def authenticate_user(auth_endpoint, username, password, tenant_id=None, log=None, pool=None):
"""
Authenticate to a Identity auth endpoint with a username and password.
:param str auth_endpoint: Identity API endpoint URL.
:param str username: Username to authenticate as.
:param str password: Password for the specified user.
:param str tenant_id: Tenant ID to include in auth request
:param log: If provided, a BoundLog object.
:param twisted.web.client.HTTPConnectionPool pool: If provided,
a connection pool which an integration test can manually clean up
to avoid a race condition between Trial and Twisted.
:return: Decoded JSON response as dict.
"""
if not log:
log = _DoNothingLogger(None, None)
request = {"auth": {"passwordCredentials": {"username": username, "password": password}}}
if tenant_id:
request["auth"]["tenantId"] = tenant_id
d = treq.post(append_segments(auth_endpoint, "tokens"), json.dumps(request), headers=headers(), log=log, pool=pool)
d.addCallback(check_success, [200, 203])
d.addErrback(wrap_upstream_error, "identity", ("authenticating", username), auth_endpoint)
d.addCallback(treq.json_content)
return d
def impersonate_user(auth_endpoint, identity_admin_token, username,
expire_in=10800, log=None):
"""
Acquire an auth-token for a user via impersonation.
:param str auth_endpoint: Identity API endpoint URL.
:param str identity_admin_token: Auth token that has the appropriate
permissions to impersonate other users.
:param str username: Username to impersonate.
:param str expire_in: Number of seconds for which the token will be valid.
:return: Decoded JSON as dict.
"""
d = treq.post(
append_segments(auth_endpoint, 'RAX-AUTH', 'impersonation-tokens'),
json.dumps({
"RAX-AUTH:impersonation": {
"user": {"username": username},
"expire-in-seconds": expire_in
}
}),
headers=headers(identity_admin_token),
log=log)
d.addCallback(check_success, [200, 203])
d.addErrback(wrap_request_error, auth_endpoint, data='impersonation')
d.addCallback(treq.json_content)
return d
def authenticate_user(auth_endpoint, username, password, log=None):
"""
Authenticate to a Identity auth endpoint with a username and password.
:param str auth_endpoint: Identity API endpoint URL.
:param str username: Username to authenticate as.
:param str password: Password for the specified user.
:return: Decoded JSON response as dict.
"""
d = treq.post(
append_segments(auth_endpoint, 'tokens'),
json.dumps(
{
"auth": {
"passwordCredentials": {
"username": username,
"password": password
}
}
}),
headers=headers(),
log=log)
d.addCallback(check_success, [200, 203])
d.addErrback(wrap_request_error, auth_endpoint,
data=('authenticating', username))
d.addCallback(treq.json_content)
return d
def impersonate_user(auth_endpoint,
identity_admin_token,
username,
expire_in=10800,
log=None):
"""
Acquire an auth-token for a user via impersonation.
:param str auth_endpoint: Identity API endpoint URL.
:param str identity_admin_token: Auth token that has the appropriate
permissions to impersonate other users.
:param str username: Username to impersonate.
:param str expire_in: Number of seconds for which the token will be valid.
:return: Decoded JSON as dict.
"""
d = treq.post(append_segments(auth_endpoint, 'RAX-AUTH',
'impersonation-tokens'),
json.dumps({
"RAX-AUTH:impersonation": {
"user": {
"username": username
},
"expire-in-seconds": expire_in
}
}),
headers=headers(identity_admin_token),
log=log)
d.addCallback(check_success, [200, 203])
d.addErrback(wrap_upstream_error, 'identity', 'impersonation',
auth_endpoint)
d.addCallback(treq.json_content)
return d
def add():
d = treq.post(path, headers=headers(auth_token),
data=json.dumps({"nodes": [{"address": ip_address,
"port": port,
"condition": "ENABLED",
"type": "PRIMARY"}]}),
log=lb_log)
d.addCallback(check_success, [200, 202])
d.addErrback(log_lb_unexpected_errors, path, lb_log, 'add_node')
return d
def create_server(server_endpoint, auth_token, server_config, log=None):
"""
Create a new server.
:param str server_endpoint: Server endpoint URI.
:param str auth_token: Keystone Auth Token.
:param dict server_config: Nova server config.
:return: Deferred that fires with the CreateServer response as a dict.
"""
path = append_segments(server_endpoint, 'servers')
d = treq.post(path, headers=headers(auth_token),
data=json.dumps({'server': server_config}), log=log)
d.addCallback(check_success, [202])
d.addErrback(wrap_request_error, path, 'server_create')
return d.addCallback(treq.json_content)
def add():
d = treq.post(path,
headers=headers(auth_token),
data=json.dumps({
"nodes": [{
"address": ip_address,
"port": port,
"condition": "ENABLED",
"type": "PRIMARY"
}]
}),
log=lb_log)
d.addCallback(check_success, [200, 202])
d.addErrback(log_lb_unexpected_errors, lb_log, 'add_node')
d.addErrback(wrap_request_error, path, 'add_node')
d.addErrback(check_deleted_clb, lb_id)
return d
def authenticate_user(auth_endpoint,
username,
password,
tenant_id=None,
log=None,
pool=None):
"""
Authenticate to a Identity auth endpoint with a username and password.
:param str auth_endpoint: Identity API endpoint URL.
:param str username: Username to authenticate as.
:param str password: Password for the specified user.
:param str tenant_id: Tenant ID to include in auth request
:param log: If provided, a BoundLog object.
:param twisted.web.client.HTTPConnectionPool pool: If provided,
a connection pool which an integration test can manually clean up
to avoid a race condition between Trial and Twisted.
:return: Decoded JSON response as dict.
"""
if not log:
log = _DoNothingLogger(None, None)
request = {
"auth": {
"passwordCredentials": {
"username": username,
"password": password
}
}
}
if tenant_id:
request['auth']['tenantId'] = tenant_id
d = treq.post(append_segments(auth_endpoint, 'tokens'),
json.dumps(request),
headers=headers(),
log=log,
pool=pool)
d.addCallback(check_success, [200, 203])
d.addErrback(wrap_upstream_error, 'identity', ('authenticating', username),
auth_endpoint)
d.addCallback(treq.json_content)
return d
def validate_launch_stack_config(log, region, service_catalog, auth_token,
launch_config):
"""Validates a launch_stack config using Heat's stack-preview endpoint."""
stack_args = launch_config['stack']
heat_endpoint = get_heat_endpoint(service_catalog, region)
url = append_segments(heat_endpoint, 'stacks', 'preview')
new_args = thaw(set_in(stack_args, ('stack_name',), 'as_%s' % uuid4()))
def catch_error(error):
error.trap(APIError)
if error.value.code in [400, 404, 409]:
raise InvalidLaunchConfiguration(error.value.body)
d = treq.post(
url, json.dumps(new_args), headers=headers(auth_token), log=log)
d.addCallback(check_success, [200])
d.addCallback(treq.json_content)
d.addErrback(catch_error)
return d
def validate_launch_stack_config(log, region, service_catalog, auth_token,
launch_config):
"""Validates a launch_stack config using Heat's stack-preview endpoint."""
stack_args = launch_config['stack']
heat_endpoint = get_heat_endpoint(service_catalog, region)
url = append_segments(heat_endpoint, 'stacks', 'preview')
new_args = thaw(set_in(stack_args, ('stack_name', ), 'as_%s' % uuid4()))
def catch_error(error):
error.trap(APIError)
if error.value.code in [400, 404, 409]:
raise InvalidLaunchConfiguration(error.value.body)
d = treq.post(url,
json.dumps(new_args),
headers=headers(auth_token),
log=log)
d.addCallback(check_success, [200])
d.addCallback(treq.json_content)
d.addErrback(catch_error)
return d
