def get_auth(token_details): if token_details['auth_type'] == 'api_key': return SoftLayer.BasicAuthentication(token_details['username'], token_details['api_key']) elif token_details['auth_type'] == 'token': return SoftLayer.TokenAuthentication(token_details['user_id'], token_details['api_key']) return None
def authenticate(self, creds): username = utils.lookup(creds, 'auth', 'passwordCredentials', 'username') credential = utils.lookup(creds, 'auth', 'passwordCredentials', 'password') token_id = utils.lookup(creds, 'auth', 'token', 'id') token_driver = identity.token_driver() token_auth = None if token_id: token = identity.token_id_driver().token_from_id(token_id) token_driver.validate_token(token) username = token_driver.username(token) credential = token_driver.credential(token) token_auth = token['auth_type'] == 'token' def assert_tenant(user): tenant = (utils.lookup(creds, 'auth', 'tenantId') or utils.lookup(creds, 'auth', 'tenantName')) if tenant and str(user['accountId']) != tenant: raise exceptions.Unauthorized( 'Invalid username, password or tenant id') endpoint = config.PARSER.get('softlayer', 'endpoint') proxy = config.PARSER.get('softlayer', 'proxy') # If the 'password' is the right length, treat it as an API api_key if len(credential) == 64: client = SoftLayer.Client(username=username, api_key=credential, endpoint_url=endpoint, proxy=proxy) user = client['Account'].getCurrentUser(mask=USER_MASK) assert_tenant(user) return { 'user': user, 'credential': credential, 'auth_type': 'api_key' } else: client = SoftLayer.Client(endpoint_url=endpoint, proxy=proxy) client.auth = None try: if token_auth: client.auth = SoftLayer.TokenAuthentication( token['user_id'], credential) else: userId, tokenHash = (client.authenticate_with_password( username, credential)) user = client['Account'].getCurrentUser(mask=USER_MASK) assert_tenant(user) if token_auth: tokenHash = credential return { 'user': user, 'credential': tokenHash, 'auth_type': 'token' } except SoftLayer.SoftLayerAPIError as e: if (e.faultCode == "SoftLayer_Exception_User_Customer" "_LoginFailed"): raise exceptions.Unauthorized(e.faultString) raise