Merge "Specify that unknown arguments can be passed to fetch_token"

This commit is contained in:
Jenkins 2016-10-12 00:58:32 +00:00 committed by Gerrit Code Review
commit c0c8677d86
3 changed files with 29 additions and 5 deletions

View File

@ -216,6 +216,7 @@ import binascii
import copy
import datetime
import logging
import warnings
from keystoneauth1 import access
from keystoneauth1 import adapter
@ -306,6 +307,14 @@ class BaseAuthProtocol(object):
perform.
"""
# NOTE(jamielennox): Default to True and remove in Pike.
kwargs_to_fetch_token = False
"""A compatibility flag to allow passing **kwargs to fetch_token().
This is basically to allow compatibility with keystone's override. We will
assume all subclasses are ok with this being True in the Pike release.
"""
def __init__(self,
app,
log=_LOG,
@ -383,9 +392,16 @@ class BaseAuthProtocol(object):
if auth_ref.will_expire_soon(stale_duration=0):
raise ksm_exceptions.InvalidToken(_('Token authorization failed'))
def _do_fetch_token(self, token):
def _do_fetch_token(self, token, **kwargs):
"""Helper method to fetch a token and convert it into an AccessInfo."""
data = self.fetch_token(token)
if self.kwargs_to_fetch_token:
data = self.fetch_token(token, **kwargs)
else:
m = _('Implementations of auth_token must set '
'kwargs_to_fetch_token this will be the required and '
'assumed in Pike.')
warnings.warn(m)
data = self.fetch_token(token)
try:
return data, access.create(body=data, auth_token=token)
@ -393,7 +409,7 @@ class BaseAuthProtocol(object):
self.log.warning(_LW('Invalid token contents.'), exc_info=True)
raise ksm_exceptions.InvalidToken(_('Token authorization failed'))
def fetch_token(self, token):
def fetch_token(self, token, **kwargs):
"""Fetch the token data based on the value in the header.
Retrieve the data associated with the token value that was in the
@ -401,6 +417,10 @@ class BaseAuthProtocol(object):
whatever is required.
:param str token: The token present in the request header.
:param dict kwargs: Additional keyword arguments may be passed through
here to support new features. If an implementation
is not aware of how to use these arguments it
should ignore them.
:raises exc.InvalidToken: if token is invalid.
@ -487,6 +507,8 @@ class AuthProtocol(BaseAuthProtocol):
_SIGNING_CERT_FILE_NAME = 'signing_cert.pem'
_SIGNING_CA_FILE_NAME = 'cacert.pem'
kwargs_to_fetch_token = True
def __init__(self, app, conf):
log = logging.getLogger(conf.get('log_name', __name__))
log.info(_LI('Starting Keystone auth_token middleware'))

View File

@ -89,7 +89,7 @@ class AuthTokenFixture(fixtures.Fixture):
self._token_data[token_id] = token_data
return token_id
def fetch_token(self, token):
def fetch_token(self, token, **kwargs):
"""Low level replacement of fetch_token for AuthProtocol."""
token_data = self._token_data.get(token, {})
if token_data:

View File

@ -32,11 +32,13 @@ class FakeApp(object):
class FetchingMiddleware(auth_token.BaseAuthProtocol):
kwargs_to_fetch_token = True
def __init__(self, app, token_dict={}, **kwargs):
super(FetchingMiddleware, self).__init__(app, **kwargs)
self.token_dict = token_dict
def fetch_token(self, token):
def fetch_token(self, token, **kwargs):
try:
return self.token_dict[token]
except KeyError: