def __call__(self, req): if 'X-Auth-Token' not in req.headers: os_url = req.url version = common.get_version_from_href(os_url) user_id = req.headers.get('X-Auth-User', 'admin') project_id = req.headers.get('X-Auth-Project-Id', 'admin') if version == '1.1': os_url += '/' + project_id res = webob.Response() # NOTE(vish): This is expecting and returning Auth(1.1), whereas # keystone uses 2.0 auth. We should probably allow # 2.0 auth here as well. res.headers['X-Auth-Token'] = '%s:%s' % (user_id, project_id) res.headers['X-Server-Management-Url'] = os_url res.headers['X-Storage-Url'] = '' res.headers['X-CDN-Management-Url'] = '' res.content_type = 'text/plain' res.status = '204' return res token = req.headers['X-Auth-Token'] user_id, _sep, project_id = token.partition(':') project_id = project_id or user_id remote_address = getattr(req, 'remote_address', '127.0.0.1') if FLAGS.use_forwarded_for: remote_address = req.headers.get('X-Forwarded-For', remote_address) ctx = context.RequestContext(user_id, project_id, is_admin=True, remote_address=remote_address) req.environ['nova.context'] = ctx return self.application
def __call__(self, req): if 'X-Auth-Token' not in req.headers: os_url = req.url version = common.get_version_from_href(os_url) user_id = req.headers.get('X-Auth-User', 'admin') project_id = req.headers.get('X-Auth-Project-Id', 'admin') if version == '1.1': os_url = os.path.join(os_url, project_id) res = webob.Response() # NOTE(vish): This is expecting and returning Auth(1.1), whereas # keystone uses 2.0 auth. We should probably allow # 2.0 auth here as well. res.headers['X-Auth-Token'] = '%s:%s' % (user_id, project_id) res.headers['X-Server-Management-Url'] = os_url res.headers['X-Storage-Url'] = '' res.headers['X-CDN-Management-Url'] = '' res.content_type = 'text/plain' res.status = '204' return res token = req.headers['X-Auth-Token'] user_id, _sep, project_id = token.partition(':') project_id = project_id or user_id remote_address = getattr(req, 'remote_address', '127.0.0.1') if FLAGS.use_forwarded_for: remote_address = req.headers.get('X-Forwarded-For', remote_address) ctx = context.RequestContext(user_id, project_id, is_admin=True, remote_address=remote_address) req.environ['nova.context'] = ctx return self.application
def __call__(self, req): """Generate a WSGI response based on the exception passed to ctor.""" # Replace the body with fault details. code = self.wrapped_exc.status_int fault_name = self._fault_names.get(code, "cloudServersFault") fault_data = { fault_name: { 'code': code, 'message': self.wrapped_exc.explanation}} if code == 413: retry = self.wrapped_exc.headers['Retry-After'] fault_data[fault_name]['retryAfter'] = retry # 'code' is an attribute on the fault tag itself metadata = {'attributes': {fault_name: 'code'}} content_type = req.best_match_content_type() xml_serializer = { '1.0': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V10), '1.1': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V11), }[common.get_version_from_href(req.url)] serializer = { 'application/xml': xml_serializer, 'application/json': wsgi.JSONDictSerializer(), }[content_type] self.wrapped_exc.body = serializer.serialize(fault_data) self.wrapped_exc.content_type = content_type return self.wrapped_exc
def __call__(self, req): """Generate a WSGI response based on the exception passed to ctor.""" # Replace the body with fault details. code = self.wrapped_exc.status_int fault_name = self._fault_names.get(code, "cloudServersFault") fault_data = { fault_name: { 'code': code, 'message': self.wrapped_exc.explanation } } if code == 413: retry = self.wrapped_exc.headers['Retry-After'] fault_data[fault_name]['retryAfter'] = retry # 'code' is an attribute on the fault tag itself metadata = {'attributes': {fault_name: 'code'}} content_type = req.best_match_content_type() xml_serializer = { '1.0': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V10), '1.1': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V11), }[common.get_version_from_href(req.url)] serializer = { 'application/xml': xml_serializer, 'application/json': wsgi.JSONDictSerializer(), }[content_type] self.wrapped_exc.body = serializer.serialize(fault_data) self.wrapped_exc.content_type = content_type return self.wrapped_exc
