def test_get_auth_plugin_with_auth_and_service_token_false(self): self.flags(send_service_user_token=False, group='service_user') n_auth = password.Password result = service_auth.get_auth_plugin(self.ctx, auth=n_auth) self.assertEqual(n_auth, result)
def _create_glance_client(context, netloc, use_ssl): """Instantiate a new glanceclient.Client object.""" params = {'global_request_id': context.global_id} if use_ssl and CONF.auth_strategy == 'noauth': params = {'insecure': CONF.glance_api_insecure, 'cacert': CONF.glance_ca_certificates_file, 'timeout': CONF.glance_request_timeout, 'split_loggers': CONF.split_loggers } if CONF.auth_strategy == 'keystone': global _SESSION if not _SESSION: config_options = {'insecure': CONF.glance_api_insecure, 'cacert': CONF.glance_ca_certificates_file, 'timeout': CONF.glance_request_timeout, 'cert': CONF.glance_certfile, 'key': CONF.glance_keyfile, 'split_loggers': CONF.split_loggers } _SESSION = ks_session.Session().load_from_options(**config_options) auth = service_auth.get_auth_plugin(context) params['auth'] = auth params['session'] = _SESSION scheme = 'https' if use_ssl else 'http' endpoint = '%s://%s' % (scheme, netloc) return glanceclient.Client('2', endpoint, **params)
def _create_glance_client(context, netloc, use_ssl): """Instantiate a new glanceclient.Client object.""" params = {'global_request_id': context.global_id} if use_ssl and CONF.auth_strategy == 'noauth': params = {'insecure': CONF.glance_api_insecure, 'cacert': CONF.glance_ca_certificates_file, 'timeout': CONF.glance_request_timeout } if CONF.auth_strategy == 'keystone': global _SESSION if not _SESSION: config_options = {'insecure': CONF.glance_api_insecure, 'cacert': CONF.glance_ca_certificates_file, 'timeout': CONF.glance_request_timeout } _SESSION = ks_session.Session().load_from_options(**config_options) auth = service_auth.get_auth_plugin(context) params['auth'] = auth params['session'] = _SESSION scheme = 'https' if use_ssl else 'http' endpoint = '%s://%s' % (scheme, netloc) return glanceclient.Client('2', endpoint, **params)
def test_get_auth_plugin_no_wraps(self, mock_load): context = mock.MagicMock() context.get_auth_plugin.return_value = "fake" result = service_auth.get_auth_plugin(context) self.assertEqual("fake", result) mock_load.assert_not_called()
def test_get_auth_plugin_with_auth(self, mock_load): self.flags(send_service_user_token=True, group='service_user') mock_load.return_value = password.Password result = service_auth.get_auth_plugin(self.ctx, auth=mock_load.return_value) self.assertEqual(mock_load.return_value, result.user_auth) self.assertIsInstance(result, service_token.ServiceTokenAuthWrapper) mock_load.assert_called_once_with(mock.ANY, group='service_user')
def test_get_auth_plugin_with_auth(self, mock_load): self.flags(send_service_user_token=True, group='service_user') mock_load.return_value = password.Password result = service_auth.get_auth_plugin( self.ctx, auth=mock_load.return_value) self.assertEqual(mock_load.return_value, result.user_auth) self.assertIsInstance(result, service_token.ServiceTokenAuthWrapper) mock_load.assert_called_once_with(mock.ANY, group='service_user')
def novaclient(context, privileged_user=False, timeout=None, api_version=None): """Returns a Nova client @param privileged_user: If True, use the account from configuration (requires 'auth_type' and the other usual Keystone authentication options to be set in the [nova] section) @param timeout: Number of seconds to wait for an answer before raising a Timeout exception (None to disable) @param api_version: api version of nova """ if privileged_user and CONF[NOVA_GROUP].auth_type: LOG.debug('Creating Keystone auth plugin from conf') n_auth = ks_loading.load_auth_from_conf_options(CONF, NOVA_GROUP) else: if CONF[NOVA_GROUP].token_auth_url: url = CONF[NOVA_GROUP].token_auth_url else: url = _get_identity_endpoint_from_sc(context) LOG.debug('Creating Keystone token plugin using URL: %s', url) n_auth = identity.Token(auth_url=url, token=context.auth_token, project_name=context.project_name, project_domain_id=context.project_domain_id) if CONF.auth_strategy == 'keystone': n_auth = service_auth.get_auth_plugin(context, auth=n_auth) keystone_session = ks_loading.load_session_from_conf_options( CONF, NOVA_GROUP, auth=n_auth) c = nova_client.Client( api_versions.APIVersion(api_version or NOVA_API_VERSION), session=keystone_session, insecure=CONF[NOVA_GROUP].insecure, timeout=timeout, region_name=CONF[NOVA_GROUP].region_name, endpoint_type=CONF[NOVA_GROUP].interface, cacert=CONF[NOVA_GROUP].cafile, global_request_id=context.global_id, extensions=nova_extensions) return c
def test_get_auth_plugin_wraps(self, mock_load): self.flags(send_service_user_token=True, group='service_user') result = service_auth.get_auth_plugin(self.ctx) self.assertIsInstance(result, service_token.ServiceTokenAuthWrapper) mock_load.assert_called_once_with(mock.ANY, group='service_user')