def _conf_values_type_convert(conf): """Convert conf values into correct type.""" if not conf: return {} opt_types = {} for o in (_OPTS + _auth.AuthTokenPlugin.get_options()): type_dest = (getattr(o, 'type', str), o.dest) opt_types[o.dest] = type_dest # Also add the deprecated name with the same type and dest. for d_o in o.deprecated_opts: opt_types[d_o.name] = type_dest opts = {} for k, v in six.iteritems(conf): dest = k try: if v is not None: type_, dest = opt_types[k] v = type_(v) except KeyError: # This option is not known to auth_token. pass except ValueError as e: raise exc.ConfigurationError( _('Unable to convert the value of %(key)s option into correct ' 'type: %(ex)s') % { 'key': k, 'ex': e }) opts[dest] = v return opts
def __init__(self, log, security_strategy, secret_key, **kwargs): super(SecureTokenCache, self).__init__(log, **kwargs) security_strategy = security_strategy.upper() if security_strategy not in ('MAC', 'ENCRYPT'): msg = _('memcache_security_strategy must be ENCRYPT or MAC') raise exc.ConfigurationError(msg) if not secret_key: msg = _('memcache_secret_key must be defined when a ' 'memcache_security_strategy is defined') raise exc.ConfigurationError(msg) if isinstance(security_strategy, six.string_types): security_strategy = security_strategy.encode('utf-8') if isinstance(secret_key, six.string_types): secret_key = secret_key.encode('utf-8') self._security_strategy = security_strategy self._secret_key = secret_key
def _verify_signing_dir(self): if os.path.isdir(self._directory_name): if not os.access(self._directory_name, os.W_OK): raise exc.ConfigurationError( _('unable to access signing_dir %s') % self._directory_name) uid = os.getuid() if os.stat(self._directory_name).st_uid != uid: self._log.warning(_LW('signing_dir is not owned by %s'), uid) current_mode = stat.S_IMODE(os.stat(self._directory_name).st_mode) if current_mode != stat.S_IRWXU: self._log.warning( _LW('signing_dir mode is %(mode)s instead of %(need)s'), {'mode': oct(current_mode), 'need': oct(stat.S_IRWXU)}) else: os.makedirs(self._directory_name, stat.S_IRWXU)