def __init__(self, identity_version, name=None, network_resources=None, credentials_domain=None, admin_role=None, identity_uri=None): """A CredentialProvider supplies credentials to test classes. :param identity_version: Identity version of the credentials provided :param name: Name of the calling test. Included in provisioned credentials when credentials are provisioned on the fly :param network_resources: Network resources required for the credentials :param credentials_domain: Domain credentials belong to :param admin_role: Name of the role of the admin account :param identity_uri: Identity URI of the target cloud. This *must* be specified for anything to work. """ self.identity_version = identity_version self.identity_uri = identity_uri self.name = name or "test_creds" self.network_resources = network_resources self.credentials_domain = credentials_domain or 'Default' self.admin_role = admin_role if not auth.is_identity_version_supported(self.identity_version): raise exceptions.InvalidIdentityVersion( identity_version=self.identity_version)
def get_credentials(auth_url, fill_in=True, identity_version='v2', disable_ssl_certificate_validation=None, ca_certs=None, trace_requests=None, http_timeout=None, proxy_url=None, **kwargs): """Builds a credentials object based on the configured auth_version :param auth_url (string): Full URI of the OpenStack Identity API(Keystone) which is used to fetch the token from Identity service. :param fill_in (boolean): obtain a token and fill in all credential details provided by the identity service. When fill_in is not specified, credentials are not validated. Validation can be invoked by invoking ``is_valid()`` :param identity_version (string): identity API version is used to select the matching auth provider and credentials class :param disable_ssl_certificate_validation: whether to enforce SSL certificate validation in SSL API requests to the auth system :param ca_certs: CA certificate bundle for validation of certificates in SSL API requests to the auth system :param trace_requests: trace in log API requests to the auth system :param http_timeout: timeout in seconds to wait for the http request to return :param proxy_url: URL of HTTP(s) proxy used when fill_in is True :param kwargs (dict): Dict of credential key/value pairs Examples: Returns credentials from the provided parameters: >>> get_credentials(username='******', password='******') Returns credentials including IDs: >>> get_credentials(username='******', password='******', fill_in=True) """ if not is_identity_version_supported(identity_version): raise exceptions.InvalidIdentityVersion( identity_version=identity_version) credential_class, auth_provider_class = IDENTITY_VERSION.get( identity_version) creds = credential_class(**kwargs) # Fill in the credentials fields that were not specified if fill_in: dscv = disable_ssl_certificate_validation auth_provider = auth_provider_class( creds, auth_url, disable_ssl_certificate_validation=dscv, ca_certs=ca_certs, trace_requests=trace_requests, http_timeout=http_timeout, proxy_url=proxy_url) creds = auth_provider.fill_credentials() return creds
def _get_common_provider_params(identity_version): if identity_version == 'v3': identity_uri = CONF.identity.uri_v3 elif identity_version == 'v2': identity_uri = CONF.identity.uri else: raise exceptions.InvalidIdentityVersion( identity_version=identity_version) return { 'identity_version': identity_version, 'identity_uri': identity_uri, 'credentials_domain': CONF.auth.default_credentials_domain_name, 'admin_role': CONF.identity.admin_role }