def authenticate(self, req): credential_type = utils.detect_credential_type(req) if credential_type == "passwordCredentials": auth_with_credentials = utils.get_normalized_request_content( auth.AuthWithPasswordCredentials, req) result = self.identity_service.authenticate( auth_with_credentials) return utils.send_result(200, req, result) elif credential_type == "token": unscoped = utils.get_normalized_request_content( auth.AuthWithUnscopedToken, req) result = self.identity_service.\ authenticate_with_unscoped_token(unscoped) return utils.send_result(200, req, result) elif credential_type == "OS-KSEC2:ec2Credentials": return self._authenticate_ec2(req) elif credential_type == "OS-KSS3:s3Credentials": return self._authenticate_s3(req) elif credential_type in ["ec2Credentials", "OS-KSEC2-ec2Credentials"]: logger.warning('Received EC2 credentials in %s format. Processing ' 'may fail. Update the client code sending this ' 'format' % credential_type) return self._authenticate_ec2(req) else: raise fault.BadRequestFault("Invalid credentials %s" % credential_type)
def authenticate(self, req): try: auth_with_credentials = utils.get_normalized_request_content( auth.AuthWithPasswordCredentials, req) result = config.SERVICE.authenticate(auth_with_credentials) except fault.BadRequestFault: unscoped = utils.get_normalized_request_content( auth.AuthWithUnscopedToken, req) result = config.SERVICE.authenticate_with_unscoped_token(unscoped) return utils.send_result(200, req, result)
def __call__(self, env, start_response): """ Handle incoming request. Transform. And send downstream. """ request = Request(env) if 'KEYSTONE_API_VERSION' in env and \ env['KEYSTONE_API_VERSION'] == '2.0': if request.path.startswith("/tokens"): is_d5_request = False if request.method == "POST": try: auth_with_credentials = \ utils.get_normalized_request_content( D5AuthWithPasswordCredentials, request) # Convert request body to Diablo syntax if request.content_type == "application/xml": request.body = auth_with_credentials.to_xml() else: request.body = auth_with_credentials.to_json() is_d5_request = True except: pass if is_d5_request: response = request.get_response(self.app) #Handle failures. if not str(response.status).startswith('20'): return response(env, start_response) auth_data = utils.get_normalized_request_content( D5toDiabloAuthData, response) resp = utils.send_result(response.status_int, request, auth_data) return resp(env, start_response) else: # Pass through return self.app(env, start_response) elif request.method == "GET": if request.path.endswith("/endpoints"): # Pass through return self.app(env, start_response) else: response = request.get_response(self.app) #Handle failures. if not str(response.status).startswith('20'): return response(env, start_response) validate_data = utils.get_normalized_request_content( D5ValidateData, response) resp = utils.send_result(response.status_int, request, validate_data) return resp(env, start_response) # All other calls pass to downstream WSGI component return self.app(env, start_response)
def add_endpoint_template(self, req): endpoint_template = utils.get_normalized_request_content( EndpointTemplate, req) return utils.send_result( 201, req, config.SERVICE.add_endpoint_template(utils.get_auth_token(req), endpoint_template))
def add_endpoint_template(self, req): endpoint_template = utils.get_normalized_request_content( EndpointTemplate, req) return utils.send_result( 201, req, self.identity_service.add_endpoint_template( utils.get_auth_token(req), endpoint_template))
def authenticate_ec2(self, req): self.request = req creds = utils.get_normalized_request_content( auth.Ec2Credentials, req) return utils.send_result(200, req, config.SERVICE.authenticate_ec2(creds))
def get_token_by(self, req): try: cred = utils.get_normalized_request_content(token_by.TokenBy, req) if cred.by_type == 'email': return self.get_token_by_email(req, cred.key) elif cred.by_type == 'eppn': return self.get_token_by_eppn(req, cred.key) except KeyError: raise fault.UnauthorizedFault("bad request email or eppn")
def authenticate(self, req): try: auth_with_credentials = utils.get_normalized_request_content( auth.AuthWithPasswordCredentials, req) result = config.SERVICE.authenticate(auth_with_credentials) except fault.BadRequestFault as e1: try: unscoped = utils.get_normalized_request_content( auth.AuthWithUnscopedToken, req) result = config.SERVICE.authenticate_with_unscoped_token( unscoped) except fault.BadRequestFault as e2: if e1.msg == e2.msg: raise e1 else: raise fault.BadRequestFault(e1.msg + ' or ' + e2.msg) return utils.send_result(200, req, result)
def authenticate(self, req): try: auth_with_credentials = utils.get_normalized_request_content( auth.AuthWithPasswordCredentials, req) result = self.identity_service.authenticate(auth_with_credentials) except fault.BadRequestFault as e1: try: unscoped = utils.get_normalized_request_content( auth.AuthWithUnscopedToken, req) result = self.identity_service.\ authenticate_with_unscoped_token(unscoped) except fault.BadRequestFault as e2: if e1.msg == e2.msg: raise e1 else: raise fault.BadRequestFault(e1.msg + ' or ' + e2.msg) return utils.send_result(200, req, result)
def get_token_by(self, req): try: cred = utils.get_normalized_request_content( token_by.TokenBy, req) if cred.by_type == 'email': return self.get_token_by_email(req, cred.key) elif cred.by_type == 'eppn': return self.get_token_by_eppn(req, cred.key) except KeyError: raise fault.UnauthorizedFault("bad request email or eppn")
def create_billunit(self, req): LOG.info( 'Before get_normalization Creating creat_billunit (self, req,) controller.biller.py' ) u = utils.get_normalized_request_content(Bill_Unit, req) LOG.info( 'Creating creat_billunit (self, req,) controller.biller.py :date: %s |enable:%s cpu:%s' % (u.date, u.enabled, u.vcpu)) return utils.send_result( 201, req, config.SERVICE.create_bill_unit(utils.get_auth_token(req), u))
def create_user_bill(self, req): LOG.info( 'Before get_normalization Creating creat_instance_bill (self, req,) controller.biller.py' ) u = utils.get_normalized_request_content(User_Bill, req) LOG.info( 'Creating creat_instacne (self, req,) controller.biller.py id :%s : name: %s |enable:%s cpu:%s' % (u.id, u.tenant_id, u.enabled, u.total_vcpu)) return utils.send_result( 201, req, config.SERVICE.create_user_bill(utils.get_auth_token(req), u))
def create_tenant(self, req): tenant = utils.get_normalized_request_content(tenants.Tenant, req) return utils.send_result(201, req, service.create_tenant(utils.get_auth_token(req), tenant))
def update_tenant(self, req, tenant_id): tenant = utils.get_normalized_request_content(Tenant, req) rval = self.identity_service.update_tenant(utils.get_auth_token(req), tenant_id, tenant) return utils.send_result(200, req, rval)
def create_service(self, req): service = utils.get_normalized_request_content(Service, req) return utils.send_result( 201, req, config.SERVICE.create_service(utils.get_auth_token(req), service))
def add_endpoint_to_tenant(self, req, tenant_id): endpoint = utils.get_normalized_request_content(EndpointTemplate, req) return utils.send_result(201, req, config.SERVICE.create_endpoint_for_tenant( utils.get_auth_token(req), tenant_id, endpoint, get_url(req)))
def create_role(self, req): role = utils.get_normalized_request_content(Role, req) return utils.send_result(201, req, config.SERVICE.create_role(utils.get_auth_token(req), role))
def create_role(self, req): role = utils.get_normalized_request_content(roles.Role, req) return utils.send_result(201, req, service.create_role(utils.get_auth_token(req), role))
def authenticate_s3(self, req): creds = utils.get_normalized_request_content(auth.S3Credentials, req) return utils.send_result(200, req, config.SERVICE.authenticate_s3(creds))
def authenticate_ec2(self, req): creds = utils.get_normalized_request_content(auth.Ec2Credentials, req) return utils.send_result(200, req, self.identity_service.authenticate_ec2(creds))
def update_tenant(self, req, tenant_id): tenant = utils.get_normalized_request_content(Tenant, req) rval = config.SERVICE.update_tenant(utils.get_auth_token(req), tenant_id, tenant) return utils.send_result(200, req, rval)
def create_tenant(self, req): tenant = utils.get_normalized_request_content(Tenant, req) return utils.send_result( 201, req, config.SERVICE.create_tenant(utils.get_auth_token(req), tenant))
def create_user(self, req): user = utils.get_normalized_request_content(users.User, req) return utils.send_result(201, req, service.create_user(utils.get_auth_token(req), \ user))
def create_group(self, req): group = utils.get_normalized_request_content(tenants.GlobalGroup, req) return utils.send_result(201, req, service.create_global_group(utils.get_auth_token(req), group))
def update_password_credential(self, req, user_id): credential = utils.get_normalized_request_content( PasswordCredentials, req) credential = self.identity_service.update_password_credentials( utils.get_auth_token(req), user_id, credential) return utils.send_result(200, req, credential)
def create_user(self, req): u = utils.get_normalized_request_content(User, req) return utils.send_result( 201, req, self.identity_service.create_user(utils.get_auth_token(req), u))
def authenticate(self, req): creds = utils.get_normalized_request_content( auth.PasswordCredentials, req) return utils.send_result(200, req, config.SERVICE.authenticate(creds))
def create_role(self, req): role = utils.get_normalized_request_content(Role, req) return utils.send_result( 201, req, config.SERVICE.create_role(utils.get_auth_token(req), role))
def set_user_enabled(self, req, user_id): user = utils.get_normalized_request_content(User_Update, req) rval = self.identity_service.enable_disable_user( utils.get_auth_token(req), user_id, user) return utils.send_result(200, req, rval)
def update_group(self, req, group_id): group = utils.get_normalized_request_content(GlobalGroup, req) rval = config.SERVICE.update_global_group( utils.get_auth_token(req), group_id, group) return utils.send_result(200, req, rval)
def add_endpoint_to_tenant(self, req, tenant_id): endpoint = utils.get_normalized_request_content(EndpointTemplate, req) return utils.send_result( 201, req, self.identity_service.create_endpoint_for_tenant( utils.get_auth_token(req), tenant_id, endpoint))
def create_user(self, req): u = utils.get_normalized_request_content(User, req) return utils.send_result(201, req, self.identity_service.create_user( utils.get_auth_token(req), u))
def create_tenant(self, req): tenant = utils.get_normalized_request_content(Tenant, req) return utils.send_result(201, req, config.SERVICE.create_tenant(utils.get_auth_token(req), tenant))
def create_user(self, req): u = utils.get_normalized_request_content(User, req) return utils.send_result( 201, req, config.SERVICE.create_user(utils.get_auth_token(req), u))
def create_tenant(self, req): tenant = utils.get_normalized_request_content(Tenant, req) return utils.send_result(201, req, self.identity_service.create_tenant(utils.get_auth_token(req), tenant))
def update_user_tenant(self, req, user_id): user = utils.get_normalized_request_content(User_Update, req) rval = config.SERVICE.set_user_tenant(utils.get_auth_token(req), user_id, user) return utils.send_result(200, req, rval)
def authenticate(self, req): self.request = req creds = utils.get_normalized_request_content(auth.PasswordCredentials, req) return utils.send_result(200, req, service.authenticate(creds))
def create_service(self, req): service = utils.get_normalized_request_content(Service, req) return utils.send_result(201, req, self.identity_service.create_service(utils.get_auth_token(req), service))
def update_tenant(self, req, tenant_id): tenant = utils.get_normalized_request_content(tenants.Tenant, req) rval = service.update_tenant(utils.get_auth_token(req), tenant_id, tenant) return utils.send_result(200, req, rval)
def create_user(self, req): u = utils.get_normalized_request_content(User, req) return utils.send_result(201, req, config.SERVICE.create_user( utils.get_auth_token(req), u))
def update_user_tenant(self, req, user_id): user = utils.get_normalized_request_content(users.User_Update, req) rval = service.set_user_tenant(utils.get_auth_token(req), user_id, user) return utils.send_result(200, req, rval)
def set_user_password(self, req, user_id): user = utils.get_normalized_request_content(User_Update, req) rval = config.SERVICE.set_user_password(utils.get_auth_token(req), user_id, user) return utils.send_result(200, req, rval)
def update_group(self, req, group_id): group = utils.get_normalized_request_content(tenants.GlobalGroup, req) rval = service.update_global_group(utils.get_auth_token(req), group_id, group) return utils.send_result(200, req, rval)
def add_endpoint_to_tenant(self, req, tenant_id): endpoint = utils.get_normalized_request_content(EndpointTemplate, req) return utils.send_result( 201, req, config.SERVICE.create_endpoint_for_tenant( utils.get_auth_token(req), tenant_id, endpoint, get_url(req)))
def add_baseurls_to_tenant(self, req, tenant_id): baseurl = utils.get_normalized_request_content(baseURLs.BaseURL, req) return utils.send_result(201, req, service.create_baseurl_ref_to_tenant( utils.get_auth_token(req), tenant_id, baseurl, get_url(req)))
def create_role(self, req): role = utils.get_normalized_request_content(Role, req) return utils.send_result( 201, req, self.identity_service.create_role(utils.get_auth_token(req), role))
def update_user_tenant(self, req, user_id): user = utils.get_normalized_request_content(User_Update, req) rval = self.identity_service.set_user_tenant(utils.get_auth_token(req), user_id, user) return utils.send_result(200, req, rval)
def add_endpoint_template(self, req): endpoint_template = utils.get_normalized_request_content( EndpointTemplate, req) return utils.send_result(201, req, config.SERVICE.add_endpoint_template(utils.get_auth_token(req), endpoint_template))
def create_role_ref(self, req, user_id): roleRef = utils.get_normalized_request_content(RoleRef, req) return utils.send_result(201, req, config.SERVICE.create_role_ref( utils.get_auth_token(req), user_id, roleRef))
def create_role_ref(self, req, user_id): roleRef = utils.get_normalized_request_content(RoleRef, req) return utils.send_result( 201, req, config.SERVICE.create_role_ref(utils.get_auth_token(req), user_id, roleRef))