Пример #1
0
def get_auth(token_details):
    if token_details['auth_type'] == 'api_key':
        return SoftLayer.BasicAuthentication(token_details['username'],
                                             token_details['api_key'])
    elif token_details['auth_type'] == 'token':
        return SoftLayer.TokenAuthentication(token_details['user_id'],
                                             token_details['api_key'])

    return None
Пример #2
0
    def authenticate(self, creds):
        username = utils.lookup(creds, 'auth', 'passwordCredentials',
                                'username')
        credential = utils.lookup(creds, 'auth', 'passwordCredentials',
                                  'password')
        token_id = utils.lookup(creds, 'auth', 'token', 'id')
        token_driver = identity.token_driver()
        token_auth = None
        if token_id:
            token = identity.token_id_driver().token_from_id(token_id)
            token_driver.validate_token(token)
            username = token_driver.username(token)
            credential = token_driver.credential(token)
            token_auth = token['auth_type'] == 'token'

        def assert_tenant(user):
            tenant = (utils.lookup(creds, 'auth', 'tenantId')
                      or utils.lookup(creds, 'auth', 'tenantName'))
            if tenant and str(user['accountId']) != tenant:
                raise exceptions.Unauthorized(
                    'Invalid username, password or tenant id')

        endpoint = config.PARSER.get('softlayer', 'endpoint')
        proxy = config.PARSER.get('softlayer', 'proxy')
        # If the 'password' is the right length, treat it as an API api_key
        if len(credential) == 64:
            client = SoftLayer.Client(username=username,
                                      api_key=credential,
                                      endpoint_url=endpoint,
                                      proxy=proxy)
            user = client['Account'].getCurrentUser(mask=USER_MASK)
            assert_tenant(user)
            return {
                'user': user,
                'credential': credential,
                'auth_type': 'api_key'
            }

        else:
            client = SoftLayer.Client(endpoint_url=endpoint, proxy=proxy)
            client.auth = None
            try:
                if token_auth:
                    client.auth = SoftLayer.TokenAuthentication(
                        token['user_id'], credential)
                else:
                    userId, tokenHash = (client.authenticate_with_password(
                        username, credential))

                user = client['Account'].getCurrentUser(mask=USER_MASK)
                assert_tenant(user)

                if token_auth:
                    tokenHash = credential

                return {
                    'user': user,
                    'credential': tokenHash,
                    'auth_type': 'token'
                }
            except SoftLayer.SoftLayerAPIError as e:
                if (e.faultCode == "SoftLayer_Exception_User_Customer"
                        "_LoginFailed"):
                    raise exceptions.Unauthorized(e.faultString)
                raise