def setUp(self): super(AuthWithTrust, self).setUp() self.opt_in_group('trust', enabled=True) trust.Manager() self.trust_controller = trust.controllers.TrustV3() self.auth_v3_controller = auth.controllers.Auth() self.trustor = self.user_foo self.trustee = self.user_two self.assigned_roles = [self.role_member['id'], self.role_browser['id']] for assigned_role in self.assigned_roles: self.assignment_api.add_role_to_user_and_project( self.trustor['id'], self.tenant_bar['id'], assigned_role) self.sample_data = { 'trustor_user_id': self.trustor['id'], 'trustee_user_id': self.trustee['id'], 'project_id': self.tenant_bar['id'], 'impersonation': True, 'roles': [{ 'id': self.role_browser['id'] }, { 'name': self.role_member['name'] }] } expires_at = timeutils.strtime(timeutils.utcnow() + datetime.timedelta(minutes=10), fmt=TIME_FORMAT) self.create_trust(expires_at=expires_at)
def initialize_drivers(): DRIVERS['catalog_api'] = catalog.Manager() DRIVERS['identity_api'] = identity.Manager() DRIVERS['policy_api'] = policy.Manager() DRIVERS['token_api'] = token.Manager() DRIVERS['trust_api'] = trust.Manager() return DRIVERS
def load_backends(): # Configure and build the cache cache.configure_cache() cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION) # Ensure that the identity driver is created before the assignment manager # and that the assignment driver is created before the resource manager. # The default resource driver depends on assignment, which in turn # depends on identity - hence we need to ensure the chain is available. _IDENTITY_API = identity.Manager() _ASSIGNMENT_API = assignment.Manager() DRIVERS = dict(assignment_api=_ASSIGNMENT_API, catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def setUp(self): super(SqlTests, self).setUp() self.config([ test.etcdir('keystone.conf.sample'), test.testsdir('test_overrides.conf'), test.testsdir('backend_sql.conf') ]) # initialize managers and override drivers self.catalog_man = catalog.Manager() self.identity_man = identity.Manager() self.token_man = token.Manager() self.trust_man = trust.Manager() self.policy_man = policy.Manager() # create shortcut references to each driver self.catalog_api = self.catalog_man.driver self.identity_api = self.identity_man.driver self.token_api = self.token_man.driver self.policy_api = self.policy_man.driver self.trust_api = self.trust_man.driver # populate the engine with tables & fixtures self.load_fixtures(default_fixtures) #defaulted by the data load self.user_foo['enabled'] = True
def setUp(self): super(SqlTests, self).setUp() self.config([ test.etcdir('keystone.conf.sample'), test.testsdir('test_overrides.conf'), test.testsdir('backend_sql.conf') ]) # initialize managers and override drivers self.catalog_man = catalog.Manager() self.identity_man = identity.Manager() self.token_man = token.Manager() self.trust_man = trust.Manager() self.policy_man = policy.Manager() # create tables and keep an engine reference for cleanup. # this must be done after the models are loaded by the managers. self.engine = self.get_engine() sql.ModelBase.metadata.create_all(bind=self.engine) # create shortcut references to each driver self.catalog_api = self.catalog_man.driver self.identity_api = self.identity_man.driver self.token_api = self.token_man.driver self.policy_api = self.policy_man.driver self.trust_api = self.trust_man.driver # populate the engine with tables & fixtures self.load_fixtures(default_fixtures) #defaulted by the data load self.user_foo['enabled'] = True
def load_backends(): # Configure and build the cache cache.configure_cache_region(cache.REGION) # Ensure that the identity driver is created before the assignment manager. # The default assignment driver is determined by the identity driver, so # the identity driver must be available to the assignment manager. _IDENTITY_API = identity.Manager() DRIVERS = dict(assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), endpoint_filter_api=endpoint_filter.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, policy_api=policy.Manager(), token_api=token.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def load_backends(include_oauth1=False): # Ensure that the identity driver is created before the assignment manager. # The default assignment driver is determined by the identity driver, so # the identity driver must be available to the assignment manager. _IDENTITY_API = identity.Manager() DRIVERS = dict( assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), endpoint_filter_api=endpoint_filter.Manager(), identity_api=_IDENTITY_API, policy_api=policy.Manager(), token_api=token.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) if include_oauth1: from keystone.contrib import oauth1 DRIVERS['oauth1_api'] = oauth1.Manager() dependency.resolve_future_dependencies() return DRIVERS
def __init__(self, context, auth=None): self.identity_api = identity.Manager() self.trust_api = trust.Manager() self.context = context self.auth = auth self._scope_data = (None, None, None) # self._scope_data is (domain_id, project_id, trust_ref) # project scope: (None, project_id, None) # domain scope: (domain_id, None, None) # trust scope: (None, None, trust_ref) # unscoped: (None, None, None) self._validate_and_normalize_auth_data()
