def load_backends(self): """Initializes each manager and assigns them to an attribute.""" # TODO(blk-u): Shouldn't need to clear the registry here, but some # tests call load_backends multiple times. These should be fixed to # only call load_backends once. dependency.reset() # TODO(morganfainberg): Shouldn't need to clear the registry here, but # some tests call load_backends multiple times. Since it is not # possible to re-configure a backend, we need to clear the list. This # should eventually be removed once testing has been cleaned up. kvs_core.KEY_VALUE_STORE_REGISTRY.clear() drivers = service.load_backends() # TODO(stevemar): currently, load oauth1 driver as well, eventually # we need to have this as optional. from keystone.contrib import oauth1 drivers['oauth1_api'] = oauth1.Manager() from keystone.contrib import federation drivers['federation_api'] = federation.Manager() dependency.resolve_future_dependencies() for manager_name, manager in six.iteritems(drivers): setattr(self, manager_name, manager)
def load_backends(): # Configure and build the cache cache.configure_cache_region(cache.REGION) # Ensure that the identity driver is created before the assignment manager # and that the assignment driver is created before the resource manager. # The default resource driver depends on assignment, which in turn # depends on identity - hence we need to ensure the chain is available. _IDENTITY_API = identity.Manager() _ASSIGNMENT_API = assignment.Manager() DRIVERS = dict(assignment_api=_ASSIGNMENT_API, catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_filter_api=endpoint_filter.Manager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def load_backends(include_oauth1=False): # Ensure that the identity driver is created before the assignment manager. # The default assignment driver is determined by the identity driver, so # the identity driver must be available to the assignment manager. _IDENTITY_API = identity.Manager() DRIVERS = dict( assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), endpoint_filter_api=endpoint_filter.Manager(), identity_api=_IDENTITY_API, policy_api=policy.Manager(), token_api=token.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) if include_oauth1: from keystone.contrib import oauth1 DRIVERS['oauth1_api'] = oauth1.Manager() dependency.resolve_future_dependencies() return DRIVERS
def add_routes(self, mapper): # This is needed for dependency injection, # it loads the OAuth driver which registers it as a dependency. oauth1.Manager() consumer_controller = controllers.ConsumerCrudV3() access_token_controller = controllers.AccessTokenCrudV3() access_token_roles_controller = controllers.AccessTokenRolesV3() oauth_controller = controllers.OAuthControllerV3() # basic admin-only consumer crud self._add_resource(mapper, consumer_controller, path='/OS-OAUTH1/consumers', get_action='list_consumers', post_action='create_consumer') self._add_resource(mapper, consumer_controller, path='/OS-OAUTH1/consumers/{consumer_id}', get_action='get_consumer', patch_action='update_consumer', delete_action='delete_consumer') # user accesss token crud self._add_resource(mapper, access_token_controller, path='/users/{user_id}/OS-OAUTH1/access_tokens', get_action='list_access_tokens') self._add_resource( mapper, access_token_controller, path='/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}', get_action='get_access_token', delete_action='delete_access_token') self._add_resource( mapper, access_token_roles_controller, path='/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}/' 'roles', get_action='list_access_token_roles') self._add_resource( mapper, access_token_roles_controller, path='/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}/' 'roles/{role_id}', get_action='get_access_token_role') # oauth flow calls self._add_resource(mapper, oauth_controller, path='/OS-OAUTH1/request_token', post_action='create_request_token') self._add_resource(mapper, oauth_controller, path='/OS-OAUTH1/access_token', post_action='create_access_token') self._add_resource(mapper, oauth_controller, path='/OS-OAUTH1/authorize/{request_token_id}', put_action='authorize_request_token')
