def authenticate(self, creds):
username = lookup(creds, 'auth', 'passwordCredentials',
'username')
credential = lookup(creds, 'auth', 'passwordCredentials',
'password')
token_id = lookup(creds, 'auth', 'token', 'id')
token_auth = None
if token_id:
token = identity.token_id_driver().token_from_id(token_id)
token_driver = identity.token_driver()
token_driver.validate_token(token)
username = token_driver.username(token)
credential = token_driver.credential(token)
token_auth = token['auth_type'] == 'token'
def assert_tenant(user):
tenant = lookup(creds, 'auth', 'tenantId') or lookup(creds,
'auth',
'tenantName')
if tenant and str(user['accountId']) != tenant:
raise Unauthorized('Invalid username, password or tenant id')
# If the 'password' is the right length, treat it as an API api_key
if len(credential) == 64:
client = Client(username=username, api_key=credential,
endpoint_url=cfg.CONF['softlayer']['endpoint'],
proxy=cfg.CONF['softlayer']['proxy'])
user = client['Account'].getCurrentUser(mask=USER_MASK)
assert_tenant(user)
return {'user': user, 'credential': credential,
'auth_type': 'api_key'}
else:
client = Client(endpoint_url=cfg.CONF['softlayer']['endpoint'],
proxy=cfg.CONF['softlayer']['proxy'])
client.auth = None
try:
if token_auth:
client.auth = TokenAuthentication(token['user_id'],
credential)
else:
userId, tokenHash = client.\
authenticate_with_password(username, credential)
user = client['Account'].getCurrentUser(mask=USER_MASK)
assert_tenant(user)
if token_auth:
tokenHash = credential
return {'user': user, 'credential': tokenHash,
'auth_type': 'token'}
except SoftLayerAPIError as e:
if (e.faultCode == "SoftLayer_Exception_User_Customer"
"_LoginFailed"):
raise Unauthorized(e.faultString)
raise
def bind_client(req, resp, kwargs):
client = Client(endpoint_url=cfg.CONF['softlayer']['endpoint'])
client.auth = None
req.env['sl_client'] = client
auth_token = req.env.get('auth', None)
if auth_token is not None:
client.auth = get_auth(auth_token)
def bind_client(req, resp, kwargs):
client = Client(endpoint_url=cfg.CONF['softlayer']['endpoint'],
proxy=cfg.CONF['softlayer']['proxy'])
client.auth = None
req.env['sl_client'] = client
auth_token = req.env.get('auth', None)
if auth_token is not None:
client.auth = get_auth(auth_token)
def get_new_token(credentials):
username = lookup(credentials, 'auth', 'passwordCredentials', 'username')
credential = lookup(credentials, 'auth', 'passwordCredentials', 'password')
# If the 'password' is the right length, treat it as an API api_key
if len(credential) == 64:
client = Client(username=username, api_key=credential)
user = client['Account'].getCurrentUser(mask=USER_MASK)
return {'username': username,
'api_key': credential,
'auth_type': 'api_key',
'tenant_id': str(user['accountId']),
'expires': time.time() + (60 * 60 * 24)}, user
else:
client = Client()
client.auth = None
try:
userId, tokenHash = client.authenticate_with_password(username,
credential)
user = client['Account'].getCurrentUser(mask=USER_MASK)
return {'userId': userId,
'tokenHash': tokenHash,
'auth_type': 'token',
'tenant_id': str(user['accountId']),
'expires': time.time() + (60 * 60 * 24)}, user
except SoftLayerAPIError as e:
if e.faultCode == 'SoftLayer_Exception_User_Customer_LoginFailed':
raise Unauthorized(e.faultString)
raise
def hook_get_client(req, resp, kwargs):
client = Client(endpoint_url=cfg.CONF['softlayer']['endpoint'])
client.auth = None
req.env['tenant_id'] = None
if req.headers.get('X-AUTH-TOKEN'):
if 'X-AUTH-TOKEN' in req.headers:
tenant_id = kwargs.get('tenant_id',
req.headers.get('X-AUTH-PROJECT-ID'))
token_details = get_token_details(req.headers['X-AUTH-TOKEN'],
tenant_id=tenant_id)
client.auth = get_auth(token_details)
req.env['tenant_id'] = token_details['tenant_id']
req.env['sl_client'] = client
def hook_get_client(req, resp, kwargs):
client = Client(endpoint_url=cfg.CONF['softlayer']['endpoint'])
client.auth = None
req.env['tenant_id'] = None
if req.headers.get('X-AUTH-TOKEN'):
if 'X-AUTH-TOKEN' in req.headers:
tenant_id = kwargs.get('tenant_id',
req.headers.get('X-AUTH-PROJECT-ID'))
token_details = get_token_details(req.headers['X-AUTH-TOKEN'],
tenant_id=tenant_id)
client.auth = get_auth(token_details)
req.env['tenant_id'] = token_details['tenant_id']
req.env['sl_client'] = client
def on_get(self, req, resp, token_id):
token_details = get_token_details(token_id,
tenant_id=req.get_param('belongsTo'))
client = Client(endpoint_url=cfg.CONF['softlayer']['endpoint'])
client.auth = get_auth(token_details)
user = client['Account'].getCurrentUser(mask='id, username')
access = get_access(token_id, token_details, user)
resp.status = 200
resp.body = {'access': access}
def on_get(self, req, resp, token_id):
