예제 #1
0
    def __call__(self, req):
        if 'X-Auth-Token' not in req.headers:
            os_url = req.url
            version = common.get_version_from_href(os_url)
            user_id = req.headers.get('X-Auth-User', 'admin')
            project_id = req.headers.get('X-Auth-Project-Id', 'admin')
            if version == '1.1':
                os_url += '/' + project_id
            res = webob.Response()
            # NOTE(vish): This is expecting and returning Auth(1.1), whereas
            #             keystone uses 2.0 auth.  We should probably allow
            #             2.0 auth here as well.
            res.headers['X-Auth-Token'] = '%s:%s' % (user_id, project_id)
            res.headers['X-Server-Management-Url'] = os_url
            res.headers['X-Storage-Url'] = ''
            res.headers['X-CDN-Management-Url'] = ''
            res.content_type = 'text/plain'
            res.status = '204'
            return res

        token = req.headers['X-Auth-Token']
        user_id, _sep, project_id = token.partition(':')
        project_id = project_id or user_id
        remote_address = getattr(req, 'remote_address', '127.0.0.1')
        if FLAGS.use_forwarded_for:
            remote_address = req.headers.get('X-Forwarded-For', remote_address)
        ctx = context.RequestContext(user_id,
                                     project_id,
                                     is_admin=True,
                                     remote_address=remote_address)

        req.environ['nova.context'] = ctx
        return self.application
예제 #2
0
파일: auth.py 프로젝트: JetStreamPilot/nova
    def __call__(self, req):
        if 'X-Auth-Token' not in req.headers:
            os_url = req.url
            version = common.get_version_from_href(os_url)
            user_id = req.headers.get('X-Auth-User', 'admin')
            project_id = req.headers.get('X-Auth-Project-Id', 'admin')
            if version == '1.1':
                os_url = os.path.join(os_url, project_id)
            res = webob.Response()
            # NOTE(vish): This is expecting and returning Auth(1.1), whereas
            #             keystone uses 2.0 auth.  We should probably allow
            #             2.0 auth here as well.
            res.headers['X-Auth-Token'] = '%s:%s' % (user_id, project_id)
            res.headers['X-Server-Management-Url'] = os_url
            res.headers['X-Storage-Url'] = ''
            res.headers['X-CDN-Management-Url'] = ''
            res.content_type = 'text/plain'
            res.status = '204'
            return res

        token = req.headers['X-Auth-Token']
        user_id, _sep, project_id = token.partition(':')
        project_id = project_id or user_id
        remote_address = getattr(req, 'remote_address', '127.0.0.1')
        if FLAGS.use_forwarded_for:
            remote_address = req.headers.get('X-Forwarded-For', remote_address)
        ctx = context.RequestContext(user_id,
                                     project_id,
                                     is_admin=True,
                                     remote_address=remote_address)

        req.environ['nova.context'] = ctx
        return self.application
예제 #3
0
파일: faults.py 프로젝트: Oneiroi/nova
    def __call__(self, req):
        """Generate a WSGI response based on the exception passed to ctor."""
        # Replace the body with fault details.
        code = self.wrapped_exc.status_int
        fault_name = self._fault_names.get(code, "cloudServersFault")
        fault_data = {
            fault_name: {
                'code': code,
                'message': self.wrapped_exc.explanation}}
        if code == 413:
            retry = self.wrapped_exc.headers['Retry-After']
            fault_data[fault_name]['retryAfter'] = retry

        # 'code' is an attribute on the fault tag itself
        metadata = {'attributes': {fault_name: 'code'}}

        content_type = req.best_match_content_type()

        xml_serializer = {
            '1.0': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V10),
            '1.1': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V11),
        }[common.get_version_from_href(req.url)]

        serializer = {
            'application/xml': xml_serializer,
            'application/json': wsgi.JSONDictSerializer(),
        }[content_type]

        self.wrapped_exc.body = serializer.serialize(fault_data)
        self.wrapped_exc.content_type = content_type

        return self.wrapped_exc
예제 #4
0
    def __call__(self, req):
        """Generate a WSGI response based on the exception passed to ctor."""
        # Replace the body with fault details.
        code = self.wrapped_exc.status_int
        fault_name = self._fault_names.get(code, "cloudServersFault")
        fault_data = {
            fault_name: {
                'code': code,
                'message': self.wrapped_exc.explanation
            }
        }
        if code == 413:
            retry = self.wrapped_exc.headers['Retry-After']
            fault_data[fault_name]['retryAfter'] = retry

        # 'code' is an attribute on the fault tag itself
        metadata = {'attributes': {fault_name: 'code'}}

        content_type = req.best_match_content_type()

        xml_serializer = {
            '1.0': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V10),
            '1.1': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V11),
        }[common.get_version_from_href(req.url)]

        serializer = {
            'application/xml': xml_serializer,
            'application/json': wsgi.JSONDictSerializer(),
        }[content_type]

        self.wrapped_exc.body = serializer.serialize(fault_data)
        self.wrapped_exc.content_type = content_type

        return self.wrapped_exc
예제 #5
0
파일: auth.py 프로젝트: Razique/nova
    def _authorize_user(self, username, key, req):
        """Generates a new token and assigns it to a user.

