },
                'tenantName': self.admin_tenant_name,
            }
        }

        response, data = self._json_request('POST',
                                            '/v2.0/tokens',
                                            body=params)

        try:
            token = data['access']['token']['id']
            expiry = data['access']['token']['expires']
            assert token
            assert expiry
            datetime_expiry = timeutils.parse_isotime(expiry)
            return (token, timeutils.normalize_time(datetime_expiry))
        except (AssertionError, KeyError):
            self.LOG.warn("Unexpected response from monitor service: %s", data)
            raise ServiceError('invalid json response')
        except (ValueError):
            self.LOG.warn("Unable to parse expiration time from token: %s",
                          data)
            raise ServiceError('invalid json response')