def validate_token(self, request, token_id): """ Creates a new session for the given tenant_id and token_id and always returns response code 200. Docs: http://developer.openstack.org/api-ref-identity-admin-v2.html#admin-validateToken # noqa """ request.setResponseCode(200) session = None # Attempt to get the session based on tenant_id+token if the optional # tenant_id is provided; if tenant_id is not provided, then just look # it up based on the token. tenant_id = request.args.get(b'belongsTo') if tenant_id is not None: tenant_id = tenant_id[0].decode("utf-8") session = self.core.sessions.session_for_tenant_id( tenant_id, token_id) else: session = self.core.sessions.session_for_token( token_id ) response = get_token( session.tenant_id, response_token=session.token, response_user_id=session.user_id, response_user_name=session.username, ) if session.impersonator_session_for_token(token_id) is not None: impersonator_session = session.impersonator_session_for_token(token_id) response["access"]["RAX-AUTH:impersonator"] = impersonator_user_role( impersonator_session.user_id, impersonator_session.username) if token_id in get_presets["identity"]["token_fail_to_auth"]: request.setResponseCode(401) return json.dumps({'itemNotFound': {'code': 401, 'message': 'Invalid auth token'}}) imp_token = get_presets["identity"]["maas_admin_roles"] racker_token = get_presets["identity"]["racker_token"] if token_id in imp_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "123", "name": "monitoring:service-admin"}, {"id": "234", "name": "object-store:admin"}]} if token_id in racker_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "9", "name": "Racker"}]} if tenant_id in get_presets["identity"]["observer_role"]: response["access"]["user"]["roles"] = [ {"id": "observer", "description": "Global Observer Role.", "name": "observer"}] if tenant_id in get_presets["identity"]["creator_role"]: response["access"]["user"]["roles"] = [ {"id": "creator", "description": "Global Creator Role.", "name": "creator"}] if tenant_id in get_presets["identity"]["admin_role"]: response["access"]["user"]["roles"] = [ {"id": "admin", "description": "Global Admin Role.", "name": "admin"}, {"id": "observer", "description": "Global Observer Role.", "name": "observer"}] # Canned responses to be removed ... if token_id in get_presets["identity"]["non_dedicated_observer"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "id": "12", "name": "OneTwo", "roles": [{"id": "1", "name": "monitoring:observer", "description": "Monitoring Observer"}] } if token_id in get_presets["identity"]["non_dedicated_admin"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "id": "34", "name": "ThreeFour", "roles": [{"id": "1", "name": "monitoring:admin", "description": "Monitoring Admin"}, {"id": "2", "name": "admin", "description": "Admin"}] } if token_id in get_presets["identity"]["non_dedicated_impersonator"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "id": "34", "name": "ThreeFour", "roles": [{"id": "1", "name": "identity:nobody", "description": "Nobody"}] } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "1", "name": "monitoring:service-admin"}, {"id": "2", "name": "object-store:admin"}] } if token_id in get_presets["identity"]["non_dedicated_racker"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "id": "34", "name": "ThreeFour", "roles": [{"id": "1", "name": "identity:nobody", "description": "Nobody"}] } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "1", "name": "Racker"}] } if token_id in get_presets["identity"]["dedicated_full_device_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "12", "name": "HybridOneTwo", "roles": [{"id": "1", "name": "monitoring:observer", "tenantId": "hybrid:123456"}], "RAX-AUTH:contactId": "12" } if token_id in get_presets["identity"]["dedicated_account_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "34", "name": "HybridThreeFour", "roles": [{"id": "1", "name": "monitoring:creator", "description": "Monitoring Creator"}, {"id": "2", "name": "creator", "description": "Creator"}], "RAX-AUTH:contactId": "34" } if token_id in get_presets["identity"]["dedicated_limited_device_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "56", "name": "HybridFiveSix", "roles": [{"id": "1", "name": "monitoring:observer", "description": "Monitoring Observer"}, {"id": "2", "name": "observer", "description": "Observer"}], "RAX-AUTH:contactId": "56" } if token_id in get_presets["identity"]["dedicated_racker"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "12", "name": "HybridOneTwo", "roles": [{"id": "1", "name": "identity:nobody", "description": "Nobody"}], "RAX-AUTH:contactId": "12" } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "1", "name": "Racker"}] } if token_id in get_presets["identity"]["dedicated_impersonator"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "34", "name": "HybridThreeFour", "roles": [{"id": "1", "name": "identity:nobody", "description": "Nobody"}], "RAX-AUTH:contactId": "34" } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "1", "name": "monitoring:service-admin"}] } if token_id in get_presets["identity"]["dedicated_non_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "78", "name": "HybridSevenEight", "roles": [{"id": "1", "name": "identity:user-admin", "description": "User admin"}], "RAX-AUTH:contactId": "78" } if token_id in get_presets["identity"]["dedicated_quasi_user_impersonator"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "90", "name": "HybridNineZero", "roles": [{"id": "1", "name": "identity:user-admin", "description": "Admin"}, {"id": "3", "name": "hybridRole", "description": "Hybrid Admin", "tenantId": "hybrid:123456"}] } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "1", "name": "monitoring:service-admin"}] } return json.dumps(response)
def validate_token(self, request, token_id): """ Creates a new session for the given tenant_id and token_id and always returns response code 200. Docs: http://developer.openstack.org/api-ref-identity-v2.html#admin-tokens """ request.setResponseCode(200) tenant_id = request.args.get('belongsTo') if tenant_id is not None: tenant_id = tenant_id[0] session = self.core.sessions.session_for_tenant_id(tenant_id, token_id) response = get_token( session.tenant_id, response_token=session.token, response_user_id=session.user_id, response_user_name=session.username, ) if session.impersonator_session_for_token(token_id) is not None: impersonator_session = session.impersonator_session_for_token(token_id) response["access"]["RAX-AUTH:impersonator"] = impersonator_user_role( impersonator_session.user_id, impersonator_session.username) if token_id in get_presets["identity"]["token_fail_to_auth"]: request.setResponseCode(401) return json.dumps({'itemNotFound': {'code': 401, 'message': 'Invalid auth token'}}) imp_token = get_presets["identity"]["maas_admin_roles"] racker_token = get_presets["identity"]["racker_token"] if token_id in imp_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "123", "name": "monitoring:service-admin"}, {"id": "234", "name": "object-store:admin"}]} if token_id in racker_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "9", "name": "Racker"}]} if tenant_id in get_presets["identity"]["observer_role"]: response["access"]["user"]["roles"] = [ {"id": "observer", "description": "Global Observer Role.", "name": "observer"}] if tenant_id in get_presets["identity"]["creator_role"]: response["access"]["user"]["roles"] = [ {"id": "creator", "description": "Global Creator Role.", "name": "creator"}] if tenant_id in get_presets["identity"]["admin_role"]: response["access"]["user"]["roles"] = [ {"id": "admin", "description": "Global Admin Role.", "name": "admin"}, {"id": "observer", "description": "Global Observer Role.", "name": "observer"}] return json.dumps(response)
