Use keystoneauth1 instead of keystoneclient
The keystoneclient session has been deprecated in favour of keystoneauth1. To make this cleaner a few unnecessary usages of keystoneclient are cleaned up. Change-Id: I8bfcff53165a18f94c600797dd8105d64d948e7a
This commit is contained in:
parent
b54d07b99f
commit
712e85763b
|
@ -22,8 +22,9 @@ import time
|
||||||
from cryptography.hazmat import backends
|
from cryptography.hazmat import backends
|
||||||
from cryptography.hazmat.primitives import serialization
|
from cryptography.hazmat.primitives import serialization
|
||||||
from cryptography import x509 as cryptography_x509
|
from cryptography import x509 as cryptography_x509
|
||||||
from keystoneclient.auth import identity
|
from keystoneauth1 import identity
|
||||||
from keystoneclient import session
|
from keystoneauth1 import loading
|
||||||
|
from keystoneauth1 import session
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
from oslo_utils import excutils
|
from oslo_utils import excutils
|
||||||
|
@ -85,7 +86,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
||||||
self._base_url = None
|
self._base_url = None
|
||||||
self.conf = configuration
|
self.conf = configuration
|
||||||
self.conf.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP)
|
self.conf.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP)
|
||||||
session.Session.register_conf_options(self.conf, BARBICAN_OPT_GROUP)
|
loading.register_session_conf_options(self.conf, BARBICAN_OPT_GROUP)
|
||||||
|
|
||||||
def _get_barbican_client(self, context):
|
def _get_barbican_client(self, context):
|
||||||
"""Creates a client to connect to the Barbican service.
|
"""Creates a client to connect to the Barbican service.
|
||||||
|
@ -130,7 +131,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
||||||
auth_url = self.conf.barbican.auth_endpoint
|
auth_url = self.conf.barbican.auth_endpoint
|
||||||
|
|
||||||
if context.__class__.__name__ is 'KeystonePassword':
|
if context.__class__.__name__ is 'KeystonePassword':
|
||||||
return identity.v3.Password(
|
return identity.V3Password(
|
||||||
auth_url=auth_url,
|
auth_url=auth_url,
|
||||||
username=context.username,
|
username=context.username,
|
||||||
password=context.password,
|
password=context.password,
|
||||||
|
@ -146,7 +147,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
||||||
project_domain_name=context.project_domain_name,
|
project_domain_name=context.project_domain_name,
|
||||||
reauthenticate=context.reauthenticate)
|
reauthenticate=context.reauthenticate)
|
||||||
elif context.__class__.__name__ is 'KeystoneToken':
|
elif context.__class__.__name__ is 'KeystoneToken':
|
||||||
return identity.v3.Token(
|
return identity.V3Token(
|
||||||
auth_url=auth_url,
|
auth_url=auth_url,
|
||||||
token=context.token,
|
token=context.token,
|
||||||
trust_id=context.trust_id,
|
trust_id=context.trust_id,
|
||||||
|
@ -160,7 +161,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
||||||
# this will be kept for oslo.context compatibility until
|
# this will be kept for oslo.context compatibility until
|
||||||
# projects begin to use utils.credential_factory
|
# projects begin to use utils.credential_factory
|
||||||
elif context.__class__.__name__ is 'RequestContext':
|
elif context.__class__.__name__ is 'RequestContext':
|
||||||
return identity.v3.Token(
|
return identity.V3Token(
|
||||||
auth_url=auth_url,
|
auth_url=auth_url,
|
||||||
token=context.auth_token,
|
token=context.auth_token,
|
||||||
project_id=context.tenant)
|
project_id=context.tenant)
|
||||||
|
|
|
@ -21,9 +21,8 @@ Note: This requires local running instances of Barbican and Keystone.
