def set_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC', 'OpenStack-API-Version'], expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID', 'OpenStack-API-Version'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH', 'HEAD'] )
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults( allow_headers=['Content-MD5', 'X-Image-Meta-Checksum', 'X-Storage-Token', 'Accept-Encoding', 'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID'], expose_headers=['X-Image-Meta-Checksum', 'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'] )
def _wrap_app(app): """Wraps wsgi app with additional middlewares.""" app = request_id.RequestId(app) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list ) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exceptions.InputFileError( file_name=CONF.audit.audit_map_file, reason=e ) if cfg.CONF.api_settings.auth_strategy == constants.KEYSTONE: app = keystone.SkippingAuthProtocol(app, {}) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, cfg.CONF) cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'], allow_methods=['GET', 'PUT', 'POST', 'DELETE'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id'] ) return app
def set_external_opts_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id', 'X-Subject-Token', 'X-Project-Id', 'X-Project-Name', 'X-Project-Domain-Id', 'X-Project-Domain-Name', 'X-Domain-Id', 'X-Domain-Name'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id', 'X-Subject-Token'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'] ) # configure OSprofiler options profiler.set_defaults(CONF, enabled=False, trace_sqlalchemy=False) # Oslo.cache is always enabled by default for request-local caching # TODO(morganfainberg): Fix this to not use internal interface when # oslo.cache has proper interface to set defaults added. This is # just a bad way to do this. opts = cache._opts.list_opts() for opt_list in opts: if opt_list[0] == 'cache': for o in opt_list[1]: if o.name == 'enabled': o.default = True
def _wrap_app(app): """Wraps wsgi app with additional middlewares.""" app = request_id.RequestId(app) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exceptions.InputFileError( file_name=CONF.audit.audit_map_file, reason=e) if cfg.CONF.api_settings.auth_strategy == constants.KEYSTONE: app = keystone.SkippingAuthProtocol(app, {}) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, cfg.CONF) cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'], allow_methods=['GET', 'PUT', 'POST', 'DELETE'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id']) return app
def install(cls, app, auth_app, conf): LOG.debug(u'Installing CORS middleware.') cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC', 'Client-id'], expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH', 'HEAD'] ) return CORSMiddleware(app, auth_app, conf)
def set_external_opts_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-Openstack-Request-Id', 'X-Subject-Token', 'X-Project-Id', 'X-Project-Name', 'X-Project-Domain-Id', 'X-Project-Domain-Name', 'X-Domain-Id', 'X-Domain-Name', 'Openstack-Auth-Receipt' ], expose_headers=[ 'X-Auth-Token', 'X-Openstack-Request-Id', 'X-Subject-Token', 'Openstack-Auth-Receipt' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH']) # configure OSprofiler options profiler.set_defaults(CONF, enabled=False, trace_sqlalchemy=False) # TODO(gmann): Remove setting the default value of config policy_file # once oslo_policy change the default value to 'policy.yaml'. # https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49 DEFAULT_POLICY_FILE = 'policy.yaml' policy_opts.set_defaults(cfg.CONF, DEFAULT_POLICY_FILE) # Oslo.cache is always enabled by default for request-local caching # TODO(morganfainberg): Fix this to not use internal interface when # oslo.cache has proper interface to set defaults added. This is # just a bad way to do this. opts = cache._opts.list_opts() for opt_list in opts: if opt_list[0] == 'cache': for o in opt_list[1]: if o.name == 'enabled': o.default = True