def validate_token(self, request, token_id): """ Creates a new session for the given tenant_id and token_id and always returns response code 200. Docs: http://developer.openstack.org/api-ref-identity-v2.html#admin-tokens """ request.setResponseCode(200) tenant_id = request.args.get("belongsTo") if tenant_id is not None: tenant_id = tenant_id[0] session = self.core.sessions.session_for_tenant_id(tenant_id, token_id) response = get_token( session.tenant_id, response_token=session.token, response_user_id=session.user_id, response_user_name=session.username, ) if session.impersonator_session_for_token(token_id) is not None: impersonator_session = session.impersonator_session_for_token(token_id) response["access"]["RAX-AUTH:impersonator"] = impersonator_user_role( impersonator_session.user_id, impersonator_session.username ) if token_id in get_presets["identity"]["token_fail_to_auth"]: request.setResponseCode(401) return json.dumps({"itemNotFound": {"code": 401, "message": "Invalid auth token"}}) imp_token = get_presets["identity"]["maas_admin_roles"] racker_token = get_presets["identity"]["racker_token"] if token_id in imp_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [ {"id": "123", "name": "monitoring:service-admin"}, {"id": "234", "name": "object-store:admin"}, ], } if token_id in racker_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{"id": "9", "name": "Racker"}], } if tenant_id in get_presets["identity"]["observer_role"]: response["access"]["user"]["roles"] = [ {"id": "observer", "description": "Global Observer Role.", "name": "observer"} ] if tenant_id in get_presets["identity"]["creator_role"]: response["access"]["user"]["roles"] = [ {"id": "creator", "description": "Global Creator Role.", "name": "creator"} ] if tenant_id in get_presets["identity"]["admin_role"]: response["access"]["user"]["roles"] = [ {"id": "admin", "description": "Global Admin Role.", "name": "admin"}, {"id": "observer", "description": "Global Observer Role.", "name": "observer"}, ] if token_id in get_presets["identity"]["non_dedicated_observer"]: response["access"]["token"]["tenant"] = {"id": "135790", "name": "135790"} response["access"]["user"] = { "name": "OneTwo", "roles": [{"id": "1", "name": "monitoring:observer", "description": "Monitoring Observer"}], } if token_id in get_presets["identity"]["non_dedicated_admin"]: response["access"]["token"]["tenant"] = {"id": "135790", "name": "135790"} response["access"]["user"] = { "name": "ThreeFour", "roles": [ {"id": "1", "name": "monitoring:admin", "description": "Monitoring Admin"}, {"id": "2", "name": "admin", "description": "Admin"}, ], } if token_id in get_presets["identity"]["dedicated_full_device_permission_holder"]: response["access"]["token"]["tenant"] = {"id": "hybrid:123456", "name": "hybrid:123456"} response["access"]["user"] = { "id": "12", "name": "HybridOneTwo", "roles": [ {"id": "1", "name": "monitoring:observer", "description": "Monitoring Observer"}, {"id": "3", "name": "hybridRole", "description": "Hybrid Admin", "tenantId": "hybrid:123456"}, ], "RAX-AUTH:contactId": "12", } if token_id in get_presets["identity"]["dedicated_account_permission_holder"]: response["access"]["token"]["tenant"] = {"id": "hybrid:123456", "name": "hybrid:123456"} response["access"]["user"] = { "id": "34", "name": "HybridThreeFour", "roles": [ {"id": "1", "name": "monitoring:creator", "description": "Monitoring Creator"}, {"id": "2", "name": "creator", "description": "Creator"}, ], "RAX-AUTH:contactId": "34", } if token_id in get_presets["identity"]["dedicated_limited_device_permission_holder"]: response["access"]["token"]["tenant"] = {"id": "hybrid:123456", "name": "hybrid:123456"} response["access"]["user"] = { "id": "56", "name": "HybridFiveSix", "roles": [ {"id": "1", "name": "monitoring:observer", "description": "Monitoring Observer"}, {"id": "2", "name": "observer", "description": "Observer"}, ], "RAX-AUTH:contactId": "56", } if token_id in get_presets["identity"]["dedicated_other_account_observer"]: response["access"]["token"]["tenant"] = {"id": "hybrid:654321", "name": "hybrid:654321"} response["access"]["user"] = { "id": "78", "name": "HybridSevenEight", "roles": [ {"id": "1", "name": "monitoring:observer", "description": "Observer"}, {"id": "2", "name": "observer", "description": "Observer"}, ], "RAX-AUTH:contactId": "78", } if token_id in get_presets["identity"]["dedicated_other_account_admin"]: response["access"]["token"]["tenant"] = {"id": "hybrid:654321", "name": "hybrid:654321"} response["access"]["user"] = { "id": "90", "name": "HybridNineZero", "roles": [ {"id": "1", "name": "monitoring:admin", "description": "Admin"}, {"id": "2", "name": "admin", "description": "Admin"}, ], "RAX-AUTH:contactId": "90", } return json.dumps(response)
def validate_token(self, request, token_id): """ Creates a new session for the given tenant_id and token_id and always returns response code 200. `OpenStack Identity v2 Admin Validate Token <http://developer.openstack.org/api-ref-identity-admin-v2.html#admin-validateToken>`_ """ request.setResponseCode(200) session = None # Attempt to get the session based on tenant_id+token if the optional # tenant_id is provided; if tenant_id is not provided, then just look # it up based on the token. tenant_id = request.args.get(b'belongsTo') if tenant_id is not None: tenant_id = tenant_id[0].decode("utf-8") session = self.core.sessions.session_for_tenant_id( tenant_id, token_id) else: session = self.core.sessions.session_for_token(token_id) response = get_token( session.tenant_id, response_token=session.token, response_user_id=session.user_id, response_user_name=session.username, ) if session.impersonator_session_for_token(token_id) is not None: impersonator_session = session.impersonator_session_for_token( token_id) response["access"][ "RAX-AUTH:impersonator"] = impersonator_user_role( impersonator_session.user_id, impersonator_session.username) if token_id in get_presets["identity"]["token_fail_to_auth"]: # This is returning a 401 Unauthorized message but in a 404 not_found # JSON data format. Is there a reason for this? An old OpenStack bug? request.setResponseCode(401) return json.dumps({ 'itemNotFound': { 'code': 401, 'message': 'Invalid auth token' } }) imp_token = get_presets["identity"]["maas_admin_roles"] racker_token = get_presets["identity"]["racker_token"] if token_id in imp_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "123", "name": "monitoring:service-admin" }, { "id": "234", "name": "object-store:admin" }] } if token_id in racker_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "9", "name": "Racker" }] } if tenant_id in get_presets["identity"]["observer_role"]: response["access"]["user"]["roles"] = [{ "id": "observer", "description": "Global Observer Role.", "name": "observer" }] if tenant_id in get_presets["identity"]["creator_role"]: response["access"]["user"]["roles"] = [{ "id": "creator", "description": "Global Creator Role.", "name": "creator" }] if tenant_id in get_presets["identity"]["admin_role"]: response["access"]["user"]["roles"] = [{ "id": "admin", "description": "Global Admin Role.", "name": "admin" }, { "id": "observer", "description": "Global Observer Role.", "name": "observer" }] # Canned responses to be removed ... if token_id in get_presets["identity"]["non_dedicated_observer"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "id": "12", "name": "OneTwo", "roles": [{ "id": "1", "name": "monitoring:observer", "description": "Monitoring Observer" }] } if token_id in get_presets["identity"]["non_dedicated_admin"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "id": "34", "name": "ThreeFour", "roles": [{ "id": "1", "name": "monitoring:admin", "description": "Monitoring Admin" }, { "id": "2", "name": "admin", "description": "Admin" }] } if token_id in get_presets["identity"]["non_dedicated_impersonator"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "id": "34", "name": "ThreeFour", "roles": [{ "id": "1", "name": "identity:nobody", "description": "Nobody" }] } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "1", "name": "monitoring:service-admin" }, { "id": "2", "name": "object-store:admin" }] } if token_id in get_presets["identity"]["non_dedicated_racker"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "id": "34", "name": "ThreeFour", "roles": [{ "id": "1", "name": "identity:nobody", "description": "Nobody" }] } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "1", "name": "Racker" }] } if token_id in get_presets["identity"][ "dedicated_full_device_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "12", "name": "HybridOneTwo", "roles": [{ "id": "1", "name": "monitoring:observer", "tenantId": "hybrid:123456" }], "RAX-AUTH:contactId": "12" } if token_id in get_presets["identity"][ "dedicated_account_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "34", "name": "HybridThreeFour", "roles": [{ "id": "1", "name": "monitoring:creator", "description": "Monitoring Creator" }, { "id": "2", "name": "creator", "description": "Creator" }], "RAX-AUTH:contactId": "34" } if