def _authenticate_keystone(self): if self.user_id: creds = {'userId': self.user_id, 'password': self.password} else: creds = {'username': self.username, 'password': self.password} if self.project_id: body = {'auth': {'passwordCredentials': creds, 'tenantId': self.project_id, }, } else: body = {'auth': {'passwordCredentials': creds, 'tenantName': self.project_name, }, } if self.auth_url is None: raise exceptions.NoAuthURLProvided() token_url = self.auth_url + "/tokens" resp, resp_body = self._cs_request(token_url, "POST", body=json.dumps(body), content_type="application/json", allow_redirects=True) if resp.status_code != 200: raise exceptions.Unauthorized(message=resp_body) if resp_body: try: resp_body = json.loads(resp_body) except ValueError: pass else: resp_body = None self._extract_service_catalog(resp_body)
def authenticate(self): if self.auth_strategy != 'keystone': err_msg = _('Unknown auth strategy: %s') % self.auth_strategy raise exceptions.Unauthorized(message=err_msg) if self.tenant_id: body = { 'auth': { 'passwordCredentials': { 'username': self.username, 'password': self.password, }, 'tenantId': self.tenant_id, }, } else: body = { 'auth': { 'passwordCredentials': { 'username': self.username, 'password': self.password, }, 'tenantName': self.tenant_name, }, } if self.auth_url is None: raise exceptions.NoAuthURLProvided() token_url = self.auth_url + "/tokens" # Make sure we follow redirects when trying to reach Keystone tmp_follow_all_redirects = self.follow_all_redirects self.follow_all_redirects = True try: resp, resp_body = self._cs_request(token_url, "POST", body=json.dumps(body), content_type="application/json") finally: self.follow_all_redirects = tmp_follow_all_redirects status_code = self.get_status_code(resp) if status_code != 200: raise exceptions.Unauthorized(message=resp_body) if resp_body: try: resp_body = json.loads(resp_body) except ValueError: pass else: resp_body = None self._extract_service_catalog(resp_body)
def _get_endpoint_url(self): if self.auth_url is None: raise exceptions.NoAuthURLProvided() url = self.auth_url + '/tokens/%s/endpoints' % self.auth_token try: resp, body = self._cs_request(url, "GET") except exceptions.Unauthorized: # rollback to authenticate() to handle case when neutron client # is initialized just before the token is expired self.authenticate() return self.endpoint_url body = json.loads(body) for endpoint in body.get('endpoints', []): if (endpoint['type'] == 'network' and endpoint.get('region') == self.region_name): if self.endpoint_type not in endpoint: raise exceptions.EndpointTypeNotFound( type_=self.endpoint_type) return endpoint[self.endpoint_type] raise exceptions.EndpointNotFound()
def _authenticate(cls, auth_url): """Authenticate against noauth or the Rackspace auth service.""" if cls.auth_strategy == 'noauth': if not cls.endpoint_url: message = ('For "noauth" authentication strategy, the endpoint ' 'must be specified either in the constructor or ' 'using --os-url') raise exceptions.Unauthorized(message=message) else: return None if not auth_url: raise exceptions.NoAuthURLProvided() body = { "auth": { "RAX-KSKEY:apiKeyCredentials": { "username": cls.username, "apiKey": cls.password }, } } token_url = cls.auth_url + "/tokens" resp, resp_body = cls._cs_request(token_url, "POST", body=json.dumps(body), content_type="application/json", allow_redirects=True) if resp_body: try: resp_body = json.loads(resp_body) except ValueError: pass else: resp_body = None return resp_body