def load_backends(self): """Initializes each manager and assigns them to an attribute.""" # TODO(blk-u): Shouldn't need to clear the registry here, but some # tests call load_backends multiple times. These should be fixed to # only call load_backends once. dependency.reset() # TODO(morganfainberg): Shouldn't need to clear the registry here, but # some tests call load_backends multiple times. Since it is not # possible to re-configure a backend, we need to clear the list. This # should eventually be removed once testing has been cleaned up. kvs_core.KEY_VALUE_STORE_REGISTRY.clear() self.clear_auth_plugin_registry() drivers = service.load_backends() # TODO(stevemar): currently, load oauth1 driver as well, eventually # we need to have this as optional. from keystone.contrib import oauth1 drivers['oauth1_api'] = oauth1.Manager() from keystone.contrib import federation drivers['federation_api'] = federation.Manager() dependency.resolve_future_dependencies() for manager_name, manager in six.iteritems(drivers): setattr(self, manager_name, manager) # The credential backend only supports SQL, so we always have to load # the tables. self.engine = session.get_engine() self.addCleanup(session.cleanup) sql.ModelBase.metadata.create_all(bind=self.engine) self.addCleanup(sql.ModelBase.metadata.drop_all, bind=self.engine)
def load_backends(): # Configure and build the cache cache.configure_cache_region(cache.REGION) # Ensure that the identity driver is created before the assignment manager. # The default assignment driver is determined by the identity driver, so # the identity driver must be available to the assignment manager. _IDENTITY_API = identity.Manager() DRIVERS = dict( assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_filter_api=endpoint_filter.Manager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager(), # admin_api=moon.AdminManager(), # authz_api=moon.AuthzManager() ) auth.controllers.load_auth_methods() return DRIVERS
def __init__(self): self.oauth_api = oauth1.Manager()
def load_extra_backends(self): return {'oauth_api': oauth1.Manager()}
def add_routes(self, mapper): # This is needed for dependency injection, # it loads the OAuth driver which registers it as a dependency. oauth1.Manager() consumer_controller = controllers.ConsumerCrudV3() access_token_controller = controllers.AccessTokenCrudV3() access_token_roles_controller = controllers.AccessTokenRolesV3() oauth_controller = controllers.OAuthControllerV3() # basic admin-only consumer crud mapper.connect('/OS-OAUTH1/consumers', controller=consumer_controller, action='create_consumer', conditions=dict(method=['POST'])) mapper.connect('/OS-OAUTH1/consumers/{consumer_id}', controller=consumer_controller, action='get_consumer', conditions=dict(method=['GET'])) mapper.connect('/OS-OAUTH1/consumers/{consumer_id}', controller=consumer_controller, action='update_consumer', conditions=dict(method=['PATCH'])) mapper.connect('/OS-OAUTH1/consumers/{consumer_id}', controller=consumer_controller, action='delete_consumer', conditions=dict(method=['DELETE'])) mapper.connect('/OS-OAUTH1/consumers', controller=consumer_controller, action='list_consumers', conditions=dict(method=['GET'])) # user accesss token crud mapper.connect('/users/{user_id}/OS-OAUTH1/access_tokens', controller=access_token_controller, action='list_access_tokens', conditions=dict(method=['GET'])) mapper.connect( '/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}', controller=access_token_controller, action='get_access_token', conditions=dict(method=['GET'])) mapper.connect( '/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}', controller=access_token_controller, action='delete_access_token', conditions=dict(method=['DELETE'])) mapper.connect( '/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}/roles', controller=access_token_roles_controller, action='list_access_token_roles', conditions=dict(method=['GET'])) mapper.connect( '/users/{user_id}/OS-OAUTH1/access_tokens/' '{access_token_id}/roles/{role_id}', controller=access_token_roles_controller, action='get_access_token_role', conditions=dict(method=['GET'])) # oauth flow calls mapper.connect('/OS-OAUTH1/request_token', controller=oauth_controller, action='create_request_token', conditions=dict(method=['POST'])) mapper.connect('/OS-OAUTH1/access_token', controller=oauth_controller, action='create_access_token', conditions=dict(method=['POST'])) mapper.connect('/OS-OAUTH1/authorize/{request_token_id}', controller=oauth_controller, action='authorize_request_token', conditions=dict(method=['PUT']))
