def get_endpoint(service_catalog, service_type=None,
endpoint_region=CONF.os_region_name,
endpoint_type='publicURL'):
"""
Select an endpoint from the service catalog
We search the full service catalog for services
matching both type and region. The client is expected to
supply the region matching the service_type. There must
be one -- and only one -- successful match in the catalog,
otherwise we will raise an exception.
Some parts copied from glance/common/auth.py.
"""
if not service_catalog:
raise exception.EmptyCatalog()
# per IRC chat, X-Service-Catalog will be a v2 catalog regardless of token
# format; see https://bugs.launchpad.net/python-keystoneclient/+bug/1302970
# 'token' key necessary to get past factory validation
sc = ServiceCatalog.factory({'token': None,
'serviceCatalog': service_catalog})
urls = sc.get_urls(service_type=service_type, region_name=endpoint_region,
endpoint_type=endpoint_type)
if not urls:
raise exception.NoServiceEndpoint(service_type=service_type,
endpoint_region=endpoint_region,
endpoint_type=endpoint_type)
return urls[0]
def get_endpoint(service_catalog,
service_type=None,
endpoint_region=CONF.os_region_name,
endpoint_type='publicURL'):
"""
Select an endpoint from the service catalog
We search the full service catalog for services
matching both type and region. The client is expected to
supply the region matching the service_type. There must
be one -- and only one -- successful match in the catalog,
otherwise we will raise an exception.
Some parts copied from glance/common/auth.py.
"""
if not service_catalog:
raise exception.EmptyCatalog()
# per IRC chat, X-Service-Catalog will be a v2 catalog regardless of token
# format; see https://bugs.launchpad.net/python-keystoneclient/+bug/1302970
# 'token' key necessary to get past factory validation
sc = ServiceCatalog.factory({
'token': None,
'serviceCatalog': service_catalog
})
urls = sc.get_urls(service_type=service_type,
region_name=endpoint_region,
endpoint_type=endpoint_type)
if not urls:
raise exception.NoServiceEndpoint(service_type=service_type,
endpoint_region=endpoint_region,
endpoint_type=endpoint_type)
return urls[0]
def __init__(self, auth=None):
if not isinstance(auth, (v2.Password, v2.Token)):
raise KeystoneClient.Exceptions.AuthorizationFailure(
"Unknown authentication identity class")
keystone = KeystoneClient()
credentials = auth.get_auth_data()
# Create passed tenant and user in case of tenant session so auth will work
tenant = None
if auth.tenant_id:
data = credentials['passwordCredentials']
try:
keystone.users.create(name=data['username'],
password=data['password'])
except KeystoneClient.Exceptions.Conflict:
pass
try:
tenant = keystone.tenants.create(tenant_name='test-%s' %
auth.tenant_id)
except KeystoneClient.Exceptions.Conflict:
tenant = keystone.tenants.get(auth.tenant_id)
tenant.id = auth.tenant_id
elif auth.tenant_name:
try:
tenant = keystone.tenants.find(name=auth.tenant_name)
except:
raise KeystoneClient.Exceptions.AuthorizationFailure(
"Unknown tenant %s" % auth.tenant_name)
self.auth = KeystoneClient.Auth(**credentials)
self.auth._build_service_catalog(auth.auth_url, tenant)
catalog = ServiceCatalog.factory(self.auth.auth_ref)
endpoints = [
e[0]['publicURL'] for e in catalog.get_endpoints().values()
]
if auth.auth_url not in endpoints:
raise KeystoneClient.Exceptions.ConnectionRefused(
"Unable to establish connection to %s" % auth.auth_url)
def generate_test_data():
''' Builds a set of test_data data as returned by Keystone V2. '''
test_data = TestDataContainer()
keystone_service = {
'type':
'identity',
'name':
'keystone',
'endpoints_links': [],
'endpoints': [{
'region': 'RegionOne',
'adminURL': 'http://admin.localhost:35357/v2.0',
'internalURL': 'http://internal.localhost:5000/v2.0',
'publicURL': 'http://public.localhost:5000/v2.0'
}]
}
# Users
user_dict = {
'id': uuid.uuid4().hex,
'name': 'gabriel',
'email': '*****@*****.**',
'password': '******',
'token': '',
'enabled': True
}
test_data.user = User(UserManager(None), user_dict, loaded=True)
# Tenants
tenant_dict_1 = {
'id': uuid.uuid4().hex,
'name': 'tenant_one',
'description': '',
'enabled': True
}
tenant_dict_2 = {
'id': uuid.uuid4().hex,
'name': '',
'description': '',
'enabled': False
}
test_data.tenant_one = Tenant(TenantManager(None),
tenant_dict_1,
loaded=True)
test_data.tenant_two = Tenant(TenantManager(None),
tenant_dict_2,
loaded=True)
nova_service = {
'type': 'compute',
'name': 'nova',
'endpoint_links': [],
'endpoints': [
{
'region': 'RegionOne',
'adminURL': 'http://nova-admin.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id']),
'internalURL': 'http://nova-internal.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id']),
'publicURL': 'http://nova-public.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id'])
},
{
'region': 'RegionTwo',
'adminURL': 'http://nova2-admin.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id']),
'internalURL': 'http://nova2-internal.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id']),
'publicURL': 'http://nova2-public.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id'])
}
]
}
# Roles
role_dict = {'id': uuid.uuid4().hex, 'name': 'Member'}
test_data.role = Role(RoleManager, role_dict)
# Tokens
tomorrow = datetime_safe.datetime.now() + timedelta(days=1)
expiration = datetime_safe.datetime.isoformat(tomorrow)
scoped_token_dict = {
'access': {
'token': {
'id': uuid.uuid4().hex,
'expires': expiration,
'tenant': tenant_dict_1,
'tenants': [tenant_dict_1, tenant_dict_2]
},
'user': {
'id': user_dict['id'],
'name': user_dict['name'],
'roles': [role_dict]
},
'serviceCatalog': [keystone_service, nova_service]
}
}
test_data.scoped_access_info = AccessInfo.factory(resp=None,
body=scoped_token_dict)
unscoped_token_dict = {
'access': {
'token': {
'id': uuid.uuid4().hex,
'expires': expiration
},
'user': {
'id': user_dict['id'],
'name': user_dict['name'],
'roles': [role_dict]
},
'serviceCatalog': [keystone_service]
}
}
test_data.unscoped_access_info = AccessInfo.factory(
resp=None, body=unscoped_token_dict)
# Service Catalog
test_data.service_catalog = ServiceCatalog.factory({
'serviceCatalog': [keystone_service, nova_service],
'token': {
'id': scoped_token_dict['access']['token']['id'],
'expires': scoped_token_dict['access']['token']['expires'],
'user_id': user_dict['id'],
'tenant_id': tenant_dict_1['id']
}
})
return test_data
def generate_test_data():
''' Builds a set of test_data data as returned by Keystone V2. '''
test_data = TestDataContainer()
keystone_service = {
'type': 'identity',
'id': uuid.uuid4().hex,
'endpoints': [
{
'url': 'http://admin.localhost:35357/v3',
'region': 'RegionOne',
'interface': 'admin',
'id': uuid.uuid4().hex,
},
{
'url': 'http://internal.localhost:5000/v3',
'region': 'RegionOne',
'interface': 'internal',
'id': uuid.uuid4().hex
},
{
'url':'http://public.localhost:5000/v3',
'region':'RegionOne',
'interface': 'public',
'id': uuid.uuid4().hex
}
]
}
# Domains
domain_dict = {'id': uuid.uuid4().hex,
'name': 'domain',
'description': '',
'enabled': True}
test_data.domain = Domain(DomainManager(None), domain_dict, loaded=True)
# Users
user_dict = {'id': uuid.uuid4().hex,
'name': 'gabriel',
'email': '*****@*****.**',
'password': '******',
'domain_id': domain_dict['id'],
'token': '',
'enabled': True}
test_data.user = User(UserManager(None), user_dict, loaded=True)
# Projects
project_dict_1 = {'id': uuid.uuid4().hex,
'name': 'tenant_one',
'description': '',
'domain_id': domain_dict['id'],
'enabled': True}
project_dict_2 = {'id': uuid.uuid4().hex,
'name': '',
'description': '',
'domain_id': domain_dict['id'],
'enabled': False}
test_data.project_one = Project(ProjectManager(None),
project_dict_1,
loaded=True)
test_data.project_two = Project(ProjectManager(None),
project_dict_2,
loaded=True)
# Roles
role_dict = {'id': uuid.uuid4().hex,
'name': 'Member'}
test_data.role = Role(RoleManager, role_dict)
nova_service = {
'type': 'compute',
'id': uuid.uuid4().hex,
'endpoints': [
{
'url': 'http://nova-admin.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region': 'RegionOne',
'interface': 'admin',
'id': uuid.uuid4().hex,
},
{
'url': 'http://nova-internal.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region': 'RegionOne',
'interface': 'internal',
'id': uuid.uuid4().hex
},
{
'url':'http://nova-public.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region':'RegionOne',
'interface': 'public',
'id': uuid.uuid4().hex
},
{
'url': 'http://nova2-admin.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region': 'RegionTwo',
'interface': 'admin',
'id': uuid.uuid4().hex,
},
{
'url': 'http://nova2-internal.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region': 'RegionTwo',
'interface': 'internal',
'id': uuid.uuid4().hex
},
{
'url':'http://nova2-public.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region':'RegionTwo',
'interface': 'public',
'id': uuid.uuid4().hex
}
]
}
# Tokens
tomorrow = datetime_safe.datetime.now() + timedelta(days=1)
expiration = datetime_safe.datetime.isoformat(tomorrow)
auth_token = uuid.uuid4().hex
auth_response_headers = {
'X-Subject-Token': auth_token
}
auth_response = TestResponse({
"headers": auth_response_headers
})
scoped_token_dict = {
'token': {
'methods': ['password'],
'expires_at': expiration,
'project': {
'id': project_dict_1['id'],
'name': project_dict_1['name'],
'domain': {
'id': domain_dict['id'],
'name': domain_dict['name']
}
},
'user': {
'id': user_dict['id'],
'name': user_dict['name'],
'domain': {
'id': domain_dict['id'],
'name': domain_dict['name']
}
},
'roles': [role_dict],
'catalog': [keystone_service, nova_service]
}
}
test_data.scoped_access_info = AccessInfo.factory(
resp=auth_response,
body=scoped_token_dict
)
unscoped_token_dict = {
'token': {
'methods': ['password'],
'expires_at': expiration,
'user': {
'id': user_dict['id'],
'name': user_dict['name'],
'domain': {
'id': domain_dict['id'],
'name': domain_dict['name']
}
},
'roles': [role_dict],
'catalog': [keystone_service]
}
}
test_data.unscoped_access_info = AccessInfo.factory(
resp=auth_response,
body=unscoped_token_dict
)
# Service Catalog
test_data.service_catalog = ServiceCatalog.factory({
'methods': ['password'],
'user': {},
'catalog': [keystone_service, nova_service],
}, token=auth_token)
return test_data
def generate_test_data():
''' Builds a set of test_data data as returned by Keystone V2. '''
test_data = TestDataContainer()
keystone_service = {
'type': 'identity',
'name': 'keystone',
'endpoints_links': [],
'endpoints': [
{
'region': 'RegionOne',
'adminURL': 'http://admin.localhost:35357/v2.0',
'internalURL': 'http://internal.localhost:5000/v2.0',
'publicURL': 'http://public.localhost:5000/v2.0'
}
]
}
# Users
user_dict = {'id': uuid.uuid4().hex,
'name': 'gabriel',
'email': '*****@*****.**',
'password': '******',
'token': '',
'enabled': True}
test_data.user = User(UserManager(None), user_dict, loaded=True)
# Tenants
tenant_dict_1 = {'id': uuid.uuid4().hex,
'name': 'tenant_one',
'description': '',
'enabled': True}
tenant_dict_2 = {'id': uuid.uuid4().hex,
'name': '',
'description': '',
'enabled': False}
test_data.tenant_one = Tenant(TenantManager(None),
tenant_dict_1,
loaded=True)
test_data.tenant_two = Tenant(TenantManager(None),
tenant_dict_2,
loaded=True)
nova_service = {
'type': 'compute',
'name': 'nova',
'endpoint_links': [],
'endpoints': [
{
'region': 'RegionOne',
'adminURL': 'http://nova-admin.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id']),
'internalURL': 'http://nova-internal.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id']),
'publicURL': 'http://nova-public.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id'])
},
{
'region': 'RegionTwo',
'adminURL': 'http://nova2-admin.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id']),
'internalURL': 'http://nova2-internal.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id']),
'publicURL': 'http://nova2-public.localhost:8774/v2.0/%s' \
% (tenant_dict_1['id'])
}
]
}
# Roles
role_dict = {'id': uuid.uuid4().hex,
'name': 'Member'}
test_data.role = Role(RoleManager, role_dict)
# Tokens
tomorrow = datetime_safe.datetime.now() + timedelta(days=1)
expiration = datetime_safe.datetime.isoformat(tomorrow)
scoped_token_dict = {
'access': {
'token': {
'id': uuid.uuid4().hex,
'expires': expiration,
'tenant': tenant_dict_1,
'tenants': [tenant_dict_1, tenant_dict_2]},
'user': {
'id': user_dict['id'],
'name': user_dict['name'],
'roles': [role_dict]},
'serviceCatalog': [keystone_service, nova_service]
}
}
test_data.scoped_access_info = AccessInfo.factory(
resp=None,
body=scoped_token_dict)
unscoped_token_dict = {
'access': {
'token': {
'id': uuid.uuid4().hex,
'expires': expiration},
'user': {
'id': user_dict['id'],
'name': user_dict['name'],
'roles': [role_dict]},
'serviceCatalog': [keystone_service]
}
}
test_data.unscoped_access_info = AccessInfo.factory(
resp=None,
body=unscoped_token_dict)
# Service Catalog
test_data.service_catalog = ServiceCatalog.factory({
'serviceCatalog': [keystone_service, nova_service],
'token': {
'id': scoped_token_dict['access']['token']['id'],
'expires': scoped_token_dict['access']['token']['expires'],
'user_id': user_dict['id'],
'tenant_id': tenant_dict_1['id']
}
})
return test_data
def generate_test_data():
''' Builds a set of test_data data as returned by Keystone V2. '''
test_data = TestDataContainer()
keystone_service = {
'type':
'identity',
'id':
uuid.uuid4().hex,
'endpoints': [{
'url': 'http://admin.localhost:35357/v3',
'region': 'RegionOne',
'interface': 'admin',
'id': uuid.uuid4().hex,
}, {
'url': 'http://internal.localhost:5000/v3',
'region': 'RegionOne',
'interface': 'internal',
'id': uuid.uuid4().hex
}, {
'url': 'http://public.localhost:5000/v3',
'region': 'RegionOne',
'interface': 'public',
'id': uuid.uuid4().hex
}]
}
# Domains
domain_dict = {
'id': uuid.uuid4().hex,
'name': 'domain',
'description': '',
'enabled': True
}
test_data.domain = Domain(DomainManager(None), domain_dict, loaded=True)
# Users
user_dict = {
'id': uuid.uuid4().hex,
'name': 'gabriel',
'email': '*****@*****.**',
'password': '******',
'domain_id': domain_dict['id'],
'token': '',
'enabled': True
}
test_data.user = User(UserManager(None), user_dict, loaded=True)
# Projects
project_dict_1 = {
'id': uuid.uuid4().hex,
'name': 'tenant_one',
'description': '',
'domain_id': domain_dict['id'],
'enabled': True
}
project_dict_2 = {
'id': uuid.uuid4().hex,
'name': '',
'description': '',
'domain_id': domain_dict['id'],
'enabled': False
}
test_data.project_one = Project(ProjectManager(None),
project_dict_1,
loaded=True)
test_data.project_two = Project(ProjectManager(None),
project_dict_2,
loaded=True)
# Roles
role_dict = {'id': uuid.uuid4().hex, 'name': 'Member'}
test_data.role = Role(RoleManager, role_dict)
nova_service = {
'type': 'compute',
'id': uuid.uuid4().hex,
'endpoints': [
{
'url': 'http://nova-admin.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region': 'RegionOne',
'interface': 'admin',
'id': uuid.uuid4().hex,
},
{
'url': 'http://nova-internal.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region': 'RegionOne',
'interface': 'internal',
'id': uuid.uuid4().hex
},
{
'url':'http://nova-public.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region':'RegionOne',
'interface': 'public',
'id': uuid.uuid4().hex
},
{
'url': 'http://nova2-admin.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region': 'RegionTwo',
'interface': 'admin',
'id': uuid.uuid4().hex,
},
{
'url': 'http://nova2-internal.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region': 'RegionTwo',
'interface': 'internal',
'id': uuid.uuid4().hex
},
{
'url':'http://nova2-public.localhost:8774/v2.0/%s' \
% (project_dict_1['id']),
'region':'RegionTwo',
'interface': 'public',
'id': uuid.uuid4().hex
}
]
}
# Tokens
tomorrow = datetime_safe.datetime.now() + timedelta(days=1)
expiration = datetime_safe.datetime.isoformat(tomorrow)
auth_token = uuid.uuid4().hex
auth_response_headers = {'X-Subject-Token': auth_token}
auth_response = TestResponse({"headers": auth_response_headers})
scoped_token_dict = {
'token': {
'methods': ['password'],
'expires_at': expiration,
'project': {
'id': project_dict_1['id'],
'name': project_dict_1['name'],
'domain': {
'id': domain_dict['id'],
'name': domain_dict['name']
}
},
'user': {
'id': user_dict['id'],
'name': user_dict['name'],
'domain': {
'id': domain_dict['id'],
'name': domain_dict['name']
}
},
'roles': [role_dict],
'catalog': [keystone_service, nova_service]
}
}
test_data.scoped_access_info = AccessInfo.factory(resp=auth_response,
body=scoped_token_dict)
unscoped_token_dict = {
'token': {
'methods': ['password'],
'expires_at': expiration,
'user': {
'id': user_dict['id'],
'name': user_dict['name'],
'domain': {
'id': domain_dict['id'],
'name': domain_dict['name']
}
},
'roles': [role_dict],
'catalog': [keystone_service]
}
}
test_data.unscoped_access_info = AccessInfo.factory(
resp=auth_response, body=unscoped_token_dict)
# Service Catalog
test_data.service_catalog = ServiceCatalog.factory(
{
'methods': ['password'],
'user': {},
'catalog': [keystone_service, nova_service],
},
token=auth_token)
return test_data