def load_app(conf, not_implemented_middleware=True):
global APPCONFIGS
# Build the WSGI app
cfg_path = conf.api.paste_config
if not os.path.isabs(cfg_path):
cfg_path = conf.find_file(cfg_path)
if cfg_path is None or not os.path.exists(cfg_path):
LOG.debug("No api-paste configuration file found! Using default.")
cfg_path = os.path.abspath(
pkg_resources.resource_filename(__name__, "api-paste.ini"))
config = dict(conf=conf,
not_implemented_middleware=not_implemented_middleware)
configkey = str(uuid.uuid4())
APPCONFIGS[configkey] = config
LOG.info("WSGI config used: %s", cfg_path)
appname = "gnocchi+" + conf.api.auth_mode
app = deploy.loadapp("config:" + cfg_path,
name=appname,
global_conf={'configkey': configkey})
return cors.CORS(app, conf=conf)
def setup_app(config=None):
if not config:
config = get_pecan_config()
q_config.set_config_defaults()
app_conf = dict(config.app)
db_api.setup_db()
if cfg.CONF.api.enable_job_handler:
LOG.info('Starting periodic tasks...')
periodics.start_job_handler()
app = pecan.make_app(
app_conf.pop('root'),
hooks=lambda: [ctx.ContextHook(), ctx.AuthHook()],
logging=getattr(config, 'logging', {}),
**app_conf)
# Set up access control.
app = access_control.setup(app)
# Create HTTPProxyToWSGI wrapper
app = http_proxy_to_wsgi_middleware.HTTPProxyToWSGI(app, cfg.CONF)
# Create a CORS wrapper, and attach mistral-specific defaults that must be
# included in all CORS responses.
return cors_middleware.CORS(app, cfg.CONF)
def setup_app(config=None):
if not config:
config = get_pecan_config()
app_conf = dict(config.app)
app = pecan.make_app(
app_conf.pop('root'),
logging=getattr(config, 'logging', {}),
wrap_app=middleware.ParsableErrorMiddleware,
**app_conf
)
app = auth.install(app, CONF, config.app.acl_public_routes)
# CORS must be the last one.
app = cors.CORS(app, CONF)
app.set_latent(
allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles',
'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id',
'X-OpenStack-Request-ID', 'X-Server-Management-Url'],
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token',
'X-OpenStack-Request-ID', 'X-Server-Management-Url']
)
return app
def load_app(conf, indexer=None, storage=None, incoming=None,
not_implemented_middleware=True):
global APPCONFIGS
# NOTE(sileht): We load config, storage and indexer,
# so all
if not storage:
storage = gnocchi_storage.get_driver(conf)
if not incoming:
incoming = gnocchi_incoming.get_driver(conf)
if not indexer:
indexer = gnocchi_indexer.get_driver(conf)
# Build the WSGI app
cfg_path = conf.api.paste_config
if not os.path.isabs(cfg_path):
cfg_path = conf.find_file(cfg_path)
if cfg_path is None or not os.path.exists(cfg_path):
LOG.debug("No api-paste configuration file found! Using default.")
cfg_path = os.path.abspath(pkg_resources.resource_filename(
__name__, "api-paste.ini"))
config = dict(conf=conf, indexer=indexer, storage=storage,
incoming=incoming,
not_implemented_middleware=not_implemented_middleware)
configkey = str(uuid.uuid4())
APPCONFIGS[configkey] = config
LOG.info("WSGI config used: %s", cfg_path)
appname = "gnocchi+" + conf.api.auth_mode
app = deploy.loadapp("config:" + cfg_path, name=appname,
global_conf={'configkey': configkey})
return cors.CORS(app, conf=conf)
def initialize_application(name, post_log_configured_function=lambda: None):
common.configure()
# Log the options used when starting if we're in debug mode...
if CONF.debug:
CONF.log_opt_values(logging.getLogger(CONF.prog), logging.DEBUG)
environment.use_stdlib()
post_log_configured_function()
def loadapp():
return keystone_service.loadapp(
'config:%s' % config.find_paste_config(), name)
_unused, application = common.setup_backends(
startup_application_fn=loadapp)
# Create a CORS wrapper, and attach keystone-specific defaults that must be
# included in all CORS responses
application = cors.CORS(application, CONF)
application.set_latent(
allow_headers=KEYSTONE_HEADERS,
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=KEYSTONE_HEADERS)
return application
def setup_app(config=None):
if not config:
config = get_pecan_config()
m_config.set_config_defaults()
app_conf = dict(config.app)
db_api_v2.setup_db()
if not app_conf.pop('disable_cron_trigger_thread', False):
periodic.setup()
coordination.Service('api_group').register_membership()