        username - string
        key - string API key
        req - wsgi.Request object
        """
        ctxt = context.get_admin_context()

        project_id = req.headers.get('X-Auth-Project-Id')
        if project_id is None:
            # If the project_id is not provided in the headers, be forgiving to
            # the user and set project_id based on a valid project of theirs.
            user = self.auth.get_user_from_access_key(key)
            projects = self.auth.get_projects(user.id)
            if not projects:
                raise webob.exc.HTTPUnauthorized()
            project_id = projects[0].id

        try:
            user = self.auth.get_user_from_access_key(key)
        except exception.NotFound:
            LOG.warn(_("User not found with provided API key."))
            user = None

        if user and user.name == username:
            token_hash = hashlib.sha1('%s%s%f' % (username, key,
                time.time())).hexdigest()
            token_dict = {}
            token_dict['token_hash'] = token_hash
            token_dict['cdn_management_url'] = ''
            os_url = req.url
            token_dict['server_management_url'] = os_url.strip('/')
            version = common.get_version_from_href(os_url)
            if version in ('1.1', '2'):
                token_dict['server_management_url'] += '/' + project_id
            token_dict['storage_url'] = ''
            token_dict['user_id'] = user.id
            token = self.db.auth_token_create(ctxt, token_dict)
            return token, user
        elif user and user.name != username:
            msg = _("Provided API key is valid, but not for user "
                    "'%(username)s'") % locals()
            LOG.warn(msg)

        return None, None
예제 #6
0
    def _authorize_user(self, username, key, req):
        """Generates a new token and assigns it to a user.

        username - string
        key - string API key
        req - wsgi.Request object
        """
        ctxt = context.get_admin_context()

        project_id = req.headers.get('X-Auth-Project-Id')
        if project_id is None:
            # If the project_id is not provided in the headers, be forgiving to
            # the user and set project_id based on a valid project of theirs.
            user = self.auth.get_user_from_access_key(key)
            projects = self.auth.get_projects(user.id)
            if not projects:
                raise webob.exc.HTTPUnauthorized()
            project_id = projects[0].id

        try:
            user = self.auth.get_user_from_access_key(key)
        except exception.NotFound:
            LOG.warn(_("User not found with provided API key."))
            user = None

        if user and user.name == username:
            token_hash = hashlib.sha1(
                '%s%s%f' % (username, key, time.time())).hexdigest()
            token_dict = {}
            token_dict['token_hash'] = token_hash
            token_dict['cdn_management_url'] = ''
            os_url = req.url
            token_dict['server_management_url'] = os_url.strip('/')
            version = common.get_version_from_href(os_url)
            if version == '1.1':
                token_dict['server_management_url'] += '/' + project_id
            token_dict['storage_url'] = ''
            token_dict['user_id'] = user.id
            token = self.db.auth_token_create(ctxt, token_dict)
            return token, user
        elif user and user.name != username:
            msg = _("Provided API key is valid, but not for user "
                    "'%(username)s'") % locals()
            LOG.warn(msg)

        return None, None
예제 #7
0
    def __call__(self, request):
        """
        Return the wrapped exception with a serialized body conforming to our
        error format.
        """
        content_type = request.best_match_content_type()
        metadata = {"attributes": {"overLimitFault": "code"}}

        xml_serializer = {
            '1.0': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V10),
            '1.1': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V11),
        }[common.get_version_from_href(request.url)]

        serializer = {
            'application/xml': xml_serializer,
            'application/json': wsgi.JSONDictSerializer(),
        }[content_type]

        content = serializer.serialize(self.content)
        self.wrapped_exc.body = content

        return self.wrapped_exc
예제 #8
0
파일: faults.py 프로젝트: Oneiroi/nova
    def __call__(self, request):
        """
        Return the wrapped exception with a serialized body conforming to our
        error format.
        """
        content_type = request.best_match_content_type()
        metadata = {"attributes": {"overLimitFault": "code"}}

        xml_serializer = {
            '1.0': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V10),
            '1.1': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V11),
        }[common.get_version_from_href(request.url)]

        serializer = {
            'application/xml': xml_serializer,
            'application/json': wsgi.JSONDictSerializer(),
        }[content_type]

        content = serializer.serialize(self.content)
        self.wrapped_exc.body = content

        return self.wrapped_exc
예제 #9
0
 def test_get_version_from_href_default(self):
     fixture = "http://www.testsite.com/images"
     expected = "1.0"
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)
예제 #10
0
 def test_get_version_from_href_2(self):
     fixture = "http://www.testsite.com/v1.1"
     expected = "1.1"
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)
예제 #11
0
 def test_get_version_from_href_default(self):
     fixture = 'http://www.testsite.com/images'
     expected = '2'
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)
예제 #12
0
 def test_get_version_from_href_2(self):
     fixture = 'http://www.testsite.com/v1.1'
     expected = '1.1'
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)
예제 #13
0
파일: test_common.py 프로젝트: lovocas/nova
 def test_get_version_from_href(self):
     fixture = 'http://www.testsite.com/v1.1/images'
     expected = '1.1'
     actual = common.get_version_from_href(fixture)
     self.assertEqual(actual, expected)