def test_service_catalog_regions(self): sc = service_catalog.ServiceCatalog(SERVICE_CATALOG['access'], region_name="North") url = sc.url_for(service_type='image', endpoint_type='publicURL') self.assertEquals(url, "https://image.north.host/v1/") sc = service_catalog.ServiceCatalog(SERVICE_CATALOG['access'], region_name="South") url = sc.url_for(service_type='image', endpoint_type='internalURL') self.assertEquals(url, "https://image-internal.south.host/v1/")
def _extract_service_catalog(self, url, body): """ Set the client's service catalog from the response data. """ self.service_catalog = service_catalog.ServiceCatalog(body) try: sc = self.service_catalog.get_token() self.auth_token = sc['id'] # Save these since we have them and they'll be useful later self.auth_tenant_id = sc.get('tenant_id') self.auth_user_id = sc.get('user_id') except KeyError: raise exceptions.AuthorizationFailure() # FIXME(ja): we should be lazy about setting managment_url. # in fact we should rewrite the client to support the service # catalog (api calls should be directable to any endpoints) try: self.management_url = self.service_catalog.url_for( attr='region', filter_value=self.region_name, endpoint_type='adminURL') except exceptions.EmptyCatalog: # Unscoped tokens don't return a service catalog; # allow those to pass while any other errors bubble up. pass except exceptions.EndpointNotFound: # the client shouldn't expect the authenticating user to # be authorized to view adminURL's, nor expect the identity # endpoint to publish one pass
def token_create_scoped(request, tenant, token): ''' Creates a scoped token using the tenant id and unscoped token; retrieves the service catalog for the given tenant. ''' if hasattr(request, '_keystone'): del request._keystone c = keystoneclient(request, tenant_id=tenant, token_id=token, endpoint=_get_endpoint_url(request, 'internalURL')) raw_token = c.tokens.authenticate(tenant_id=tenant, token=token, return_raw=True) c.service_catalog = service_catalog.ServiceCatalog(raw_token) if request.user.is_admin(): c.management_url = c.service_catalog.url_for(service_type='identity', endpoint_type='adminURL') else: endpoint_type = getattr(settings, 'OPENSTACK_ENDPOINT_TYPE', 'internalURL') c.management_url = c.service_catalog.url_for( service_type='identity', endpoint_type=endpoint_type) scoped_token = tokens.Token(tokens.TokenManager, raw_token) return scoped_token
def _extract_service_catalog(self, url, body): """ Set the client's service catalog from the response data. """ self.service_catalog = service_catalog.ServiceCatalog(body) try: sc = self.service_catalog.get_token() self.auth_token = sc['id'] # Save these since we have them and they'll be useful later # NOTE(termie): these used to be in the token and then were removed # ... why? self.auth_tenant_id = sc.get('tenant_id') self.auth_user_id = sc.get('user_id') except KeyError: raise exceptions.AuthorizationFailure() # FIXME(ja): we should be lazy about setting managment_url. # in fact we should rewrite the client to support the service # catalog (api calls should be directable to any endpoints) try: self.management_url = self.service_catalog.url_for( attr='region', filter_value=self.region_name, endpoint_type='adminURL') except: # Unscoped tokens don't return a service catalog _logger.exception("unable to retrieve service catalog with token")
def test_service_catalog_endpoints(self): sc = service_catalog.ServiceCatalog(SERVICE_CATALOG['access']) public_ep = sc.get_endpoints(service_type='compute', endpoint_type='publicURL') self.assertEquals(public_ep['compute'][1]['tenantId'], '2') self.assertEquals(public_ep['compute'][1]['versionId'], '1.1') self.assertEquals(public_ep['compute'][1]['internalURL'], "https://compute.north.host/v1.1/3456")
def _extract_service_catalog(self, url, body): """ Set the client's service catalog from the response data. """ self.service_catalog = service_catalog.ServiceCatalog(body) try: sc = self.service_catalog.get_token() # Save these since we have them and they'll be useful later self.auth_tenant_id = sc.get('tenant_id') self.auth_user_id = sc.get('user_id') except KeyError: raise exceptions.AuthorizationFailure()
def test_token(self): sc = service_catalog.ServiceCatalog(SERVICE_CATALOG['access']) self.assertEquals(sc.get_token(), { 'id': 'ab48a9efdfedb23ty3494', 'tenant_id': '345', 'user_id': '123', 'expires': '2010-11-01T03:32:15-05:00'}) self.assertEquals(sc.catalog['token']['expires'], "2010-11-01T03:32:15-05:00") self.assertEquals(sc.catalog['token']['tenant']['id'], '345')
def test_building_a_service_catalog(self): sc = service_catalog.ServiceCatalog(SERVICE_CATALOG['access']) self.assertEquals(sc.url_for(service_type='compute'), "https://compute.north.host/v1/1234") self.assertEquals(sc.url_for('tenantId', '1', service_type='compute'), "https://compute.north.host/v1/1234") self.assertEquals(sc.url_for('tenantId', '2', service_type='compute'), "https://compute.north.host/v1.1/3456") self.assertRaises(exceptions.EndpointNotFound, sc.url_for, "region", "South", service_type='compute')
def _extract_service_catalog(self, url, body): """ Set the client's service catalog from the response data. """ self.service_catalog = service_catalog.ServiceCatalog(body) try: self.auth_token = self.service_catalog.get_token() except KeyError: raise exceptions.AuthorizationFailure() if self.project_id: # Unscoped tokens don't return a service catalog self.management_url = self.service_catalog.url_for( attr='region', filter_value=self.region_name) return self.service_catalog
def _extract_service_catalog(self, url, body): """ Set the client's service catalog from the response data. """ self.service_catalog = service_catalog.ServiceCatalog(body) try: self.auth_token = self.service_catalog.get_token() except KeyError: raise exceptions.AuthorizationFailure() # FIXME(ja): we should be lazy about setting managment_url. # in fact we should rewrite the client to support the service # catalog (api calls should be directable to any endpoints) try: self.management_url = self.service_catalog.url_for( attr='region', filter_value=self.region_name, endpoint_type='adminURL') except: # Unscoped tokens don't return a service catalog _logger.exception("unable to retrieve service catalog with token")
def token_create_scoped(request, tenant, token): ''' Creates a scoped token using the tenant id and unscoped token; retrieves the service catalog for the given tenant. ''' if hasattr(request, '_keystone'): del request._keystone c = keystoneclient(request, tenant_id=tenant, token_id=token, endpoint=settings.OPENSTACK_KEYSTONE_URL) raw_token = c.tokens.authenticate(tenant=tenant, token=token, return_raw=True) c.service_catalog = service_catalog.ServiceCatalog(raw_token) if request.user.is_admin(): c.management_url = c.service_catalog.url_for(service_type='identity', endpoint_type='adminURL') else: c.management_url = c.service_catalog.url_for(service_type='identity', endpoint_type='publicURL') scoped_token = tokens.Token(tokens.TokenManager, raw_token) return Token(scoped_token)
def novaclient(cred): if cred.get("token", None) and cred.get("tenant_id", None): token = cred["token"] tenant_id = cred["tenant_id"] else: # Create scoped token for admin. unscoped_token = token_create(cred['username'], cred['password']) tenants = tenant_list_for_token(unscoped_token.id) tenant_id = tenants[0].id token = token_create(cred['username'], cred['password'], tenant_id) # Get service catalog catalog = service_catalog.ServiceCatalog(token) s_catalog = catalog.catalog.serviceCatalog management_url = url_for(s_catalog, 'compute') c = nova_client.Client(cred['username'], token.id, tenant_id, management_url) c.client.auth_token = token.id c.client.management_url = management_url return c
def __init__(self, *args, **kwargs): super(AccessInfo, self).__init__(*args, **kwargs) self.service_catalog = service_catalog.ServiceCatalog( resource_dict=self, region_name=self.get('region_name'))