def _get_barbican_client(self, context): """Creates a client to connect to the Barbican service. :param context: the user context for authentication :return: a Barbican Client object :raises Forbidden: if the context is None :raises KeyManagerError: if context is missing tenant or tenant is None or error occurs while creating client """ # Confirm context is provided, if not raise forbidden if not context: msg = u._("User is not authorized to use key manager.") LOG.error(msg) raise exception.Forbidden(msg) if not hasattr(context, 'tenant') or context.tenant is None: msg = u._("Unable to create Barbican Client without tenant " "attribute in context object.") LOG.error(msg) raise exception.KeyManagerError(reason=msg) if self._barbican_client and self._current_context == context: return self._barbican_client try: self._current_context = context auth = self._get_keystone_auth(context) sess = session.Session(auth=auth) self._barbican_endpoint = self._get_barbican_endpoint(auth, sess) self._barbican_client = barbican_client.Client( session=sess, endpoint=self._barbican_endpoint) except Exception as e: LOG.error(u._LE("Error creating Barbican client: %s"), e) raise exception.KeyManagerError(reason=e) self._base_url = self._create_base_url(auth, sess, self._barbican_endpoint) return self._barbican_client
def _get_barbican_client(self, context): """Creates a client to connect to the Barbican service. :param context: the user context for authentication :return: a Barbican Client object :raises Forbidden: if the context is None :raises KeyManagerError: if context is missing tenant or tenant is None or error occurs while creating client """ # Confirm context is provided, if not raise forbidden if not context: msg = u._("User is not authorized to use key manager.") LOG.error(msg) raise exception.Forbidden(msg) if not hasattr(context, "tenant") or context.tenant is None: msg = u._("Unable to create Barbican Client without tenant " "attribute in context object.") LOG.error(msg) raise exception.KeyManagerError(reason=msg) if self._barbican_client and self._current_context == context: return self._barbican_client try: self._current_context = context auth = self._get_keystone_auth(context) sess = session.Session(auth=auth) self._barbican_endpoint = self._get_barbican_endpoint(auth, sess) self._barbican_client = barbican_client.Client(session=sess, endpoint=self._barbican_endpoint) except Exception as e: LOG.error(u._LE("Error creating Barbican client: %s"), e) raise exception.KeyManagerError(reason=e) self._base_url = self._create_base_url(auth, sess, self._barbican_endpoint) return self._barbican_client
class CastellanException(Exception): """Base Castellan Exception To correctly use this class, inherit from it and define a 'message' property. That message will get printf'd with the keyword arguments provided to the constructor. """ message = u._("An unknown exception occurred") def __init__(self, message_arg=None, *args, **kwargs): if not message_arg: message_arg = self.message try: self.message = message_arg % kwargs except Exception as e: if _FATAL_EXCEPTION_FORMAT_ERRORS: raise e else: # at least get the core message out if something happened pass super(CastellanException, self).__init__(self.message)
class InsufficientCredentialDataError(CastellanException): message = u._("Insufficient credential data was provided, either " "\"token\" must be set in the passed conf, or a context " "with an \"auth_token\" property must be passed.")
class AuthTypeInvalidError(CastellanException): message = u._("Invalid auth_type was specified, auth_type: %(type)s")
class ManagedObjectNotFoundError(CastellanException): message = u._("Key not found, uuid: %(uuid)s")
class KeyManagerError(CastellanException): message = u._("Key manager error: %(reason)s")
class Forbidden(CastellanException): message = u._("You are not authorized to complete this action.")