def process_request(self, req):
"""Constructs an appropriate context from extracted auth information.
Extract any authentication information in the request and construct an
appropriate context from it.
"""
headers = req.headers
environ = req.environ
try:
username = None
password = None
aws_creds = None
if headers.get('X-Auth-User') is not None:
username = headers.get('X-Auth-User')
password = headers.get('X-Auth-Key')
elif headers.get('X-Auth-EC2-Creds') is not None:
aws_creds = headers.get('X-Auth-EC2-Creds')
user_id = headers.get('X-User-Id')
user_domain_id = headers.get('X_User_Domain_Id')
token = headers.get('X-Auth-Token')
project_name = headers.get('X-Project-Name')
tenant_id = headers.get('X-Project-Id')
project_domain_id = headers.get('X_Project_Domain_Id')
region_name = headers.get('X-Region-Name')
auth_url = headers.get('X-Auth-Url')
roles = headers.get('X-Roles')
if roles is not None:
roles = roles.split(',')
token_info = environ.get('keystone.token_info')
auth_plugin = environ.get('keystone.token_auth')
req_id = environ.get(oslo_request_id.ENV_REQUEST_ID)
except Exception:
raise exception.NotAuthenticated()
req.context = self.make_context(
auth_token=token,
tenant=tenant_id,
project_name=project_name,
aws_creds=aws_creds,
username=username,
user=user_id,
password=password,
auth_url=auth_url,
roles=roles,
request_id=req_id,
auth_token_info=token_info,
region_name=region_name,
auth_plugin=auth_plugin,
user_domain_id=user_domain_id,
project_domain_id=project_domain_id)
def process_request(self, req):
"""
Extract any authentication information in the request and
construct an appropriate context from it.
"""
headers = req.headers
environ = req.environ
try:
username = None
password = None
aws_creds = None
if headers.get('X-Auth-User') is not None:
username = headers.get('X-Auth-User')
password = headers.get('X-Auth-Key')
elif headers.get('X-Auth-EC2-Creds') is not None:
aws_creds = headers.get('X-Auth-EC2-Creds')
user_id = headers.get('X-User-Id')
token = headers.get('X-Auth-Token')
tenant = headers.get('X-Tenant-Name')
tenant_id = headers.get('X-Tenant-Id')
auth_url = headers.get('X-Auth-Url')
roles = headers.get('X-Roles')
if roles is not None:
roles = roles.split(',')
token_info = environ.get('keystone.token_info')
except Exception:
raise exception.NotAuthenticated()
req.context = self.make_context(auth_token=token,
tenant=tenant,
tenant_id=tenant_id,
aws_creds=aws_creds,
username=username,
user_id=user_id,
password=password,
auth_url=auth_url,
roles=roles,
auth_token_info=token_info)
def process_request(self, req):
"""
Extract any authentication information in the request and
construct an appropriate context from it.
A few scenarios exist:
1. If X-Auth-Token is passed in, then consult TENANT and ROLE headers
to determine permissions.
2. An X-Auth-Token was passed in, but the Identity-Status is not
confirmed. For now, just raising a NotAuthenticated exception.
3. X-Auth-Token is omitted. If we were using Keystone, then the
tokenauth middleware would have rejected the request, so we must be
using NoAuth. In that case, assume that is_admin=True.
"""
headers = req.headers
try:
"""
This sets the username/password to the admin user because you
need this information in order to perform token authentication.
The real 'username' is the 'tenant'.
We should also check here to see if X-Auth-Token is not set and
in that case we should assign the user/pass directly as the real
username/password and token as None. 'tenant' should still be
the username.
"""
username = None
password = None
aws_creds = None
aws_auth_uri = None
if headers.get('X-Auth-User') is not None:
username = headers.get('X-Auth-User')
password = headers.get('X-Auth-Key')
elif headers.get('X-Auth-EC2-Creds') is not None:
aws_creds = headers.get('X-Auth-EC2-Creds')
aws_auth_uri = headers.get('X-Auth-EC2-Url')
token = headers.get('X-Auth-Token')
service_user = headers.get('X-Admin-User')
service_password = headers.get('X-Admin-Pass')
service_tenant = headers.get('X-Admin-Tenant-Name')
tenant = headers.get('X-Tenant-Name')
tenant_id = headers.get('X-Tenant-Id')
auth_url = headers.get('X-Auth-Url')
roles = headers.get('X-Roles')
except:
raise exception.NotAuthenticated()
req.context = self.make_context(auth_token=token,
tenant=tenant,
tenant_id=tenant_id,
aws_creds=aws_creds,
aws_auth_uri=aws_auth_uri,
username=username,
password=password,
service_user=service_user,
service_password=service_password,
service_tenant=service_tenant,
auth_url=auth_url,
roles=roles,
is_admin=True)