def add_routes(self, mapper): # This is needed for dependency injection, # it loads the OAuth driver which registers it as a dependency. oauth1.Manager() consumer_controller = controllers.ConsumerCrudV3() access_token_controller = controllers.AccessTokenCrudV3() access_token_roles_controller = controllers.AccessTokenRolesV3() oauth_controller = controllers.OAuthControllerV3() # basic admin-only consumer crud self._add_resource( mapper, consumer_controller, path='/OS-OAUTH1/consumers', get_action='list_consumers', post_action='create_consumer', rel=build_resource_relation(resource_name='consumers')) self._add_resource( mapper, consumer_controller, path='/OS-OAUTH1/consumers/{consumer_id}', get_action='get_consumer', patch_action='update_consumer', delete_action='delete_consumer', rel=build_resource_relation(resource_name='consumer'), path_vars={ 'consumer_id': build_parameter_relation(parameter_name='consumer_id'), }) # user access token crud self._add_resource( mapper, access_token_controller, path='/users/{user_id}/OS-OAUTH1/access_tokens', get_action='list_access_tokens', rel=build_resource_relation(resource_name='user_access_tokens'), path_vars={ 'user_id': json_home.Parameters.USER_ID, }) self._add_resource( mapper, access_token_controller, path='/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}', get_action='get_access_token', delete_action='delete_access_token', rel=build_resource_relation(resource_name='user_access_token'), path_vars={ 'access_token_id': ACCESS_TOKEN_ID_PARAMETER_RELATION, 'user_id': json_home.Parameters.USER_ID, }) self._add_resource( mapper, access_token_roles_controller, path='/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}/' 'roles', get_action='list_access_token_roles', rel=build_resource_relation( resource_name='user_access_token_roles'), path_vars={ 'access_token_id': ACCESS_TOKEN_ID_PARAMETER_RELATION, 'user_id': json_home.Parameters.USER_ID, }) self._add_resource( mapper, access_token_roles_controller, path='/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}/' 'roles/{role_id}', get_action='get_access_token_role', rel=build_resource_relation( resource_name='user_access_token_role'), path_vars={ 'access_token_id': ACCESS_TOKEN_ID_PARAMETER_RELATION, 'role_id': json_home.Parameters.ROLE_ID, 'user_id': json_home.Parameters.USER_ID, }) # oauth flow calls self._add_resource( mapper, oauth_controller, path='/OS-OAUTH1/request_token', post_action='create_request_token', rel=build_resource_relation(resource_name='request_tokens')) self._add_resource( mapper, oauth_controller, path='/OS-OAUTH1/access_token', post_action='create_access_token', rel=build_resource_relation(resource_name='access_tokens')) self._add_resource( mapper, oauth_controller, path='/OS-OAUTH1/authorize/{request_token_id}', path_vars={ 'request_token_id': build_parameter_relation(parameter_name='request_token_id') }, put_action='authorize_request_token', rel=build_resource_relation( resource_name='authorize_request_token'))
from keystone import trust CONF = config.CONF LOG = logging.getLogger(__name__) # Ensure that the identity driver is created before the assignment manager. # The default assignment driver is determined by the identity driver, so the # identity driver must be available to the assignment manager. _IDENTITY_API = identity.Manager() DRIVERS = dict(assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credentials_api=credential.Manager(), ec2_api=ec2.Manager(), identity_api=_IDENTITY_API, oauth1_api=oauth1.Manager(), policy_api=policy.Manager(), token_api=token.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) dependency.resolve_future_dependencies() def fail_gracefully(f): """Logs exceptions and aborts.""" @functools.wraps(f) def wrapper(*args, **kw): try: return f(*args, **kw) except Exception as e: