def get_session_info(output=False):
session = get_session(output=True)
print("=== Session Information ===")
print("Domain :", session.auth.project_domain_name)
print("Project ID :", session.get_project_id())
print("User ID :", session.get_user_id())
print("Raw Token :", session.get_token())
return {}
def _get_credsmgr_client(context=None):
region_name = CONF.keystone_authtoken.region_name
if context:
token = context.auth_token
sc = service_catalog.ServiceCatalogV2(context.service_catalog)
credsmgr_endpoint = sc.url_for(service_type='credsmgr',
region_name=region_name)
else:
session = get_admin_session(CONF)
token = session.get_token()
credsmgr_endpoint = session.get_endpoint(service_type='credsmgr',
region_name=region_name)
return Client(credsmgr_endpoint, token=token)
def _get_swift_client(self, client_class, **kwargs):
auth_args = self.get_auth_args()
auth_version = self.get_api_version('identity')
session = self.get_session()
token = session.get_token()
endpoint = self.get_session_endpoint(service_key='object-store')
if not endpoint:
return None
# If we have a username/password, we want to pass them to
# swift - because otherwise it will not re-up tokens appropriately
# However, if we only have non-password auth, then get a token
# and pass it in
swift_kwargs = dict(
auth_version=auth_version,
preauthurl=endpoint,
preauthtoken=token,
os_options=dict(
region_name=self.get_region_name(),
auth_token=token,
object_storage_url=endpoint,
service_type=self.get_service_type('object-store'),
endpoint_type=self.get_interface('object-store'),
))
if self.config['api_timeout'] is not None:
swift_kwargs['timeout'] = float(self.config['api_timeout'])
# create with password
swift_kwargs['user'] = auth_args.get('username')
swift_kwargs['key'] = auth_args.get('password')
swift_kwargs['authurl'] = auth_args.get('auth_url')
os_options = {}
if auth_version == '2.0':
os_options['tenant_name'] = auth_args.get('project_name')
os_options['tenant_id'] = auth_args.get('project_id')
else:
os_options['project_name'] = auth_args.get('project_name')
os_options['project_id'] = auth_args.get('project_id')
for key in (
'user_id',
'project_domain_id',
'project_domain_name',
'user_domain_id',
'user_domain_name'):
os_options[key] = auth_args.get(key)
swift_kwargs['os_options'].update(os_options)
return client_class(**swift_kwargs)
def _get_swift_client(self, client_class, **kwargs):
session = self.get_session()
token = session.get_token()
endpoint = self.get_session_endpoint(service_key='object-store')
if not endpoint:
return None
return client_class(
preauthurl=endpoint,
preauthtoken=token,
auth_version=self.get_api_version('identity'),
os_options=dict(
auth_token=token,
object_storage_url=endpoint,
region_name=self.get_region_name()),
timeout=self.api_timeout,
)
def _get_swift_client(self, client_class, **kwargs):
session = self.get_session()
token = session.get_token()
endpoint = self.get_session_endpoint(service_key='object-store')
if not endpoint:
return None
swift_kwargs = dict(
preauthurl=endpoint,
preauthtoken=token,
auth_version=self.get_api_version('identity'),
os_options=dict(
auth_token=token,
object_storage_url=endpoint,
region_name=self.get_region_name()),
)
if self.config['api_timeout'] is not None:
swift_kwargs['timeout'] = float(self.config['api_timeout'])
return client_class(**swift_kwargs)
def _get_swift_client(self, client_class, **kwargs):
auth_args = self.get_auth_args()
auth_version = self.get_api_version('identity')
session = self.get_session()
token = session.get_token()
endpoint = self.get_session_endpoint(service_key='object-store')
if not endpoint:
return None
# If we have a username/password, we want to pass them to
# swift - because otherwise it will not re-up tokens appropriately
# However, if we only have non-password auth, then get a token
# and pass it in
swift_kwargs = dict(
auth_version=auth_version,
preauthurl=endpoint,
preauthtoken=token,
os_options=dict(
region_name=self.get_region_name(),
auth_token=token,
object_storage_url=endpoint,
service_type=self.get_service_type('object-store'),
endpoint_type=self.get_interface('object-store'),
))
if self.config['api_timeout'] is not None:
swift_kwargs['timeout'] = float(self.config['api_timeout'])
# create with password
swift_kwargs['user'] = auth_args.get('username')
swift_kwargs['key'] = auth_args.get('password')
swift_kwargs['authurl'] = auth_args.get('auth_url')
os_options = {}
if auth_version == '2.0':
os_options['tenant_name'] = auth_args.get('project_name')
os_options['tenant_id'] = auth_args.get('project_id')
else:
os_options['project_name'] = auth_args.get('project_name')
os_options['project_id'] = auth_args.get('project_id')
for key in ('user_id', 'project_domain_id', 'project_domain_name',
'user_domain_id', 'user_domain_name'):
os_options[key] = auth_args.get(key)
swift_kwargs['os_options'].update(os_options)
return client_class(**swift_kwargs)
def get_heat_handle(cred, project=None):
project_name = project if project else cred['project']
print 'keystone ' + project_name + ':' + cred['auth-url']
session = keystoneauth1.session.Session(
auth=keystoneauth1.identity.v3.Password(
auth_url=cred['auth-url'],
username=cred['user'],
password=cred['passwd'],
project_name=project_name,
user_domain_name=cred['user-domain'],
project_domain_name=cred['project-domain']),
verify=False)
print 'Connecting to heat'
return heatclient.client.Client(1,
session.get_endpoint(
auth=session.auth,
service_type='orchestration',
interface='public'),
token=session.get_token(),
insecure=True)
def authenticate():
auth_url = '{PROTO}://{HOST}:{IDENTITY_PORT}/v2.0'.format(**CONNECTION)
auth = v2.Password(auth_url=auth_url,
username=USERNAME,
password=PASSWORD,
tenant_name=TENANT,
)
return session.Session(auth=auth)
if __name__ == '__main__':
session = authenticate()
keystone = client.Client(session=session)
print(' TOKEN: {0}'.format(session.get_token()))
print('-SERVICE CATALOG-')
for service in keystone.services.list():
print('--')
print("NAME: {0}".format(service.name))
print("TYPE: {0}".format(service.type))
# keystone.projects.list()
# glance_service = keystone.services.create(name="glance",
# service_type="image",
# description="OpenStack Image Service")
# tenant = [t for t in keystone.tenants.list() if t.name=='demo'][0]
import logging
from keystoneauth1 import session
from keystoneauth1.identity import v3
from get_env import * # Get envs var.
LOG = logging.getLogger(__name__)
try:
auth = v3.Password(auth_url=OS_AUTH_URL,
user_domain_name=OS_USER_DOMAIN_NAME,
username=OS_USERNAME,
password=OS_PASSWORD,
project_domain_name=OS_PROJECT_DOMAIN_NAME,
project_name=OS_PROJECT_NAME)
session = session.Session(auth=auth)
TOKEN = session.get_token()
LOG.info('Get token: %s', TOKEN)
PROJECT_ID = session.get_project_id()
LOG.info('Get project id: %s', PROJECT_ID)
except Exception as e:
LOG.exception('Get authentication failed because %s', e)