def _wrap_app(app): app = request_id.RequestId(app) if cfg.CONF.auth_strategy == 'noauth': pass elif cfg.CONF.auth_strategy == 'keystone': app = auth_token.AuthProtocol(app, {}) else: raise n_exc.InvalidConfigurationOption( opt_name='auth_strategy', opt_value=cfg.CONF.auth_strategy) # version can be unauthenticated so it goes outside of auth app = versions.Versions(app) # handle cases where neutron-server is behind a proxy app = http_proxy_to_wsgi.HTTPProxyToWSGI(app) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, cfg.CONF) cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC'] ) return app
def setup_app(config=None): app_hooks = [hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook()] app_conf = dict(config.app) app = make_app( app_conf.pop('root'), hooks=app_hooks, force_canonical=getattr(config.app, 'force_canonical', True), wrap_app=middleware.ParsableErrorMiddleware, **app_conf ) if CONF.auth_strategy == "keystone": app = auth_token.AuthTokenMiddleware( app, dict(cfg.CONF), public_api_routes=config.app.acl_public_routes) # Create a CORS wrapper, and attach iotronic-specific defaults that must be # included in all CORS responses. app = IotronicCORS(app, CONF) cors_middleware.set_defaults( allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[base.Version.max_string, base.Version.min_string, base.Version.string] ) return app
def set_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id', 'X-Project-Id', 'X-Identity-Status', 'X-User-Id', 'X-Storage-Token', 'X-Domain-Id', 'X-User-Domain-Id', 'X-Project-Domain-Id', 'X-Roles'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id', 'X-Project-Id', 'X-Identity-Status', 'X-User-Id', 'X-Storage-Token', 'X-Domain-Id', 'X-User-Domain-Id', 'X-Project-Domain-Id', 'X-Roles'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'] )
def setup_app(pecan_config=None, extra_hooks=None): app_hooks = [ hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(pecan_config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook() ] if extra_hooks: app_hooks.extend(extra_hooks) if not pecan_config: pecan_config = get_pecan_config() pecan.configuration.set_config(dict(pecan_config), overwrite=True) app = pecan.make_app( pecan_config.app.root, debug=CONF.pecan_debug, static_root=pecan_config.app.static_root if CONF.pecan_debug else None, force_canonical=getattr(pecan_config.app, 'force_canonical', True), hooks=app_hooks, wrap_app=middleware.ParsableErrorMiddleware, ) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exception.InputFileError(file_name=CONF.audit.audit_map_file, reason=e) if CONF.auth_strategy == "keystone": app = auth_token.AuthTokenMiddleware( app, dict(cfg.CONF), public_api_routes=pecan_config.app.acl_public_routes) # Create a CORS wrapper, and attach ironic-specific defaults that must be # included in all CORS responses. app = cors_middleware.CORS(app, CONF) cors_middleware.set_defaults( allow_headers=[ base.Version.max_string, base.Version.min_string, base.Version.string ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ base.Version.max_string, base.Version.min_string, base.Version.string ]) return app
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', MIN_VERSION_HEADER, MAX_VERSION_HEADER, VERSION_HEADER ], allow_methods=[ 'GET', 'POST', 'PUT', 'HEAD', 'PATCH', 'DELETE', 'OPTIONS' ])
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-Openstack-Request-Id', 'X-Subject-Token' ], expose_headers=[ 'X-Auth-Token', 'X-Openstack-Request-Id', 'X-Subject-Token' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'])
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults( allow_headers=['X-Auth-Token', MIN_VERSION_HEADER, MAX_VERSION_HEADER, VERSION_HEADER], allow_methods=['GET', 'POST', 'PUT', 'HEAD', 'PATCH', 'DELETE', 'OPTIONS'] )
def set_config_defaults(): """This method updates all configuration default values.""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID' ], expose_headers=[ 'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'])
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-Subject-Token', 'X-Roles', 'X-User-Id', 'X-Domain-Id', 'X-Project-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID' ], expose_headers=[ 'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'])
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-Project-Id', 'X-User-Name', 'X-Project-Name' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ 'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-Project-Id', 'X-User-Name', 'X-Project-Name' ])