token_details = get_token_details(token_id,
tenant_id=req.get_param('belongsTo'))
client = Client(endpoint_url=cfg.CONF['softlayer']['endpoint'])
client.auth = get_auth(token_details)
user = client['Account'].getCurrentUser(mask='id, username')
access = get_access(token_id, token_details, user)
resp.status = 200
resp.body = {'access': access}
def authenticate(self, creds):
username = lookup(creds, 'auth', 'passwordCredentials', 'username')
credential = lookup(creds, 'auth', 'passwordCredentials', 'password')
token_id = lookup(creds, 'auth', 'token', 'id')
if token_id:
token = identity.token_id_driver().token_from_id(token_id)
token_driver = identity.token_driver()
token_driver.validate_token(token)
username = token_driver.username(token)
credential = token_driver.credential(token)
def assert_tenant(user):
tenant = lookup(creds, 'auth', 'tenantId') or lookup(
creds, 'auth', 'tenantName')
if tenant and str(user['accountId']) != tenant:
raise Unauthorized('Invalid username, password or tenant id')
# If the 'password' is the right length, treat it as an API api_key
if len(credential) == 64:
client = Client(username=username,
api_key=credential,
endpoint_url=cfg.CONF['softlayer']['endpoint'],
proxy=cfg.CONF['softlayer']['proxy'])
user = client['Account'].getCurrentUser(mask=USER_MASK)
assert_tenant(user)
return {
'user': user,
'credential': credential,
'auth_type': 'api_key'
}
else:
client = Client(endpoint_url=cfg.CONF['softlayer']['endpoint'],
proxy=cfg.CONF['softlayer']['proxy'])
client.auth = None
try:
userId, tokenHash = client.\
authenticate_with_password(username, credential)
user = client['Account'].getCurrentUser(mask=USER_MASK)
assert_tenant(user)
return {
'user': user,
'credential': tokenHash,
'auth_type': 'token'
}
except SoftLayerAPIError as e:
if (e.faultCode == "SoftLayer_Exception_User_Customer"
"_LoginFailed"):
raise Unauthorized(e.faultString)
raise
def get_new_token_v3(credentials):
credential = lookup(credentials, 'auth', 'identity', 'password', 'user',
'password')
username = lookup(credentials, 'auth', 'identity', 'password', 'user',
'name')
def assert_tenant(user):
tenant = lookup(credentials, 'auth', 'tenantId')
if tenant and str(user['accountId']) != tenant:
raise Unauthorized('Invalid username, password or tenant id')
# If the 'password' is the right length, treat it as an API api_key
if len(credential) == 64:
client = Client(username=username, api_key=credential)
user = client['Account'].getCurrentUser(mask=USER_MASK)
assert_tenant(user)
return {
'username': username,
'api_key': credential,
'auth_type': 'api_key',
'tenant_id': str(user['accountId']),
'expires': time.time() + (60 * 60 * 24)
}, user
else:
client = Client()
client.auth = None
try:
userId, tokenHash = client.authenticate_with_password(
username, credential)
user = client['Account'].getCurrentUser(mask=USER_MASK)
assert_tenant(user)
return {
'userId': userId,
'tokenHash': tokenHash,
'auth_type': 'token',
'tenant_id': str(user['accountId']),
'expires': time.time() + (60 * 60 * 24)
}, user
except SoftLayerAPIError as e:
if e.faultCode == 'SoftLayer_Exception_User_Customer_LoginFailed':
raise Unauthorized(e.faultString)
raise
def authenticate(self, creds):
username = lookup(creds, "auth", "passwordCredentials", "username")
credential = lookup(creds, "auth", "passwordCredentials", "password")
token_id = lookup(creds, "auth", "token", "id")
if token_id:
token = identity.token_id_driver().token_from_id(token_id)
token_driver = identity.token_driver()
token_driver.validate_token(token)
username = token_driver.username(token)
credential = token_driver.credential(token)
def assert_tenant(user):
tenant = lookup(creds, "auth", "tenantId") or lookup(creds, "auth", "tenantName")
if tenant and str(user["accountId"]) != tenant:
raise Unauthorized("Invalid username, password or tenant id")
# If the 'password' is the right length, treat it as an API api_key
if len(credential) == 64:
client = Client(
username=username,
api_key=credential,
endpoint_url=cfg.CONF["softlayer"]["endpoint"],
proxy=cfg.CONF["softlayer"]["proxy"],
)
user = client["Account"].getCurrentUser(mask=USER_MASK)
assert_tenant(user)
return {"user": user, "credential": credential, "auth_type": "api_key"}
else:
client = Client(endpoint_url=cfg.CONF["softlayer"]["endpoint"], proxy=cfg.CONF["softlayer"]["proxy"])
client.auth = None
try:
userId, tokenHash = client.authenticate_with_password(username, credential)
user = client["Account"].getCurrentUser(mask=USER_MASK)
assert_tenant(user)
return {"user": user, "credential": tokenHash, "auth_type": "token"}
except SoftLayerAPIError as e:
if e.faultCode == "SoftLayer_Exception_User_Customer" "_LoginFailed":
raise Unauthorized(e.faultString)
raise