token_id in get_presets["identity"][ "dedicated_limited_device_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "56", "name": "HybridFiveSix", "roles": [{ "id": "1", "name": "monitoring:observer", "description": "Monitoring Observer" }, { "id": "2", "name": "observer", "description": "Observer" }], "RAX-AUTH:contactId": "56" } if token_id in get_presets["identity"]["dedicated_racker"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "12", "name": "HybridOneTwo", "roles": [{ "id": "1", "name": "identity:nobody", "description": "Nobody" }], "RAX-AUTH:contactId": "12" } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "1", "name": "Racker" }] } if token_id in get_presets["identity"]["dedicated_impersonator"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "34", "name": "HybridThreeFour", "roles": [{ "id": "1", "name": "identity:nobody", "description": "Nobody" }], "RAX-AUTH:contactId": "34" } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "1", "name": "monitoring:service-admin" }] } if token_id in get_presets["identity"][ "dedicated_non_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "78", "name": "HybridSevenEight", "roles": [{ "id": "1", "name": "identity:user-admin", "description": "User admin" }], "RAX-AUTH:contactId": "78" } if token_id in get_presets["identity"][ "dedicated_quasi_user_impersonator"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "90", "name": "HybridNineZero", "roles": [{ "id": "1", "name": "identity:user-admin", "description": "Admin" }, { "id": "3", "name": "hybridRole", "description": "Hybrid Admin", "tenantId": "hybrid:123456" }] } response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "1", "name": "monitoring:service-admin" }] } return json.dumps(response)
def validate_token(self, request, token_id): """ Creates a new session for the given tenant_id and token_id and always returns response code 200. Docs: http://developer.openstack.org/api-ref-identity-v2.html#admin-tokens """ request.setResponseCode(200) tenant_id = request.args.get('belongsTo') if tenant_id is not None: tenant_id = tenant_id[0] session = self.core.sessions.session_for_tenant_id(tenant_id, token_id) response = get_token( session.tenant_id, response_token=session.token, response_user_id=session.user_id, response_user_name=session.username, ) if session.impersonator_session_for_token(token_id) is not None: impersonator_session = session.impersonator_session_for_token( token_id) response["access"][ "RAX-AUTH:impersonator"] = impersonator_user_role( impersonator_session.user_id, impersonator_session.username) if token_id in get_presets["identity"]["token_fail_to_auth"]: request.setResponseCode(401) return json.dumps({ 'itemNotFound': { 'code': 401, 'message': 'Invalid auth token' } }) imp_token = get_presets["identity"]["maas_admin_roles"] racker_token = get_presets["identity"]["racker_token"] if token_id in imp_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "123", "name": "monitoring:service-admin" }, { "id": "234", "name": "object-store:admin" }] } if token_id in racker_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "9", "name": "Racker" }] } if tenant_id in get_presets["identity"]["observer_role"]: response["access"]["user"]["roles"] = [{ "id": "observer", "description": "Global Observer Role.", "name": "observer" }] if tenant_id in get_presets["identity"]["creator_role"]: response["access"]["user"]["roles"] = [{ "id": "creator", "description": "Global Creator Role.", "name": "creator" }] if tenant_id in get_presets["identity"]["admin_role"]: response["access"]["user"]["roles"] = [{ "id": "admin", "description": "Global Admin Role.", "name": "admin" }, { "id": "observer", "description": "Global Observer Role.", "name": "observer" }] return json.dumps(response)