def setup_app(pecan_config=None, extra_hooks=None): app_hooks = [hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(pecan_config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook()] if extra_hooks: app_hooks.extend(extra_hooks) if not pecan_config: pecan_config = get_pecan_config() pecan.configuration.set_config(dict(pecan_config), overwrite=True) app = pecan.make_app( pecan_config.app.root, debug=CONF.pecan_debug, static_root=pecan_config.app.static_root if CONF.pecan_debug else None, force_canonical=getattr(pecan_config.app, 'force_canonical', True), hooks=app_hooks, wrap_app=middleware.ParsableErrorMiddleware, ) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list ) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exception.InputFileError( file_name=CONF.audit.audit_map_file, reason=e ) if CONF.auth_strategy == "keystone": app = auth_token.AuthTokenMiddleware( app, dict(cfg.CONF), public_api_routes=pecan_config.app.acl_public_routes) # Create a CORS wrapper, and attach ironic-specific defaults that must be # included in all CORS responses. app = IronicCORS(app, CONF) cors_middleware.set_defaults( allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[base.Version.max_string, base.Version.min_string, base.Version.string] ) return app
def set_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-Openstack-Request-Id', 'X-Configuration-Session', 'X-Roles', 'X-User-Id', 'X-Tenant-Id' ], expose_headers=[ 'X-Auth-Token', 'X-Openstack-Request-Id', 'X-Configuration-Session', 'X-Roles', 'X-User-Id', 'X-Tenant-Id' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'])
def set_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-Openstack-Request-Id', 'X-Project-Id', 'X-Identity-Status', 'X-User-Id', 'X-Storage-Token', 'X-Domain-Id', 'X-User-Domain-Id', 'X-Project-Domain-Id', 'X-Roles' ], expose_headers=[ 'X-Auth-Token', 'X-Openstack-Request-Id', 'X-Project-Id', 'X-Identity-Status', 'X-User-Id', 'X-Storage-Token', 'X-Domain-Id', 'X-User-Domain-Id', 'X-Project-Domain-Id', 'X-Roles' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'])
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id', 'X-Subject-Token'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id', 'X-Subject-Token'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'] )
def install(cls, app, auth_app, conf): LOG.debug(u'Installing CORS middleware.') cors.set_defaults( allow_headers=[ 'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC', 'Client-id' ], expose_headers=[ 'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH', 'HEAD']) return CORSMiddleware(app, auth_app, conf)
def set_lib_defaults(): """Update default configuration options for external lib namespace""" cors.set_defaults(allow_headers=[ 'X-Auth-Token', 'X-OpenStack-Request-ID', 'X-Openstack-Manila-Api-Version', 'X-OpenStack-Manila-API-Experimental', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id' ], expose_headers=[ 'X-Auth-Token', 'X-OpenStack-Request-ID', 'X-Openstack-Manila-Api-Version', 'X-OpenStack-Manila-API-Experimental', 'X-Subject-Token', 'X-Service-Token' ], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH']) # Update default value of oslo.policy policy_file config option. policy_opts.set_defaults(CONF, 'policy.yaml')
def _wrap_app(app): """Wraps wsgi app with additional middlewares.""" app = request_id.RequestId(app) if cfg.CONF.api_settings.auth_strategy == constants.KEYSTONE: app = keystone.SkippingAuthProtocol(app, {}) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, cfg.CONF) cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'], allow_methods=['GET', 'PUT', 'POST', 'DELETE'], expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id']) return app
def set_defaults(): """Override all default values from upstream packages""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Auth-Sudo-Tenant-ID', 'X-Auth-Sudo-Project-ID', 'X-Auth-All-Projects', 'X-Designate-Edit-Managed-Records', 'OpenStack-DNS-Hide-Counts'], expose_headers=['X-OpenStack-Request-ID', 'Host'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH', 'HEAD'] )
def set_config_defaults(): """This method updates all configuration default values.""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID'], expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'] )
