def _client(username, password=None, token=None, tenant_name=None, tenant_id=None, trust_id=None, domain_name=None): if trust_id and not CONF.use_identity_api_v3: raise Exception("Trusts aren't implemented in keystone api" " less than v3") auth_url = base.retrieve_auth_url( endpoint_type=CONF.keystone.endpoint_type) client_kwargs = {'username': username, 'password': password, 'token': token, 'tenant_name': tenant_name, 'tenant_id': tenant_id, 'trust_id': trust_id, 'user_domain_name': domain_name, 'auth_url': auth_url, 'cacert': CONF.keystone.ca_file, 'insecure': CONF.keystone.api_insecure } if CONF.use_identity_api_v3: keystone = keystone_client_v3.Client(**client_kwargs) keystone.management_url = auth_url else: keystone = keystone_client.Client(**client_kwargs) return keystone
def _client(username, password=None, token=None, tenant_name=None, tenant_id=None, trust_id=None, domain_name=None): if trust_id and not CONF.use_identity_api_v3: raise Exception("Trusts aren't implemented in keystone api" " less than v3") auth_url = base.retrieve_auth_url() client_kwargs = { 'username': username, 'password': password, 'token': token, 'tenant_name': tenant_name, 'tenant_id': tenant_id, 'trust_id': trust_id, 'user_domain_name': domain_name, 'auth_url': auth_url } if CONF.use_identity_api_v3: keystone = keystone_client_v3.Client(**client_kwargs) keystone.management_url = auth_url else: keystone = keystone_client.Client(**client_kwargs) return keystone
def token_auth(token, project_id=None, project_name=None, project_domain_name='Default'): '''Return a token auth plugin object. :param token: the token to use for authentication. :param project_id: the project(ex. tenant) id to scope the auth. :returns: a token auth plugin object. ''' token_kwargs = dict( auth_url=base.retrieve_auth_url(), token=token ) if CONF.use_identity_api_v3: token_kwargs.update(dict( project_id=project_id, project_name=project_name, project_domain_name=project_domain_name, )) auth = keystone_identity.v3.Token(**token_kwargs) else: token_kwargs.update(dict( tenant_id=project_id, tenant_name=project_name, )) auth = keystone_identity.v2.Token(**token_kwargs) return auth
def token_auth(token, project_id=None, project_name=None, project_domain_name='Default'): '''Return a token auth plugin object. :param token: the token to use for authentication. :param project_id: the project(ex. tenant) id to scope the auth. :returns: a token auth plugin object. ''' token_kwargs = dict(auth_url=base.retrieve_auth_url( CONF.keystone.endpoint_type), token=token) if CONF.use_identity_api_v3: token_kwargs.update( dict( project_id=project_id, project_name=project_name, project_domain_name=project_domain_name, )) auth = keystone_identity.v3.Token(**token_kwargs) else: token_kwargs.update( dict( tenant_id=project_id, tenant_name=project_name, )) auth = keystone_identity.v2.Token(**token_kwargs) return auth
def validate_config(): if CONF.use_barbican_key_manager: # NOTE (elmiko) there is no need to set the api_class as castellan # uses barbican by default. castellan.set_defaults(CONF, auth_endpoint=utils.retrieve_auth_url()) else: castellan.set_defaults(CONF, api_class='sahara.service.castellan.' 'sahara_key_manager.SaharaKeyManager')
def retrieve_auth_url(endpoint_type="publicURL"): """This function returns auth url v3 api. """ version_suffix = 'v3' # return auth url with trailing slash return clients_base.retrieve_auth_url(endpoint_type=endpoint_type, version=version_suffix) + "/"
def retrieve_auth_url(endpoint_type="publicURL"): """This function returns auth url v2.0 api. Hadoop Swift library doesn't support keystone v3 api. """ if CONF.use_domain_for_proxy_users: version_suffix = "v3/auth" else: version_suffix = "v2.0" # return auth url with trailing slash return clients_base.retrieve_auth_url(endpoint_type=endpoint_type, version=version_suffix) + "/"
def _admin_client(tenant_id=None, trust_id=None): if not CONF.use_identity_api_v3: raise Exception('Trusts aren\'t implemented in keystone api' ' less than v3') auth_url = base.retrieve_auth_url() keystone = keystone_client_v3.Client(username=CONF.os_admin_username, password=CONF.os_admin_password, tenant_id=tenant_id, auth_url=auth_url, trust_id=trust_id) keystone.management_url = auth_url return keystone
def client(): ctx = context.ctx() args = { 'username': ctx.username, 'project_name': ctx.tenant_name, 'project_id': ctx.tenant_id, 'input_auth_token': ctx.auth_token, 'auth_url': base.retrieve_auth_url(), 'service_catalog_url': base.url_for(ctx.service_catalog, 'share'), 'ca_cert': CONF.manila.ca_file, 'insecure': CONF.manila.api_insecure } return manila_client.Client(CONF.manila.api_version, **args)
def _admin_client(project_name=None, trust_id=None): if not CONF.use_identity_api_v3: raise Exception('Trusts aren\'t implemented in keystone api' ' less than v3') auth_url = base.retrieve_auth_url() keystone = keystone_client_v3.Client(username=CONF.os_admin_username, password=CONF.os_admin_password, project_name=project_name, auth_url=auth_url, trust_id=trust_id) keystone.management_url = auth_url return keystone
def retrieve_auth_url(endpoint_type="publicURL"): """This function returns auth url v2.0 api. Hadoop Swift library doesn't support keystone v3 api. """ if CONF.use_domain_for_proxy_users: version_suffix = 'v3/auth' else: version_suffix = 'v2.0' # return auth url with trailing slash return clients_base.retrieve_auth_url(endpoint_type=endpoint_type, version=version_suffix) + "/"
def client(): ctx = context.current() auth_url = base.retrieve_auth_url() compute_url = base.url_for(ctx.service_catalog, 'compute') nova = nova_client.Client(username=ctx.username, api_key=None, project_id=ctx.tenant_id, auth_url=auth_url) nova.client.auth_token = ctx.token nova.client.management_url = compute_url nova.images = images.SaharaImageManager(nova) return nova
def client(): ctx = context.current() auth_url = base.retrieve_auth_url() if CONF.use_identity_api_v3: keystone = keystone_client_v3.Client(username=ctx.username, token=ctx.token, tenant_id=ctx.tenant_id, auth_url=auth_url) keystone.management_url = auth_url else: keystone = keystone_client.Client(username=ctx.username, token=ctx.token, tenant_id=ctx.tenant_id, auth_url=auth_url) return keystone
def _session(username, password, project_name, user_domain_name=None, project_domain_name=None): passwd_kwargs = dict(auth_url=base.retrieve_auth_url(), username=CONF.keystone_authtoken.admin_user, password=CONF.keystone_authtoken.admin_password) if CONF.use_identity_api_v3: passwd_kwargs.update( dict(project_name=project_name, user_domain_name=user_domain_name, project_domain_name=project_domain_name)) auth = keystone_identity.v3.Password(**passwd_kwargs) else: passwd_kwargs.update(dict(tenant_name=project_name)) auth = keystone_identity.v2.Password(**passwd_kwargs) return keystone_session.Session(auth=auth)
def _session(username, password, project_name, user_domain_name=None, project_domain_name=None): passwd_kwargs = dict( auth_url=base.retrieve_auth_url(), username=CONF.keystone_authtoken.admin_user, password=CONF.keystone_authtoken.admin_password ) if CONF.use_identity_api_v3: passwd_kwargs.update(dict( project_name=project_name, user_domain_name=user_domain_name, project_domain_name=project_domain_name )) auth = keystone_identity.v3.Password(**passwd_kwargs) else: passwd_kwargs.update(dict( tenant_name=project_name )) auth = keystone_identity.v2.Password(**passwd_kwargs) return keystone_session.Session(auth=auth)
def _password_auth(username, password, project_name=None, user_domain_name=None, project_domain_name=None, trust_id=None): '''Return a password auth plugin object. :param username: the user to authenticate as. :param password: the user's password. :param project_name: the project(ex. tenant) name to scope the auth. :param user_domain_name: the domain the user belongs to. :param project_domain_name: the domain the project belongs to. :param trust_id: a trust id to scope the auth. :returns: a password auth plugin object. ''' passwd_kwargs = dict( auth_url=base.retrieve_auth_url(CONF.keystone.endpoint_type), username=username, password=password ) if CONF.use_identity_api_v3: passwd_kwargs.update(dict( project_name=project_name, user_domain_name=user_domain_name, project_domain_name=project_domain_name, trust_id=trust_id )) auth = keystone_identity.v3.Password(**passwd_kwargs) else: passwd_kwargs.update(dict( tenant_name=project_name, trust_id=trust_id )) auth = keystone_identity.v2.Password(**passwd_kwargs) return auth
def retrieve_auth_url(endpoint_type="publicURL"): """This function returns auth url v2.0 api. Hadoop Swift library doesn't support keystone v3 api. """ auth_url = clients_base.retrieve_auth_url(endpoint_type=endpoint_type) info = urlparse.urlparse(auth_url) if CONF.use_domain_for_proxy_users: url = 'v3/auth' else: url = 'v2.0' if info.port: returned_url = '{scheme}://{hostname}:{port}/{url}/' return returned_url.format(scheme=info.scheme, hostname=info.hostname, port=info.port, url=url) else: return '{scheme}://{hostname}/{url}/'.format(scheme=info.scheme, hostname=info.hostname, url=url)
def retrieve_auth_url(): """This function returns auth url v2.0 api. Hadoop Swift library doesn't support keystone v3 api. """ auth_url = clients_base.retrieve_auth_url() info = urlparse.urlparse(auth_url) if CONF.use_domain_for_proxy_users: url = 'v3/auth' else: url = 'v2.0' if info.port: returned_url = '{scheme}://{hostname}:{port}/{url}/' return returned_url.format(scheme=info.scheme, hostname=info.hostname, port=info.port, url=url) else: return '{scheme}://{hostname}/{url}/'.format(scheme=info.scheme, hostname=info.hostname, url=url)
def _assert(uri): self.override_config('auth_url', uri, 'trustee') self.assertEqual(correct, base.retrieve_auth_url())
def _assert(uri): self.setup_context(auth_uri=uri) self.assertEqual(correct, base.retrieve_auth_url())
def _assert(uri): mock_url_for.return_value = uri self.assertEqual(correct, base.retrieve_auth_url())
def _assert(uri): self.override_config('auth_uri', uri, 'keystone_authtoken') self.assertEqual(correct, base.retrieve_auth_url())