def _authorize_user(self, username, key, req): """Generates a new token and assigns it to a user. username - string key - string API key req - wsgi.Request object """ ctxt = context.get_admin_context() project_id = req.headers.get('X-Auth-Project-Id') if project_id is None: # If the project_id is not provided in the headers, be forgiving to # the user and set project_id based on a valid project of theirs. user = self.auth.get_user_from_access_key(key) projects = self.auth.get_projects(user.id) if not projects: raise webob.exc.HTTPUnauthorized() project_id = projects[0].id try: user = self.auth.get_user_from_access_key(key) except exception.NotFound: LOG.warn(_("User not found with provided API key.")) user = None if user and user.name == username: token_hash = hashlib.sha1('%s%s%f' % (username, key, time.time())).hexdigest() token_dict = {} token_dict['token_hash'] = token_hash token_dict['cdn_management_url'] = '' os_url = req.url token_dict['server_management_url'] = os_url.strip('/') version = common.get_version_from_href(os_url) if version in ('1.1', '2'): token_dict['server_management_url'] += '/' + project_id token_dict['storage_url'] = '' token_dict['user_id'] = user.id token = self.db.auth_token_create(ctxt, token_dict) return token, user elif user and user.name != username: msg = _("Provided API key is valid, but not for user " "'%(username)s'") % locals() LOG.warn(msg) return None, None
def _authorize_user(self, username, key, req): """Generates a new token and assigns it to a user. username - string key - string API key req - wsgi.Request object """ ctxt = context.get_admin_context() project_id = req.headers.get('X-Auth-Project-Id') if project_id is None: # If the project_id is not provided in the headers, be forgiving to # the user and set project_id based on a valid project of theirs. user = self.auth.get_user_from_access_key(key) projects = self.auth.get_projects(user.id) if not projects: raise webob.exc.HTTPUnauthorized() project_id = projects[0].id try: user = self.auth.get_user_from_access_key(key) except exception.NotFound: LOG.warn(_("User not found with provided API key.")) user = None if user and user.name == username: token_hash = hashlib.sha1( '%s%s%f' % (username, key, time.time())).hexdigest() token_dict = {} token_dict['token_hash'] = token_hash token_dict['cdn_management_url'] = '' os_url = req.url token_dict['server_management_url'] = os_url.strip('/') version = common.get_version_from_href(os_url) if version == '1.1': token_dict['server_management_url'] += '/' + project_id token_dict['storage_url'] = '' token_dict['user_id'] = user.id token = self.db.auth_token_create(ctxt, token_dict) return token, user elif user and user.name != username: msg = _("Provided API key is valid, but not for user " "'%(username)s'") % locals() LOG.warn(msg) return None, None
def __call__(self, request): """ Return the wrapped exception with a serialized body conforming to our error format. """ content_type = request.best_match_content_type() metadata = {"attributes": {"overLimitFault": "code"}} xml_serializer = { '1.0': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V10), '1.1': wsgi.XMLDictSerializer(metadata, wsgi.XMLNS_V11), }[common.get_version_from_href(request.url)] serializer = { 'application/xml': xml_serializer, 'application/json': wsgi.JSONDictSerializer(), }[content_type] content = serializer.serialize(self.content) self.wrapped_exc.body = content return self.wrapped_exc
def test_get_version_from_href_default(self): fixture = "http://www.testsite.com/images" expected = "1.0" actual = common.get_version_from_href(fixture) self.assertEqual(actual, expected)
def test_get_version_from_href_2(self): fixture = "http://www.testsite.com/v1.1" expected = "1.1" actual = common.get_version_from_href(fixture) self.assertEqual(actual, expected)
def test_get_version_from_href_default(self): fixture = 'http://www.testsite.com/images' expected = '2' actual = common.get_version_from_href(fixture) self.assertEqual(actual, expected)
def test_get_version_from_href_2(self): fixture = 'http://www.testsite.com/v1.1' expected = '1.1' actual = common.get_version_from_href(fixture) self.assertEqual(actual, expected)
def test_get_version_from_href(self): fixture = 'http://www.testsite.com/v1.1/images' expected = '1.1' actual = common.get_version_from_href(fixture) self.assertEqual(actual, expected)