app = pecan.make_app(
app_conf.pop('root'),
hooks=lambda: [ctx.ContextHook(), ctx.AuthHook()],
logging=getattr(config, 'logging', {}),
**app_conf)
# Set up access control.
app = access_control.setup(app)
# Set up profiler.
if cfg.CONF.profiler.enabled:
app = osprofiler.web.WsgiMiddleware(
app,
hmac_keys=cfg.CONF.profiler.hmac_keys,
enabled=cfg.CONF.profiler.enabled)
# Create a CORS wrapper, and attach mistral-specific defaults that must be
# included in all CORS responses.
return cors_middleware.CORS(app, cfg.CONF)
def setup_app(pecan_config=None, extra_hooks=None):
policy.init()
app_hooks = [
hooks.ConfigHook(),
#hooks.DBHook(),
hooks.ContextHook(pecan_config.app.acl_public_routes),
#hooks.RPCHook(),
#hooks.NoExceptionTracebackHook()
]
if extra_hooks:
app_hooks.extend(extra_hooks)
if not pecan_config:
pecan_config = get_pecan_config()
pecan.configuration.set_config(dict(pecan_config), overwrite=True)
app = pecan.make_app(
pecan_config.app.root,
static_root=pecan_config.app.static_root,
debug=cfg.CONF.api.pecan_debug,
force_canonical=getattr(pecan_config.app, 'force_canonical', True),
hooks=app_hooks,
wrap_app=middleware.ParsableErrorMiddleware,
)
if pecan_config.app.enable_acl:
app = acl.install(app, cfg.CONF, pecan_config.app.acl_public_routes)
# Create a CORS wrapper, and attach ironic-specific defaults that must be
# included in all CORS responses.
app = cors_middleware.CORS(app, cfg.CONF)
return app
def _wrap_app(app):
"""Wraps wsgi app with additional middlewares."""
app = request_id.RequestId(app)
if CONF.audit.enabled:
try:
app = audit_middleware.AuditMiddleware(
app,
audit_map_file=CONF.audit.audit_map_file,
ignore_req_list=CONF.audit.ignore_req_list)
except (EnvironmentError, OSError,
audit_middleware.PycadfAuditApiConfigError) as e:
raise exceptions.InputFileError(
file_name=CONF.audit.audit_map_file, reason=e)
if cfg.CONF.api_settings.auth_strategy == constants.KEYSTONE:
app = keystone.SkippingAuthProtocol(app, {})
# This should be the last middleware in the list (which results in
# it being the first in the middleware chain). This is to ensure
# that any errors thrown by other middleware, such as an auth
# middleware - are annotated with CORS headers, and thus accessible
# by the browser.
app = cors.CORS(app, cfg.CONF)
cors.set_defaults(
allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'],
allow_methods=['GET', 'PUT', 'POST', 'DELETE'],
expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id'])
return app
def _wrap_app(app):
app = request_id.RequestId(app)
if cfg.CONF.auth_strategy == 'noauth':
pass
elif cfg.CONF.auth_strategy == 'keystone':
app = auth_token.AuthProtocol(app, {})
else:
raise n_exc.InvalidConfigurationOption(
opt_name='auth_strategy', opt_value=cfg.CONF.auth_strategy)
# version can be unauthenticated so it goes outside of auth
app = versions.Versions(app)
# This should be the last middleware in the list (which results in
# it being the first in the middleware chain). This is to ensure
# that any errors thrown by other middleware, such as an auth
# middleware - are annotated with CORS headers, and thus accessible
# by the browser.
app = cors.CORS(app, cfg.CONF)
app.set_latent(allow_headers=[
'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog',
'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info',
'X-Trace-HMAC'
],
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=[
'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token',
'X-OpenStack-Request-ID', 'X-Trace-Info', 'X-Trace-HMAC'
])
return app
def setup_app(pecan_config=None, extra_hooks=None):
app_hooks = [
hooks.ConfigHook(),
hooks.DBHook(),
hooks.ContextHook(pecan_config.app.acl_public_routes),
hooks.RPCHook(),
hooks.NoExceptionTracebackHook(),
hooks.PublicUrlHook()
]
if extra_hooks:
app_hooks.extend(extra_hooks)
if not pecan_config:
pecan_config = get_pecan_config()
pecan.configuration.set_config(dict(pecan_config), overwrite=True)
app = pecan.make_app(
pecan_config.app.root,
debug=CONF.pecan_debug,
static_root=pecan_config.app.static_root if CONF.pecan_debug else None,
force_canonical=getattr(pecan_config.app, 'force_canonical', True),
hooks=app_hooks,
wrap_app=middleware.ParsableErrorMiddleware,
)
if CONF.audit.enabled:
try:
app = audit_middleware.AuditMiddleware(
app,
audit_map_file=CONF.audit.audit_map_file,
ignore_req_list=CONF.audit.ignore_req_list)
except (EnvironmentError, OSError,
audit_middleware.PycadfAuditApiConfigError) as e:
raise exception.InputFileError(file_name=CONF.audit.audit_map_file,
reason=e)
if CONF.auth_strategy == "keystone":
app = auth_token.AuthTokenMiddleware(
app,
dict(cfg.CONF),
public_api_routes=pecan_config.app.acl_public_routes)
# Create a CORS wrapper, and attach ironic-specific defaults that must be
# included in all CORS responses.
app = cors_middleware.CORS(app, CONF)
cors_middleware.set_defaults(
allow_headers=[
base.Version.max_string, base.Version.min_string,
base.Version.string
],
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=[
base.Version.max_string, base.Version.min_string,
base.Version.string
])
return app
def add_cors_middleware(app):
"""Create a CORS wrapper
Attach ironic-inspector-specific defaults that must be included
in all CORS responses.
:param app: application
"""
app.wsgi_app = cors_middleware.CORS(app.wsgi_app, CONF)
def setUp(self):
super(CORSTestLatentProperties, self).setUp()
# Set up the config fixture.
config = self.useFixture(fixture.Config(cfg.CONF))
config.load_raw_values(group='cors',
allowed_origin='http://default.example.com',
allow_credentials='True',
max_age='',
expose_headers='X-Configured',
allow_methods='GET',
allow_headers='X-Configured')
# Now that the config is set up, create our application.
self.application = cors.CORS(test_application, cfg.CONF)
def _wrap_app(app):
"""Wraps wsgi app with additional middlewares."""
app = request_id.RequestId(app)
if cfg.CONF.auth_strategy == constants.KEYSTONE:
app = auth_token.AuthProtocol(app, {})
# This should be the last middleware in the list (which results in
# it being the first in the middleware chain). This is to ensure
# that any errors thrown by other middleware, such as an auth
# middleware - are annotated with CORS headers, and thus accessible
# by the browser.
app = cors.CORS(app, cfg.CONF)
app.set_latent(allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'],
allow_methods=['GET', 'PUT', 'POST', 'DELETE'],
expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id'])
return app
def setup_app(pecan_config=None, extra_hooks=None):
app_hooks = [
hooks.ConfigHook(),
hooks.DBHook(),
hooks.ContextHook(pecan_config.app.acl_public_routes),
hooks.RPCHook(),
hooks.NoExceptionTracebackHook(),
hooks.PublicUrlHook()
]
if extra_hooks:
app_hooks.extend(extra_hooks)
if not pecan_config:
pecan_config = get_pecan_config()
if pecan_config.app.enable_acl:
app_hooks.append(hooks.TrustedCallHook())
pecan.configuration.set_config(dict(pecan_config), overwrite=True)
app = pecan.make_app(
pecan_config.app.root,
static_root=pecan_config.app.static_root,
debug=CONF.pecan_debug,
force_canonical=getattr(pecan_config.app, 'force_canonical', True),
hooks=app_hooks,
wrap_app=middleware.ParsableErrorMiddleware,
)
if pecan_config.app.enable_acl:
app = acl.install(app, cfg.CONF, pecan_config.app.acl_public_routes)
# Create a CORS wrapper, and attach ironic-specific defaults that must be
# included in all CORS responses.
app = cors_middleware.CORS(app, CONF)
app.set_latent(
allow_headers=[Version.max_string, Version.min_string, Version.string],
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=[
Version.max_string, Version.min_string, Version.string
])
# Insert the proxy support middleware to generate decent application links.
app = proxy_middleware.HTTPProxyToWSGI(app, CONF)
return app
def load_app(conf,
indexer=None,
storage=None,
incoming=None,
coord=None,
not_implemented_middleware=True):
global APPCONFIGS
if not storage:
if not coord:
# NOTE(jd) This coordinator is never stop. I don't think it's a
# real problem since the Web app can never really be stopped
# anyway, except by quitting it entirely.
coord = metricd.get_coordinator_and_start(conf.coordination_url)
storage = gnocchi_storage.get_driver(conf, coord)
if not incoming:
incoming = gnocchi_incoming.get_driver(conf)
if not indexer:
indexer = gnocchi_indexer.get_driver(conf)
# Build the WSGI app
cfg_path = conf.api.paste_config
if not os.path.isabs(cfg_path):
cfg_path = conf.find_file(cfg_path)
if cfg_path is None or not os.path.exists(cfg_path):
LOG.debug("No api-paste configuration file found! Using default.")
cfg_path = os.path.abspath(
pkg_resources.resource_filename(__name__, "api-paste.ini"))
config = dict(conf=conf,
indexer=indexer,
storage=storage,
incoming=incoming,
not_implemented_middleware=not_implemented_middleware)
configkey = str(uuid.uuid4())
APPCONFIGS[configkey] = config
LOG.info("WSGI config used: %s", cfg_path)
appname = "gnocchi+" + conf.api.auth_mode
app = deploy.loadapp("config:" + cfg_path,
name=appname,
global_conf={'configkey': configkey})
return cors.CORS(app, conf=conf)
def setup_app(config=None):
if not config:
config = get_pecan_config()
app_conf = dict(config.app)
app = pecan.make_app(app_conf.pop('root'),
logging=getattr(config, 'logging', {}),
**app_conf)
app = auth.install(app, CONF)
# Create a CORS wrapper, and attach solum-specific defaults that must be
# supported on all CORS responses.
app = cors_middleware.CORS(app, CONF)
return app
def setup_app(config=None):
if not config:
config = get_pecan_config()
m_config.set_config_defaults()
app_conf = dict(config.app)
db_api_v2.setup_db()
# TODO(rakhmerov): Why do we run cron triggers in the API layer?
# Should we move it to engine?s
if cfg.CONF.cron_trigger.enabled:
periodic.setup()
coordination.Service('api_group').register_membership()
app = pecan.make_app(
app_conf.pop('root'),
hooks=lambda: [ctx.AuthHook(), ctx.ContextHook()],
logging=getattr(config, 'logging', {}),
**app_conf)
# Set up access control.
app = access_control.setup(app)
# TODO(rakhmerov): need to get rid of this call.
# Set up RPC related flags in config
rpc.get_transport()
# Set up profiler.
if cfg.CONF.profiler.enabled:
app = osprofiler.web.WsgiMiddleware(
app,
hmac_keys=cfg.CONF.profiler.hmac_keys,
enabled=cfg.CONF.profiler.enabled)
# Create HTTPProxyToWSGI wrapper
app = http_proxy_to_wsgi_middleware.HTTPProxyToWSGI(app, cfg.CONF)
# Create a CORS wrapper, and attach mistral-specific defaults that must be
# included in all CORS responses.
return cors_middleware.CORS(app, cfg.CONF)
def setup_app(config=None):
app_hooks = [
hooks.ConfigHook(),
hooks.DBHook(),
hooks.ContextHook(config.app.acl_public_routes),
hooks.RPCHook(),
hooks.NoExceptionTracebackHook(),
hooks.PublicUrlHook()
]
app_conf = dict(config.app)
app = make_app(app_conf.pop('root'),
hooks=app_hooks,
force_canonical=getattr(config.app, 'force_canonical',
True),
wrap_app=middleware.ParsableErrorMiddleware,
**app_conf)
if CONF.auth_strategy == "keystone":
app = auth_token.AuthTokenMiddleware(
app,
dict(cfg.CONF),
public_api_routes=config.app.acl_public_routes)
# Create a CORS wrapper, and attach iotronic-specific defaults that must be
# included in all CORS responses.
app = cors_middleware.CORS(app, CONF)
cors_middleware.set_defaults(
allow_headers=[
base.Version.max_string, base.Version.min_string,
base.Version.string
],
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=[
base.Version.max_string, base.Version.min_string,
base.Version.string
])
return app
def _wrap_app(app):
app = request_id.RequestId(app)
if cfg.CONF.auth_strategy == 'noauth':
pass
elif cfg.CONF.auth_strategy == 'keystone':
app = auth_token.AuthProtocol(app, {})
else:
raise n_exc.InvalidConfigurationOption(
opt_name='auth_strategy', opt_value=cfg.CONF.auth_strategy)
# This should be the last middleware in the list (which results in
# it being the first in the middleware chain). This is to ensure
# that any errors thrown by other middleware, such as an auth
# middleware - are annotated with CORS headers, and thus accessible
# by the browser.
app = cors.CORS(app, cfg.CONF)
app.set_latent(allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'],
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id'])
return app
def _wrap_app(app):
app = request_id.RequestId(app)
if CONF.api.auth_strategy == 'noauth':
pass
elif CONF.api.auth_strategy == 'keystone':
app = auth_token.AuthProtocol(app, {})
LOG.info("Keystone authentication is enabled")
else:
raise g_exc.InvalidConfigurationOption(opt_name='auth_strategy',
opt_value=CONF.auth_strategy)
# dont bother authenticating version
# app = versions.Versions(app)
# gluon server is behind the proxy
app = http_proxy_to_wsgi.HTTPProxyToWSGI(app)
# This should be the last middleware in the list (which results in
# it being the first in the middleware chain). This is to ensure
# that any errors thrown by other middleware, such as an auth
# middleware - are annotated with CORS headers, and thus accessible
# by the browser.
app = cors.CORS(app, CONF)
cors.set_defaults(allow_headers=[
'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog',
'X-User-Id', 'X-Tenant-Id', 'X-OpenStack-Request-ID', 'X-Trace-Info',
'X-Trace-HMAC'
],
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=[
'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token',
'X-OpenStack-Request-ID', 'X-Trace-Info',
'X-Trace-HMAC'
])
return app
def setUp(self):
"""Setup the tests."""
super(CORSRegularRequestTest, self).setUp()
# Set up the config fixture.
config = self.useFixture(fixture.Config(cfg.CONF))
config.load_raw_values(group='cors',
allowed_origin='http://valid.example.com',
allow_credentials='False',
max_age='',
expose_headers='',
allow_methods='GET',
allow_headers='')
config.load_raw_values(group='cors.credentials',
allowed_origin='http://creds.example.com',
allow_credentials='True')
config.load_raw_values(group='cors.exposed-headers',
allowed_origin='http://headers.example.com',
expose_headers='X-Header-1,X-Header-2',
allow_headers='X-Header-1,X-Header-2')
config.load_raw_values(group='cors.cached',
allowed_origin='http://cached.example.com',
max_age='3600')
config.load_raw_values(group='cors.get-only',
allowed_origin='http://get.example.com',
allow_methods='GET')
config.load_raw_values(group='cors.all-methods',
allowed_origin='http://all.example.com',
allow_methods='GET,PUT,POST,DELETE,HEAD')
# Now that the config is set up, create our application.
self.application = cors.CORS(test_application, cfg.CONF)
def setup_app(config=None):
if not config:
config = get_pecan_config()
app_conf = dict(config.app)
db_api_v2.setup_db()
periodic.setup()
coordination.Service('api_group').register_membership()
app = pecan.make_app(
app_conf.pop('root'),
hooks=lambda: [ctx.ContextHook(), ctx.AuthHook()],
logging=getattr(config, 'logging', {}),
**app_conf)
# Set up access control.
app = access_control.setup(app)
# Create a CORS wrapper, and attach mistral-specific defaults that must be
# included in all CORS responses.
app = cors_middleware.CORS(app, cfg.CONF)
app.set_latent(allow_headers=[
'X-Auth-Token', 'X-Identity-Status', 'X-Roles', 'X-Service-Catalog',
'X-User-Id', 'X-Tenant-Id'
'X-Project-Id', 'X-User-Name', 'X-Project-Name'
],
allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
expose_headers=[
'X-Auth-Token', 'X-Subject-Token', 'X-Service-Token',
'X-Project-Id', 'X-User-Name', 'X-Project-Name'
])
return app
def app_factory(global_config, **local_conf):
global APPCONFIGS
appconfig = APPCONFIGS.get(global_config.get('configkey'))
app = _setup_app(root=local_conf.get('root'), **appconfig)
return cors.CORS(app, conf=appconfig['conf'])
def __init__(self, app, auth_app, conf):
self._app = cors.CORS(app, conf)
# We don't auth here. It's just used for keeping consistence.
self._auth_app = auth_app