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Roles', 'X-User-Id', 'X-Domain-Id', 'X-Project-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID'], expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'])
def set_cors_middleware_defaults(): """Update default configuration options for oslo.middleware.""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Project-Id', 'X-OpenStack-Request-ID', 'X-Server-Management-Url'], expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID', 'X-Server-Management-Url'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'])
def _wrap_app(app): app = request_id.RequestId(app) if CONF.api.auth_strategy == 'noauth': pass elif CONF.api.auth_strategy == 'keystone': app = auth_token.AuthProtocol(app, {}) LOG.info("Keystone authentication is enabled") else: raise g_exc.InvalidConfigurationOption( opt_name='auth_strategy', opt_value=CONF.auth_strategy) # dont bother authenticating version # app = versions.Versions(app) # gluon server is behind the proxy app = http_proxy_to_wsgi.HTTPProxyToWSGI(app) # This should be the last middleware in the list (which results in # it being the first in the middleware chain). This is to ensure # that any errors thrown by other middleware, such as an auth # middleware - are annotated with CORS headers, and thus accessible # by the browser. app = cors.CORS(app, CONF) cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token', 'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC'] ) return app
def set_defaults(): """Override all default values from upstream packages""" cors.set_defaults( allow_headers=['X-Auth-Token', 'X-Auth-Sudo-Tenant-ID', 'X-Auth-Sudo-Project-ID', 'X-Auth-All-Projects', 'X-Designate-Edit-Managed-Records', 'OpenStack-DNS-Hide-Counts'], expose_headers=['X-OpenStack-Request-ID', 'Host'], allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH', 'HEAD'] ) # TODO(gmann): Remove setting the default value of config policy_file # once oslo_policy change the default value to 'policy.yaml'. # https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49 DEFAULT_POLICY_FILE = 'policy.yaml' policy_opts.set_defaults(designate.conf.CONF, DEFAULT_POLICY_FILE)
def setup_app(pecan_config=None, extra_hooks=None): app_hooks = [hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(pecan_config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook()] if extra_hooks: app_hooks.extend(extra_hooks) if not pecan_config: pecan_config = get_pecan_config() pecan.configuration.set_config(dict(pecan_config), overwrite=True) app = pecan.make_app( pecan_config.app.root, debug=CONF.pecan_debug, static_root=pecan_config.app.static_root if CONF.pecan_debug else None, force_canonical=getattr(pecan_config.app, 'force_canonical', True), hooks=app_hooks, wrap_app=middleware.ParsableErrorMiddleware, # NOTE(dtantsur): enabling this causes weird issues with nodes named # as if they had a known mime extension, e.g. "mynode.1". We do # simulate the same behaviour for .json extensions for backward # compatibility through JsonExtensionMiddleware. guess_content_type_from_ext=False, ) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list ) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exception.InputFileError( file_name=CONF.audit.audit_map_file, reason=e ) if CONF.auth_strategy == "keystone": app = auth_token.AuthTokenMiddleware( app, {"oslo_config_config": cfg.CONF}, public_api_routes=pecan_config.app.acl_public_routes) if CONF.profiler.enabled: app = osprofiler_web.WsgiMiddleware(app) # add in the healthcheck middleware if enabled # NOTE(jroll) this is after the auth token middleware as we don't want auth # in front of this, and WSGI works from the outside in. Requests to # /healthcheck will be handled and returned before the auth middleware # is reached. if CONF.healthcheck.enabled: app = healthcheck.Healthcheck(app, CONF) # Create a CORS wrapper, and attach ironic-specific defaults that must be # included in all CORS responses. app = IronicCORS(app, CONF) cors_middleware.set_defaults( allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[base.Version.max_string, base.Version.min_string, base.Version.string] ) app = json_ext.JsonExtensionMiddleware(app) return app
