def test_token_credential_with_context(self): token_value = 'ec9799cd921e4e0a8ab6111c08ebf065' ctxt = context.RequestContext(auth_token=token_value) self.config_fixture.config(auth_type='token', group='key_manager') token_context = utils.credential_factory(conf=CONF, context=ctxt) token_context_class = token_context.__class__.__name__ self.assertEqual('Token', token_context_class) self.assertEqual(token_value, token_context.token)
def test_keystone_token_credential(self): token_value = 'ec9799cd921e4e0a8ab6111c08ebf065' self.config_fixture.config(auth_type='keystone_token', token=token_value, group='key_manager') ks_token_context = utils.credential_factory(conf=CONF) ks_token_context_class = ks_token_context.__class__.__name__ self.assertEqual('KeystoneToken', ks_token_context_class) self.assertEqual(token_value, ks_token_context.token)
def test_password_credential(self): password_value = 'p4ssw0rd' self.config_fixture.config(auth_type='password', password=password_value, group='key_manager') password_context = utils.credential_factory(conf=CONF) password_context_class = password_context.__class__.__name__ self.assertEqual('Password', password_context_class) self.assertEqual(password_value, password_context.password)
def test_oslo_context_to_keystone_token(self): auth_token_value = '16bd612f28ec479b8ffe8e124fc37b43' tenant_value = '00c6ef5ad2984af2acd7d42c299935c0' ctxt = context.RequestContext(auth_token=auth_token_value, tenant=tenant_value) ks_token_context = utils.credential_factory(context=ctxt) ks_token_context_class = ks_token_context.__class__.__name__ self.assertEqual('KeystoneToken', ks_token_context_class) self.assertEqual(auth_token_value, ks_token_context.token) self.assertEqual(tenant_value, ks_token_context.project_id)
def test_password_credential(self): password_value = 'p4ssw0rd' self.config_fixture.config( auth_type='password', password=password_value, group='key_manager' ) password_context = utils.credential_factory(conf=CONF) password_context_class = password_context.__class__.__name__ self.assertEqual('Password', password_context_class) self.assertEqual(password_value, password_context.password)
def test_token_credential_with_context(self): token_value = 'ec9799cd921e4e0a8ab6111c08ebf065' ctxt = context.RequestContext(auth_token=token_value) self.config_fixture.config( auth_type='token', group='key_manager' ) token_context = utils.credential_factory(conf=CONF, context=ctxt) token_context_class = token_context.__class__.__name__ self.assertEqual('Token', token_context_class) self.assertEqual(token_value, token_context.token)
def test_oslo_context_to_keystone_token(self): auth_token_value = '16bd612f28ec479b8ffe8e124fc37b43' tenant_value = '00c6ef5ad2984af2acd7d42c299935c0' ctxt = context.RequestContext( auth_token=auth_token_value, tenant=tenant_value) ks_token_context = utils.credential_factory(context=ctxt) ks_token_context_class = ks_token_context.__class__.__name__ self.assertEqual('KeystoneToken', ks_token_context_class) self.assertEqual(auth_token_value, ks_token_context.token) self.assertEqual(tenant_value, ks_token_context.project_id)
def test_keystone_token_credential(self): token_value = 'ec9799cd921e4e0a8ab6111c08ebf065' self.config_fixture.config( auth_type='keystone_token', token=token_value, group='key_manager' ) ks_token_context = utils.credential_factory(conf=CONF) ks_token_context_class = ks_token_context.__class__.__name__ self.assertEqual('KeystoneToken', ks_token_context_class) self.assertEqual(token_value, ks_token_context.token)
def decrypt_data(value): manager = key_manager.API() try: context = castellan_utils.credential_factory(conf=cfg.CONF) except castellan_exception.AuthTypeInvalidError as e: LOG.exception(e) LOG.error("Castellan must be correctly configured in order to use " "decryptData()") raise try: data = manager.get(context, value).get_encoded() except castellan_exception.KeyManagerError as e: LOG.exception(e) raise return data
set_castellan_defaults(GCONF) else: LOG.debug("Using Tatu as key manager.") set_castellan_defaults(GCONF, api_class='tatu.castellano.TatuKeyManager') global_config_files = ['/etc/tatu/tatu.conf'] if CONF.tatu.use_pat_bastions: from dragonflow import conf as dragonflow_cfg from dragonflow.db import api_nb global_files.append('/etc/neutron/dragonflow.ini') GCONF(args=[], default_config_files=global_config_files) auth = v3.Password(auth_url=CONF.tatu.auth_url, user_id=CONF.tatu.user_id, password=CONF.tatu.password, project_id=CONF.tatu.project_id) session = keystone_session.Session(auth=auth) KEYSTONE = keystone_client.Client(session=session) NOVA = nova_client.Client('2', session=session) NEUTRON = neutron_client.Client(session=session) DESIGNATE = designate_client.Client(session=session) DRAGONFLOW = None if CONF.tatu.use_pat_bastions: dragonflow_cfg.CONF.set_override('enable_df_pub_sub', False, group='df') DRAGONFLOW = api_nb.NbApi.get_instance(False) # Create a context for use by Castellan CONTEXT = castellan_utils.credential_factory(conf=CONF)