|
||||||
import abc
|
import abc
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
from keystoneclient.auth.identity import v3
|
from keystoneauth1 import identity
|
||||||
from keystoneclient import session
|
from keystoneauth1 import session
|
||||||
from keystoneclient.v3 import client
|
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
from oslo_context import context
|
from oslo_context import context
|
||||||
from oslotest import base
|
from oslotest import base
|
||||||
|
@ -113,22 +112,16 @@ class BarbicanKeyManagerOSLOContextTestCase(BarbicanKeyManagerTestCase,
|
||||||
user_domain_name = CONF.identity.user_domain_name
|
user_domain_name = CONF.identity.user_domain_name
|
||||||
project_domain_name = CONF.identity.project_domain_name
|
project_domain_name = CONF.identity.project_domain_name
|
||||||
|
|
||||||
auth = v3.Password(auth_url=auth_url,
|
auth = identity.V3Password(auth_url=auth_url,
|
||||||
username=username,
|
username=username,
|
||||||
password=password,
|
password=password,
|
||||||
project_name=project_name,
|
project_name=project_name,
|
||||||
user_domain_name=user_domain_name,
|
user_domain_name=user_domain_name,
|
||||||
project_domain_name=project_domain_name)
|
project_domain_name=project_domain_name)
|
||||||
sess = session.Session(auth=auth)
|
sess = session.Session(auth=auth)
|
||||||
keystone_client = client.Client(session=sess)
|
|
||||||
|
|
||||||
project_list = keystone_client.projects.list(name=project_name)
|
return context.RequestContext(auth_token=auth.get_token(sess),
|
||||||
|
tenant=auth.get_project_id(sess))
|
||||||
ctxt = context.RequestContext(
|
|
||||||
auth_token=auth.auth_ref.auth_token,
|
|
||||||
tenant=project_list[0].id)
|
|
||||||
|
|
||||||
return ctxt
|
|
||||||
|
|
||||||
|
|
||||||
class BarbicanKeyManagerKSPasswordTestCase(BarbicanKeyManagerTestCase,
|
class BarbicanKeyManagerKSPasswordTestCase(BarbicanKeyManagerTestCase,
|
||||||
|
@ -161,19 +154,14 @@ class BarbicanKeyManagerKSTokenTestCase(BarbicanKeyManagerTestCase,
|
||||||
user_domain_name = CONF.identity.user_domain_name
|
user_domain_name = CONF.identity.user_domain_name
|
||||||
project_domain_name = CONF.identity.project_domain_name
|
project_domain_name = CONF.identity.project_domain_name
|
||||||
|
|
||||||
auth = v3.Password(auth_url=auth_url,
|
auth = identity.V3Password(auth_url=auth_url,
|
||||||
username=username,
|
username=username,
|
||||||
password=password,
|
password=password,
|
||||||
project_name=project_name,
|
project_name=project_name,
|
||||||
user_domain_name=user_domain_name,
|
user_domain_name=user_domain_name,
|
||||||
project_domain_name=project_domain_name)
|
project_domain_name=project_domain_name)
|
||||||
sess = session.Session(auth=auth)
|
sess = session.Session()
|
||||||
keystone_client = client.Client(session=sess)
|
|
||||||
|
|
||||||
project_list = keystone_client.projects.list(name=project_name)
|
return keystone_token.KeystoneToken(
|
||||||
|
token=auth.get_token(sess),
|
||||||
ctxt = keystone_token.KeystoneToken(
|
project_id=auth.get_project_id(sess))
|
||||||
token=auth.auth_ref.auth_token,
|
|
||||||
project_id=project_list[0].id)
|
|
||||||
|
|
||||||
return ctxt
|
|
||||||
|
|
|
@ -52,7 +52,7 @@ provided.
|
||||||
.. note::
|
.. note::
|
||||||
|
|
||||||
Keystone Token and Password authentication is achieved using
|
Keystone Token and Password authentication is achieved using
|
||||||
keystoneclient.auth.identity.v3 Token and Password auth plugins.
|
keystoneauth1.identity Token and Password auth plugins.
|
||||||
There are a variety of different variables which can be set for the
|
There are a variety of different variables which can be set for the
|
||||||
keystone credential options.
|
keystone credential options.
|
||||||
|
|
||||||
|
@ -88,23 +88,23 @@ that is being abstracted.
|
||||||
|
|
||||||
.. code:: python
|
.. code:: python
|
||||||
|
|
||||||
from keystoneclient.v3 import client
|
from keystoneauth1 import identity
|
||||||
|
from keystoneauth1 import session
|
||||||
from oslo_context import context
|
from oslo_context import context
|
||||||
|
|
||||||
username = 'admin'
|
username = 'admin'
|
||||||
password = 'openstack'
|
password = 'openstack'
|
||||||
project_name = 'admin'
|
project_name = 'admin'
|
||||||
auth_url = 'http://localhost:5000/v3'
|
auth_url = 'http://localhost:5000/'
|
||||||
keystone_client = client.Client(username=username,
|
auth = identity.Password(auth_url=auth_url,
|
||||||
password=password,
|
username=username,
|
||||||
project_name=project_name,
|
password=password,
|
||||||
auth_url=auth_url,
|
project_name=project_name,
|
||||||
project_domain_id='default')
|
default_domain_id='default')
|
||||||
|
sess = session.Session()
|
||||||
|
|
||||||
project_list = keystone_client.projects.list(name=project_name)
|
ctxt = context.RequestContext(auth_token=auth.get_token(sess),
|
||||||
|
tenant=auth.get_project_id(sess))
|
||||||
ctxt = context.RequestContext(auth_token=keystone_client.auth_token,
|
|
||||||
tenant=project_list[0].id)
|
|
||||||
|
|
||||||
ctxt can then be passed into any key_manager api call.
|
ctxt can then be passed into any key_manager api call.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue