def notify(action, alarm_id, alarm_name, previous, current, reason,
reason_data):
trust_id = action.username
auth_url = cfg.CONF.service_credentials.os_auth_url.replace(
"v2.0", "v3")
client = keystone_client.Client(
username=cfg.CONF.service_credentials.os_username,
password=cfg.CONF.service_credentials.os_password,
cacert=cfg.CONF.service_credentials.os_cacert,
auth_url=auth_url,
region_name=cfg.CONF.service_credentials.os_region_name,
insecure=cfg.CONF.service_credentials.insecure,
timeout=cfg.CONF.http_timeout,
trust_id=trust_id)
# Remove the fake user
netloc = action.netloc.split("@")[1]
# Remove the trust prefix
scheme = action.scheme[6:]
action = parse.SplitResult(scheme, netloc, action.path, action.query,
action.fragment)
headers = {'X-Auth-Token': client.auth_token}
rest.RestAlarmNotifier.notify(action, alarm_id, alarm_name, previous,
current, reason, reason_data, headers)
def _my_urlsplit(url):
"""This is a hack to prevent the regular urlsplit from splitting around question marks.
A question mark (?) in a URL typically indicates the start of a
querystring, and the standard library's urlparse function handles the
querystring separately. Unfortunately, question marks can also appear
_inside_ the actual URL for some schemas like S3.
Replaces question marks with newlines prior to splitting. This is safe because:
1. The standard library's urlsplit completely ignores newlines
2. Raw newlines will never occur in innocuous URLs. They are always URL-encoded.
See Also
--------
https://github.com/python/cpython/blob/3.7/Lib/urllib/parse.py
https://github.com/RaRe-Technologies/smart_open/issues/285
"""
parsed_url = urlparse.urlsplit(url, allow_fragments=False)
if parsed_url.scheme not in smart_open_s3.SUPPORTED_SCHEMES or '?' not in url:
return parsed_url
sr = urlparse.urlsplit(url.replace('?', '\n'), allow_fragments=False)
return urlparse.SplitResult(sr.scheme, sr.netloc,
sr.path.replace('\n', '?'), '', '')
def _url(self, path):
return parse.urlunsplit(
parse.SplitResult(scheme=self.bigip.scheme,
netloc=self.bigip.hostname,
path=path,
query='',
fragment=''))
def _scrub_action_url(action):
"""Remove trust ID from a URL."""
url = netutils.urlsplit(action)
if Alarm._is_trust_url(url):
netloc = url.netloc.rsplit('@', 1)[-1]
url = urlparse.SplitResult(url.scheme, netloc, url.path, url.query,
url.fragment)
return url.geturl()
def test_parse_endpoint(self):
endpoint = 'http://example.com:9292'
test_client = http.HTTPClient(endpoint, token=u'adc123')
actual = test_client.parse_endpoint(endpoint)
expected = parse.SplitResult(scheme='http',
netloc='example.com:9292', path='',
query='', fragment='')
self.assertEqual(expected, actual)
def get_url(self, url):
"""Create the URL based off this partial path."""
url_tuple = parse.SplitResult(scheme=self.url.scheme,
netloc=self.url.netloc,
path=url,
query='',
fragment='')
return parse.urlunsplit(url_tuple)
def get_url(self, url):
""" Override host for AS3 declarations. """
if url.startswith(AS3_PATH):
# derive external as3 container url
url_tuple = parse.SplitResult(scheme=self.as3_url.scheme,
netloc=self.as3_url.netloc,
path=url,
query='',
fragment='')
return parse.urlunsplit(url_tuple)
else:
# derive regular bigip url
return super(AS3ExternalContainerRestClient, self).get_url(url)
def urlsplit(url, scheme='', allow_fragments=True):
"""Parse a URL using urlparse.urlsplit(), splitting query and fragments.
This function papers over Python issue9374 when needed.
The parameters are the same as urlparse.urlsplit.
"""
scheme, netloc, path, query, fragment = urlparse.urlsplit(
url, scheme, allow_fragments)
if allow_fragments and '#' in path:
path, fragment = path.split('#', 1)
if '?' in path:
path, query = path.split('?', 1)
return urlparse.SplitResult(scheme, netloc, path, query, fragment)
def get_message(self):
"""
Assemble the basic message including query parameters.
"""
message = email.message.Message()
message['Method'] = self.command
message['Path'] = self.path
server_url = parse.SplitResult(
'http', '{0}:{1}'.format(self.server.server_name,
self.server.server_port), '', '', '')
request_url = parse.urlsplit(server_url.geturl() + self.path)
for header, value in parse.parse_qs(request_url.query).items():
message.add_header(header, value[0])
return message
def update_actions(self, old_alarm=None):
trustor_user_id = pecan.request.headers.get('X-User-Id')
trustor_project_id = pecan.request.headers.get('X-Project-Id')
roles = pecan.request.headers.get('X-Roles', '')
if roles:
roles = roles.split(',')
else:
roles = []
auth_plugin = pecan.request.environ.get('keystone.token_auth')
if old_alarm:
prev_trust_ids = set(old_alarm._get_existing_trust_ids())
else:
prev_trust_ids = set()
trust_id = prev_trust_ids.pop() if prev_trust_ids else None
trust_id_used = False
for actions in (self.ok_actions, self.alarm_actions,
self.insufficient_data_actions):
if actions is not None:
for index, action in enumerate(actions[:]):
url = netutils.urlsplit(action)
if self._is_trust_url(url):
if '@' in url.netloc:
errmsg = _("trust URL cannot contain a trust ID.")
raise base.ClientSideError(errmsg)
if trust_id is None:
# We have a trust action without a trust ID,
# create it
trust_id = keystone_client.create_trust_id(
pecan.request.cfg, trustor_user_id,
trustor_project_id, roles, auth_plugin)
if trust_id_used:
pw = ''
else:
pw = ':delete'
trust_id_used = True
netloc = '%s%s@%s' % (trust_id, pw, url.netloc)
url = urlparse.SplitResult(url.scheme, netloc,
url.path, url.query,
url.fragment)
actions[index] = url.geturl()
if trust_id is not None and not trust_id_used:
prev_trust_ids.add(trust_id)
for old_trust_id in prev_trust_ids:
keystone_client.delete_trust_id(pecan.request.cfg, old_trust_id,
auth_plugin)
def notify(action, alarm_id, alarm_name, severity, previous, current,
reason, reason_data):
trust_id = action.username
client = keystone_client.get_v3_client(trust_id)
# Remove the fake user
netloc = action.netloc.split("@")[1]
# Remove the trust prefix
scheme = action.scheme[6:]
action = parse.SplitResult(scheme, netloc, action.path, action.query,
action.fragment)
headers = {'X-Auth-Token': client.auth_token}
rest.RestAlarmNotifier.notify(action, alarm_id, alarm_name, severity,
previous, current, reason, reason_data,
headers)
def notify(self, action, alarm_id, alarm_name, severity, previous, current,
reason, reason_data):
trust_id = action.username
client = keystone_client.get_trusted_client(self.conf, trust_id)
# Remove the fake user
netloc = action.netloc.split("@")[1]
# Remove the trust prefix
scheme = action.scheme[6:]
action = parse.SplitResult(scheme, netloc, action.path, action.query,
action.fragment)
headers = {'X-Auth-Token': keystone_client.get_auth_token(client)}
super(TrustAlarmNotifierMixin,
self).notify(action, alarm_id, alarm_name, severity, previous,
current, reason, reason_data, headers)