def validate_token(self, request, token_id): """ Creates a new session for the given tenant_id and token_id and always returns response code 200. Docs: http://developer.openstack.org/api-ref-identity-v2.html#admin-tokens """ request.setResponseCode(200) tenant_id = request.args.get('belongsTo') if tenant_id is not None: tenant_id = tenant_id[0] session = self.core.sessions.session_for_tenant_id(tenant_id, token_id) response = get_token( session.tenant_id, response_token=session.token, response_user_id=session.user_id, response_user_name=session.username, ) if session.impersonator_session_for_token(token_id) is not None: impersonator_session = session.impersonator_session_for_token( token_id) response["access"][ "RAX-AUTH:impersonator"] = impersonator_user_role( impersonator_session.user_id, impersonator_session.username) if token_id in get_presets["identity"]["token_fail_to_auth"]: request.setResponseCode(401) return json.dumps({ 'itemNotFound': { 'code': 401, 'message': 'Invalid auth token' } }) imp_token = get_presets["identity"]["maas_admin_roles"] racker_token = get_presets["identity"]["racker_token"] if token_id in imp_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "123", "name": "monitoring:service-admin" }, { "id": "234", "name": "object-store:admin" }] } if token_id in racker_token: response["access"]["RAX-AUTH:impersonator"] = { "id": response["access"]["user"]["id"], "name": response["access"]["user"]["name"], "roles": [{ "id": "9", "name": "Racker" }] } if tenant_id in get_presets["identity"]["observer_role"]: response["access"]["user"]["roles"] = [{ "id": "observer", "description": "Global Observer Role.", "name": "observer" }] if tenant_id in get_presets["identity"]["creator_role"]: response["access"]["user"]["roles"] = [{ "id": "creator", "description": "Global Creator Role.", "name": "creator" }] if tenant_id in get_presets["identity"]["admin_role"]: response["access"]["user"]["roles"] = [{ "id": "admin", "description": "Global Admin Role.", "name": "admin" }, { "id": "observer", "description": "Global Observer Role.", "name": "observer" }] if token_id in get_presets["identity"]["non_dedicated_observer"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "name": "OneTwo", "roles": [{ "id": "1", "name": "monitoring:observer", "description": "Monitoring Observer" }] } if token_id in get_presets["identity"]["non_dedicated_admin"]: response["access"]["token"]["tenant"] = { "id": "135790", "name": "135790", } response["access"]["user"] = { "name": "ThreeFour", "roles": [{ "id": "1", "name": "monitoring:admin", "description": "Monitoring Admin" }, { "id": "2", "name": "admin", "description": "Admin" }] } if token_id in get_presets["identity"][ "dedicated_full_device_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "12", "name": "HybridOneTwo", "roles": [{ "id": "1", "name": "monitoring:observer", "description": "Monitoring Observer" }, { "id": "3", "name": "hybridRole", "description": "Hybrid Admin", "tenantId": "hybrid:123456" }], "RAX-AUTH:contactId": "12" } if token_id in get_presets["identity"][ "dedicated_account_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "34", "name": "HybridThreeFour", "roles": [{ "id": "1", "name": "monitoring:creator", "description": "Monitoring Creator" }, { "id": "2", "name": "creator", "description": "Creator" }], "RAX-AUTH:contactId": "34" } if token_id in get_presets["identity"][ "dedicated_limited_device_permission_holder"]: response["access"]["token"]["tenant"] = { "id": "hybrid:123456", "name": "hybrid:123456", } response["access"]["user"] = { "id": "56", "name": "HybridFiveSix", "roles": [{ "id": "1", "name": "monitoring:observer", "description": "Monitoring Observer" }, { "id": "2", "name": "observer", "description": "Observer" }], "RAX-AUTH:contactId": "56" } if token_id in get_presets["identity"][ "dedicated_other_account_observer"]: response["access"]["token"]["tenant"] = { "id": "hybrid:654321", "name": "hybrid:654321", } response["access"]["user"] = { "id": "78", "name": "HybridSevenEight", "roles": [{ "id": "1", "name": "monitoring:observer", "description": "Observer" }, { "id": "2", "name": "observer", "description": "Observer" }], "RAX-AUTH:contactId": "78" } if token_id in get_presets["identity"][ "dedicated_other_account_admin"]: response["access"]["token"]["tenant"] = { "id": "hybrid:654321", "name": "hybrid:654321", } response["access"]["user"] = { "id": "90", "name": "HybridNineZero", "roles": [{ "id": "1", "name": "monitoring:admin", "description": "Admin" }, { "id": "2", "name": "admin", "description": "Admin" }], "RAX-AUTH:contactId": "90" } return json.dumps(response)