def on_get(self, external_project_id, **kwargs): if controllers.is_json_request_accept(pecan.request): resp = self._on_get_secret_metadata(self.secret, **kwargs) LOG.info('Retrieved secret metadata for project: %s', external_project_id) return resp else: LOG.warning( 'Decrypted secret %s requested using deprecated ' 'API call.', self.secret.id) return self._on_get_secret_payload(self.secret, external_project_id, **kwargs)
def on_get(self, external_project_id, **kwargs): if controllers.is_json_request_accept(pecan.request): resp = self._on_get_secret_metadata(self.secret, **kwargs) LOG.info(u._LI('Retrieved secret metadata for project: %s'), external_project_id) return resp else: LOG.warning(u._LW('Decrypted secret %s requested using deprecated ' 'API call.'), self.secret.id) return self._on_get_secret_payload(self.secret, external_project_id, **kwargs)
def on_get(self, external_project_id, **kwargs): secret = self.repos.secret_repo.get( entity_id=self.secret_id, external_project_id=external_project_id, suppress_exception=True) if not secret: _secret_not_found() if controllers.is_json_request_accept(pecan.request): return self._on_get_secret_metadata(secret, **kwargs) else: return self._on_get_secret_payload(secret, external_project_id, **kwargs)
def on_get(self, external_project_id, **kwargs): if controllers.is_json_request_accept(pecan.request): resp = self._on_get_secret_metadata(self.secret, **kwargs) LOG.info('Retrieved secret metadata for project: %s', external_project_id) if versions.is_supported(pecan.request, max_version='1.0'): # NOTE(xek): consumers are being introduced in 1.1 del resp['consumers'] return resp else: LOG.warning( 'Decrypted secret %s requested using deprecated ' 'API call.', self.secret.id) return self._on_get_secret_payload(self.secret, external_project_id, **kwargs)
def index(self, keystone_id, **kwargs): secret = self.repos.secret_repo.get(entity_id=self.secret_id, keystone_id=keystone_id, suppress_exception=True) if not secret: _secret_not_found() if controllers.is_json_request_accept(pecan.request): # Metadata-only response, no secret retrieval is necessary. pecan.override_template('json', 'application/json') secret_fields = putil.mime_types.augment_fields_with_content_types( secret) transport_key_needed = kwargs.get('transport_key_needed', 'false').lower() == 'true' if transport_key_needed: transport_key_id = plugin.get_transport_key_id_for_retrieval( secret) if transport_key_id is not None: secret_fields['transport_key_id'] = transport_key_id return hrefs.convert_to_hrefs(secret_fields) else: project = res.get_or_create_project(keystone_id, self.repos.project_repo) pecan.override_template('', pecan.request.accept.header_value) transport_key = None twsk = kwargs.get('trans_wrapped_session_key', None) if twsk is not None: transport_key_id = kwargs.get('transport_key_id', None) if transport_key_id is None: _request_has_twsk_but_no_transport_key_id() transport_key_model = self.repos.transport_key_repo.get( entity_id=transport_key_id, suppress_exception=True) transport_key = transport_key_model.transport_key return plugin.get_secret(pecan.request.accept.header_value, secret, project, self.repos, twsk, transport_key)
def index(self, keystone_id): secret = self.repo.get(entity_id=self.secret_id, keystone_id=keystone_id, suppress_exception=True) if not secret: _secret_not_found() if controllers.is_json_request_accept(pecan.request): # Metadata-only response, no decryption necessary. pecan.override_template('json', 'application/json') secret_fields = mime_types.augment_fields_with_content_types( secret) return hrefs.convert_to_hrefs(keystone_id, secret_fields) else: tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo) pecan.override_template('', pecan.request.accept.header_value) return self.crypto_manager.decrypt( pecan.request.accept.header_value, secret, tenant )
def index(self, keystone_id): secret = self.repo.get(entity_id=self.secret_id, keystone_id=keystone_id, suppress_exception=True) if not secret: _secret_not_found() if controllers.is_json_request_accept(pecan.request): # Metadata-only response, no decryption necessary. pecan.override_template('json', 'application/json') secret_fields = mime_types.augment_fields_with_content_types( secret) return hrefs.convert_to_hrefs(keystone_id, secret_fields) else: tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo) pecan.override_template('', pecan.request.accept.header_value) return self.crypto_manager.decrypt( pecan.request.accept.header_value, secret, tenant )