From 537fd8c7b242d4de5e0f7a30729b59e7bf90a7f1 Mon Sep 17 00:00:00 2001 From: David Lyle Date: Tue, 21 Jan 2014 17:24:06 -0700 Subject: [PATCH] moves default keystone API to v3 v2.0 of the keystone API was deprecated in icehouse-2, moving to support v3 by default. This also fixes a bug in Horizon where if you specify v3 for the API version and v2.0 is still the auth url, login fails. Implements blueprint keystone-v3-default Partial-bug: #1267636 Change-Id: Ibc4872f24125fa74230eab781b002dffdba5f5da --- doc/source/installation.rst | 4 ++-- openstack_auth/backend.py | 4 ++++ openstack_auth/tests/settings.py | 4 ++-- openstack_auth/tests/tests.py | 2 ++ openstack_auth/utils.py | 4 +++- openstack_auth/views.py | 3 ++- 6 files changed, 15 insertions(+), 6 deletions(-) diff --git a/doc/source/installation.rst b/doc/source/installation.rst index 91d21f9a..6ac03790 100644 --- a/doc/source/installation.rst +++ b/doc/source/installation.rst @@ -18,7 +18,7 @@ Installing is quick and easy: #. Configure your API endpoint(s) in ``settings.py``:: - OPENSTACK_KEYSTONE_URL = "http://example.com:5000/v2.0" + OPENSTACK_KEYSTONE_URL = "http://example.com:5000/v3" #. Include ``'keystone_auth.urls'`` somewhere in your ``urls.py`` file. @@ -29,4 +29,4 @@ Running The Tests Download the repository and run:: - python setup.py test \ No newline at end of file + python setup.py test diff --git a/openstack_auth/backend.py b/openstack_auth/backend.py index bcfa91ec..057a285a 100644 --- a/openstack_auth/backend.py +++ b/openstack_auth/backend.py @@ -78,6 +78,10 @@ class KeystoneBackend(object): endpoint_type = getattr( settings, 'OPENSTACK_ENDPOINT_TYPE', 'publicURL') + # keystone client v3 does not support logging in on the v2 url any more + if get_keystone_version() >= 3: + auth_url = auth_url.replace('v2.0', 'v3') + keystone_client = get_keystone_client() try: client = keystone_client.Client( diff --git a/openstack_auth/tests/settings.py b/openstack_auth/tests/settings.py index 7f75cb4a..00e2928c 100644 --- a/openstack_auth/tests/settings.py +++ b/openstack_auth/tests/settings.py @@ -31,7 +31,7 @@ MIDDLEWARE_CLASSES = [ AUTHENTICATION_BACKENDS = ['openstack_auth.backend.KeystoneBackend'] -OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0" +OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v3" ROOT_URLCONF = 'openstack_auth.tests.urls' @@ -40,7 +40,7 @@ LOGIN_REDIRECT_URL = '/' SECRET_KEY = 'badcafe' OPENSTACK_API_VERSIONS = { - "identity": 2.0 + "identity": 3 } USE_TZ = True diff --git a/openstack_auth/tests/tests.py b/openstack_auth/tests/tests.py index 4805e70a..c36210ac 100644 --- a/openstack_auth/tests/tests.py +++ b/openstack_auth/tests/tests.py @@ -43,6 +43,8 @@ class OpenStackAuthTestsV2(test.TestCase): self.keystone_client_scoped = self.ks_client_module.Client( endpoint=endpoint, auth_ref=self.data.scoped_access_info) + settings.OPENSTACK_API_VERSIONS['identity'] = 2.0 + settings.OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0" def tearDown(self): self.mox.UnsetStubs() diff --git a/openstack_auth/utils.py b/openstack_auth/utils.py index bec0854b..d4204164 100644 --- a/openstack_auth/utils.py +++ b/openstack_auth/utils.py @@ -141,7 +141,7 @@ def is_safe_url(url, host=None): # Helper for figuring out keystone version # Implementation will change when API version discovery is available def get_keystone_version(): - return getattr(settings, 'OPENSTACK_API_VERSIONS', {}).get('identity', 2.0) + return getattr(settings, 'OPENSTACK_API_VERSIONS', {}).get('identity', 3) def get_keystone_client(): @@ -153,6 +153,8 @@ def get_keystone_client(): def get_project_list(*args, **kwargs): if get_keystone_version() < 3: + auth_url = kwargs.get('auth_url', '').replace('v3', 'v2.0') + kwargs['auth_url'] = auth_url client = get_keystone_client().Client(*args, **kwargs) return client.tenants.list() else: diff --git a/openstack_auth/views.py b/openstack_auth/views.py index c86916bc..52a618cb 100644 --- a/openstack_auth/views.py +++ b/openstack_auth/views.py @@ -136,7 +136,8 @@ def switch(request, tenant_id, redirect_field_name=REDIRECT_FIELD_NAME): endpoint = request.user.endpoint try: if get_keystone_version() >= 3: - endpoint = endpoint.replace('v2.0', 'v3') + if 'v3' not in endpoint: + endpoint = endpoint.replace('v2.0', 'v3') client = get_keystone_client().Client(tenant_id=tenant_id, token=request.user.token.id, auth_url=endpoint,