def __init__(self): """ Contructor of the class region """ # Get the region list # GET http://cloud.lab.fiware.org:4730/v3/OS-EP-FILTER/endpoint_groups if not self.regions: keystone_url = KEYSTONE_URL + '/' + AUTH_API_V2 a = AuthorizationManager(identity_url=keystone_url, api_version=AUTH_API_V2) # Get the Admin token to validate the access_token adm_token = a.get_auth_token(username=ADM_USER, password=ADM_PASS, tenant_id=ADM_TENANT_ID, tenant_name=ADM_TENANT_NAME, user_domain_name=USER_DOMAIN_NAME) s = requests.Session() s.headers.update({X_AUTH_TOKEN_HEADER: adm_token}) keystone_url = KEYSTONE_URL + '/' + AUTH_API_V3 + '/' + REGION_LIST_API_V3 response = s.get(keystone_url) r = json.loads(response.text) endpoint_groups = r['endpoint_groups'] for i in range(0, len(endpoint_groups)): # If the specific endpoint_groups has not a filters, it is not a correct # region and we discard it. region_filter = endpoint_groups[i]['filters'] if region_filter and 'region_id' in region_filter: self.regions.append(region_filter['region_id']) logger_api.debug(self.regions)
def __init__(self): """ Contructor of the class region """ # Get the region list # GET http://cloud.lab.fiware.org:4730/v3/OS-EP-FILTER/endpoint_groups if not self.regions: keystone_url = KEYSTONE_URL + '/' + AUTH_API_V2 a = AuthorizationManager(identity_url=keystone_url, api_version=AUTH_API_V2) # Get the Admin token to validate the access_token adm_token = a.get_auth_token(username=ADM_USER, password=ADM_PASS, tenant_id=ADM_TENANT_ID, tenant_name=ADM_TENANT_NAME, user_domain_name=USER_DOMAIN_NAME) s = requests.Session() s.headers.update({X_AUTH_TOKEN_HEADER: adm_token}) keystone_url = KEYSTONE_URL + '/' + AUTH_API_V3 + '/' + REGION_LIST_API_V3 response = s.get(keystone_url) r = json.loads(response.text) endpoint_groups = r['endpoint_groups'] for i in range(0, len(endpoint_groups)): # If the specific endpoint_groups has not a filters, it is not a correct # region and we discard it. region_filter = endpoint_groups[i]['filters'] if region_filter and 'region_id' in region_filter: self.regions.append(region_filter['region_id']) logger_api.debug(self.regions)
def get_auth_token(self, username, password, tenant_id, **kwargs): """ Init the variables related to authorization, needed to execute tests. :param username: The admin user name. :param password: The admin passwrod. :param tenant_id: The id of the tenant. :param kwargs: Any other (key,value) parameters passed to the method. :return: The auth token retrieved. """ if AuthorizationManager.auth_token is None: # Get new auth token cred_kwargs = { 'auth_url': self.identity_url, 'username': username, 'password': password } # Currently, both v2 and v3 Identity API versions are supported if self.api_version == AUTH_API_V2: cred_kwargs['tenant_name'] = kwargs.get('tenant_name') elif self.api_version == AUTH_API_V3: cred_kwargs['user_domain_name'] = kwargs.get( 'user_domain_name') # Instantiate a Password object try: identity_package = 'keystoneclient.auth.identity.%s' % self.api_version.replace( '.0', '') identity_module = __import__(identity_package, fromlist=['Password']) password_class = getattr(identity_module, 'Password') logger_api.debug("Authentication with %s", password_class) credentials = password_class(**cred_kwargs) except (ImportError, AttributeError) as e: raise e # Get auth token logger_api.debug("Getting auth token for tenant '%s'...", tenant_id) try: auth_sess = self.session.Session( auth=credentials, timeout=DEFAULT_REQUEST_TIMEOUT) AuthorizationManager.auth_token = auth_sess.get_token() logger_api.debug("Admin token generated:" + self.auth_token) except (KeystoneClientException, KeystoneConnectionRefused) as e: logger_api.error("No auth token (%s)", e.message) raise e return AuthorizationManager.auth_token
def get_auth_token(self, username, password, tenant_id, **kwargs): """ Init the variables related to authorization, needed to execute tests. :param username: The admin user name. :param password: The admin passwrod. :param tenant_id: The id of the tenant. :param kwargs: Any other (key,value) parameters passed to the method. :return: The auth token retrieved. """ if AuthorizationManager.auth_token is None: # Get new auth token cred_kwargs = { 'auth_url': self.identity_url, 'username': username, 'password': password } # Currently, both v2 and v3 Identity API versions are supported if self.api_version == AUTH_API_V2: cred_kwargs['tenant_name'] = kwargs.get('tenant_name') elif self.api_version == AUTH_API_V3: cred_kwargs['user_domain_name'] = kwargs.get('user_domain_name') # Instantiate a Password object try: identity_package = 'keystoneclient.auth.identity.%s' % self.api_version.replace('.0', '') identity_module = __import__(identity_package, fromlist=['Password']) password_class = getattr(identity_module, 'Password') logger_api.debug("Authentication with %s", password_class) credentials = password_class(**cred_kwargs) except (ImportError, AttributeError) as e: raise e # Get auth token logger_api.debug("Getting auth token for tenant '%s'...", tenant_id) try: auth_sess = self.session.Session(auth=credentials, timeout=DEFAULT_REQUEST_TIMEOUT) AuthorizationManager.auth_token = auth_sess.get_token() logger_api.debug("Admin token generated:" + self.auth_token) except (KeystoneClientException, KeystoneConnectionRefused) as e: logger_api.error("No auth token (%s)", e.message) raise e return AuthorizationManager.auth_token
def synchronize(regionid, token=None): """ Synchronize the images of the corresponding region defined by its regionId. The operation is asynchronous a response a taskId in order that you can follow the execution of the process. :param regionid: Region name how you can obtain from the Keystone service. Example: Spain2. :param token: The token of the request to be authorized. :return: JSON message with the identification of the created task. """ # WARNING # It is for testing only, the functionality of this method is create a new Task, # store the content of the new task with <taskid> in DB with status 'syncing' # and launch a fork to start the execution of the synchronization process. At the # end of the synchronization process, we update the DB registry with the status # 'synced' message = "POST, create a new synchronization task in the region: {}".format(regionid) logger_api.info(message) # Previously to each operation, we have to check if there is a task in the DB # with the status syncing associated to this region. users = User.query.filter(User.region == regionid).all() newtask = None if not users: newtask = Task(status=Task.SYNCING) # name and role should be returned from authorized operation, to be extended in Sprint 16.02 newuser = User(region=regionid, name=token.username, task_id=str(newtask.taskid), role='admin', status=newtask.status) db.session.add(newuser) try: db.session.commit() # Do the stuff to sync the images here... logger_api.debug("new thread") t = threading.Thread(target=run_in_thread, args=(regionid, newuser)) t.start() except Exception as e: message = ''' { "error": { "message": "Please check that you have initialized the DB. See the documentation about it.", "code": %s } } ''' % httplib.BAD_REQUEST abort(httplib.BAD_REQUEST, message) elif len(users) == 1 and users[0].region == regionid and users[0].status == Task.SYNCING: newtask = Task(taskid=users[0].task_id, status=users[0].status) if newtask is None: message = ''' { "error": { "message": "Already exist some task for this region", "code": %s } } ''' % httplib.BAD_REQUEST abort(httplib.BAD_REQUEST, message) resp = make_response(newtask.dump(), httplib.OK) resp.headers[SERVER_HEADER] = SERVER resp.headers[CONTENT_TYPE] = JSON_TYPE logger_api.info('Return result: %s', newtask.dump()) return resp