def setup_app(pecan_config=None, extra_hooks=None): app_hooks = [ hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(pecan_config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook() ] if extra_hooks: app_hooks.extend(extra_hooks) if not pecan_config: pecan_config = get_pecan_config() pecan.configuration.set_config(dict(pecan_config), overwrite=True) app = pecan.make_app( pecan_config.app.root, debug=CONF.pecan_debug, static_root=pecan_config.app.static_root if CONF.pecan_debug else None, force_canonical=getattr(pecan_config.app, 'force_canonical', True), hooks=app_hooks, wrap_app=middleware.ParsableErrorMiddleware, # NOTE(dtantsur): enabling this causes weird issues with nodes named # as if they had a known mime extension, e.g. "mynode.1". We do # simulate the same behaviour for .json extensions for backward # compatibility through JsonExtensionMiddleware. guess_content_type_from_ext=False, ) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exception.InputFileError(file_name=CONF.audit.audit_map_file, reason=e) auth_middleware = None if CONF.auth_strategy == "keystone": auth_middleware = auth_token.AuthProtocol( app, {"oslo_config_config": cfg.CONF}) elif CONF.auth_strategy == "http_basic": auth_middleware = auth_basic.BasicAuthMiddleware( app, cfg.CONF.http_basic_auth_user_file) if auth_middleware: app = auth_public_routes.AuthPublicRoutes( app, auth=auth_middleware, public_api_routes=pecan_config.app.acl_public_routes) if CONF.profiler.enabled: app = osprofiler_web.WsgiMiddleware(app) # NOTE(pas-ha) this registers oslo_middleware.enable_proxy_headers_parsing # option, when disabled (default) this is noop middleware app = http_proxy_to_wsgi.HTTPProxyToWSGI(app, CONF) # add in the healthcheck middleware if enabled # NOTE(jroll) this is after the auth token middleware as we don't want auth # in front of this, and WSGI works from the outside in. Requests to # /healthcheck will be handled and returned before the auth middleware # is reached. if CONF.healthcheck.enabled: app = healthcheck.Healthcheck(app, CONF) # Create a CORS wrapper, and attach ironic-specific defaults that must be # included in all CORS responses. app = IronicCORS(app, CONF) cors_middleware.set_defaults( allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ base.Version.max_string, base.Version.min_string, base.Version.string ]) app = json_ext.JsonExtensionMiddleware(app) return app
def setup_app(pecan_config=None, extra_hooks=None): app_hooks = [ hooks.ConfigHook(), hooks.DBHook(), hooks.ContextHook(pecan_config.app.acl_public_routes), hooks.RPCHook(), hooks.NoExceptionTracebackHook(), hooks.PublicUrlHook() ] if extra_hooks: app_hooks.extend(extra_hooks) if not pecan_config: pecan_config = get_pecan_config() pecan.configuration.set_config(dict(pecan_config), overwrite=True) app = pecan.make_app( pecan_config.app.root, debug=CONF.pecan_debug, static_root=pecan_config.app.static_root if CONF.pecan_debug else None, force_canonical=getattr(pecan_config.app, 'force_canonical', True), hooks=app_hooks, wrap_app=middleware.ParsableErrorMiddleware, # NOTE(dtantsur): enabling this causes weird issues with nodes named # as if they had a known mime extension, e.g. "mynode.1". We do # simulate the same behaviour for .json extensions for backward # compatibility through JsonExtensionMiddleware. guess_content_type_from_ext=False, ) if CONF.audit.enabled: try: app = audit_middleware.AuditMiddleware( app, audit_map_file=CONF.audit.audit_map_file, ignore_req_list=CONF.audit.ignore_req_list) except (EnvironmentError, OSError, audit_middleware.PycadfAuditApiConfigError) as e: raise exception.InputFileError(file_name=CONF.audit.audit_map_file, reason=e) if CONF.auth_strategy == "keystone": app = auth_token.AuthTokenMiddleware( app, {"oslo_config_config": cfg.CONF}, public_api_routes=pecan_config.app.acl_public_routes) if CONF.profiler.enabled: app = osprofiler_web.WsgiMiddleware(app) # Create a CORS wrapper, and attach ironic-specific defaults that must be # included in all CORS responses. app = IronicCORS(app, CONF) cors_middleware.set_defaults( allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'], expose_headers=[ base.Version.max_string, base.Version.min_string, base.Version.string ]) app = json_ext.JsonExtensionMiddleware(app) return app