def load_backends(): # Configure and build the cache cache.configure_cache() cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION) cache.apply_invalidation_patch( region=catalog.COMPUTED_CATALOG_REGION, region_name=catalog.COMPUTED_CATALOG_REGION.name) cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION) cache.apply_invalidation_patch( region=assignment.COMPUTED_ASSIGNMENTS_REGION, region_name=assignment.COMPUTED_ASSIGNMENTS_REGION.name) cache.configure_cache(region=revoke.REVOKE_REGION) cache.apply_invalidation_patch(region=revoke.REVOKE_REGION, region_name=revoke.REVOKE_REGION.name) cache.configure_cache(region=token.provider.TOKENS_REGION) cache.configure_cache(region=identity.ID_MAPPING_REGION) cache.apply_invalidation_patch(region=identity.ID_MAPPING_REGION, region_name=identity.ID_MAPPING_REGION.name) # Ensure that the identity driver is created before the assignment manager # and that the assignment driver is created before the resource manager. # The default resource driver depends on assignment, which in turn # depends on identity - hence we need to ensure the chain is available. # TODO(morganfainberg): In "O" release move _IDENTITY_API to be directly # instantiated in the DRIVERS dict once assignment driver being selected # based upon [identity]/driver is removed. _IDENTITY_API = identity.Manager() _ASSIGNMENT_API = assignment.Manager() DRIVERS = dict( assignment_api=_ASSIGNMENT_API, catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, shadow_users_api=identity.ShadowUsersManager(), oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def load_backends(): # Configure and build the cache cache.configure_cache() cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION) cache.apply_invalidation_patch( region=catalog.COMPUTED_CATALOG_REGION, region_name=catalog.COMPUTED_CATALOG_REGION.name) cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION) cache.apply_invalidation_patch( region=assignment.COMPUTED_ASSIGNMENTS_REGION, region_name=assignment.COMPUTED_ASSIGNMENTS_REGION.name) # Ensure that the assignment driver is created before the resource manager. # The default resource driver depends on assignment. _ASSIGNMENT_API = assignment.Manager() DRIVERS = dict(assignment_api=_ASSIGNMENT_API, catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=identity.Manager(), oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def load_backends(): # Configure and build the cache cache.configure_cache() cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION) cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION) cache.configure_cache(region=revoke.REVOKE_REGION) cache.configure_cache(region=token.provider.TOKENS_REGION) cache.configure_cache(region=identity.ID_MAPPING_REGION) cache.configure_invalidation_region() # NOTE(knikolla): The assignment manager must be instantiated before the # resource manager. The current dictionary ordering ensures that. DRIVERS = dict(assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), credential_provider_api=credential.provider.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=identity.Manager(), shadow_users_api=identity.ShadowUsersManager(), oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.core.load_auth_methods() return DRIVERS
def load_backends(): # Configure and build the cache cache.configure_cache_region(cache.REGION) # Ensure that the identity driver is created before the assignment manager. # The default assignment driver is determined by the identity driver, so # the identity driver must be available to the assignment manager. _IDENTITY_API = identity.Manager() DRIVERS = dict( assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_filter_api=endpoint_filter.Manager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager(), # admin_api=moon.AdminManager(), # authz_api=moon.AuthzManager() ) auth.controllers.load_auth_methods() return DRIVERS
def __init__(self, *args, **kwargs): super(Provider, self).__init__(*args, **kwargs) if CONF.trust.enabled: self.trust_api = trust.Manager() self.v3_token_data_helper = V3TokenDataHelper() self.v2_token_data_helper = V2TokenDataHelper()
def __init__(self): if CONF.trust.enabled: self.trust_api = trust.Manager()
from keystone import identity from keystone import policy from keystone import routers from keystone import token from keystone import trust CONF = config.CONF LOG = logging.getLogger(__name__) DRIVERS = dict(catalog_api=catalog.Manager(), credentials_api=credential.Manager(), ec2_api=ec2.Manager(), identity_api=identity.Manager(), policy_api=policy.Manager(), token_api=token.Manager(), trust_api=trust.Manager()) @logging.fail_gracefully def public_app_factory(global_conf, **local_conf): controllers.register_version('v2.0') conf = global_conf.copy() conf.update(local_conf) return wsgi.ComposingRouter(routes.Mapper(), [ identity.routers.Public(), token.routers.Router(), routers.VersionV2('public'), routers.Extension(False) ])
def __init__(self, context): self.identity_api = identity.Manager() self.catalog_api = catalog.Manager() self.trust_api = trust.Manager() self.context = context