From 2e7b9046a8d49ecfe0de0ef3b1dbb3895c39297f Mon Sep 17 00:00:00 2001 From: "OTSUKA, Yuanying" Date: Thu, 25 Dec 2014 11:12:58 +0900 Subject: [PATCH] Fix RequestContext attributes 'auth_url', 'auth_token_info' and 'trust_id' is required to create heatclient. So this commit added these. Change-Id: If17c87770f2e4d93dae5e1262faa5b44cc5cfdef --- magnum/api/auth.py | 14 +++++++++----- magnum/common/context.py | 10 +++++++--- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/magnum/api/auth.py b/magnum/api/auth.py index 223f222332..31811ec9ea 100644 --- a/magnum/api/auth.py +++ b/magnum/api/auth.py @@ -17,6 +17,7 @@ import re from keystonemiddleware import auth_token from oslo.config import cfg +from oslo.utils import importutils from pecan import hooks from magnum.common import context @@ -102,6 +103,7 @@ class AuthInformationHook(hooks.PecanHook): tenant = state.request.headers.get('X-Tenant', tenant) domain_id = state.request.headers.get('X-User-Domain-Id') domain_name = state.request.headers.get('X-User-Domain-Name') + auth_token_info = state.request.environ.get('keystone.token_info') # Get the auth token try: @@ -111,19 +113,21 @@ class AuthInformationHook(hooks.PecanHook): except ValueError: LOG.debug("No auth token found in the request.") raise Exception('Not authorized') - # auth_url = headers.get('X-Auth-Url') - # if auth_url is None: - # importutils.import_module('keystonemiddleware.auth_token') - # auth_url = cfg.CONF.keystone_authtoken.auth_uri + auth_url = headers.get('X-Auth-Url') + if auth_url is None: + importutils.import_module('keystonemiddleware.auth_token') + auth_url = cfg.CONF.keystone_authtoken.auth_uri identity_status = headers.get('X-Identity-Status') if identity_status == 'Confirmed': ctx = context.RequestContext(auth_token=recv_auth_token, + auth_url=auth_url, + auth_token_info=auth_token_info, user=user_id, tenant=tenant, domain_id=domain_id, domain_name=domain_name) - state.request.security_context = ctx + state.request.context = ctx else: LOG.debug("The provided identity is not confirmed.") raise Exception('Not authorized. Identity not confirmed.') diff --git a/magnum/common/context.py b/magnum/common/context.py index 6f6ee15c5e..3bf5e5fd82 100644 --- a/magnum/common/context.py +++ b/magnum/common/context.py @@ -18,9 +18,10 @@ from oslo_context import context class RequestContext(context.RequestContext): """Extends security contexts from the OpenStack common library.""" - def __init__(self, auth_token=None, domain_id=None, domain_name=None, - user=None, tenant=None, is_admin=False, is_public_api=False, - read_only=False, show_deleted=False, request_id=None): + def __init__(self, auth_token=None, auth_url=None, domain_id=None, + domain_name=None, user=None, tenant=None, is_admin=False, + is_public_api=False, read_only=False, show_deleted=False, + request_id=None, trust_id=None, auth_token_info=None): """Stores several additional request parameters: :param domain_id: The ID of the domain. @@ -32,6 +33,9 @@ class RequestContext(context.RequestContext): self.is_public_api = is_public_api self.domain_id = domain_id self.domain_name = domain_name + self.auth_url = auth_url + self.auth_token_info = auth_token_info + self.trust_id = trust_id super(RequestContext, self).__init__(auth_token=auth_token, user=user, tenant=tenant,