Merge "Rework saharaclient authentication"
This commit is contained in:
commit
373852038f
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
upgrade:
|
||||
- |
|
||||
The Sahara client library now only supports authentication with a Keystone
|
||||
session object. Consequently the arguments which `saharaclient.api.Client`
|
||||
accepts, and the order of those arguments, have changed.
|
|
@ -13,13 +13,7 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import warnings
|
||||
|
||||
from keystoneauth1 import adapter
|
||||
from keystoneauth1.identity import v2
|
||||
from keystoneauth1.identity import v3
|
||||
from keystoneauth1 import session as keystone_session
|
||||
from keystoneauth1 import token_endpoint
|
||||
|
||||
from saharaclient.api import cluster_templates
|
||||
from saharaclient.api import clusters
|
||||
|
@ -52,59 +46,21 @@ class Client(object):
|
|||
_api_version = '1.1'
|
||||
|
||||
"""Client for the OpenStack Data Processing API.
|
||||
|
||||
:param str username: Username for Keystone authentication.
|
||||
:param str api_key: Password for Keystone authentication.
|
||||
:param str project_id: Keystone Tenant id.
|
||||
:param str project_name: Keystone Tenant name.
|
||||
:param str auth_url: Keystone URL that will be used for authentication.
|
||||
:param str sahara_url: Sahara REST API URL to communicate with.
|
||||
:param str endpoint_type: Desired Sahara endpoint type.
|
||||
:param str service_type: Sahara service name in Keystone catalog.
|
||||
:param str input_auth_token: Keystone authorization token.
|
||||
:param session: Keystone Session object.
|
||||
:param auth: Keystone Authentication Plugin object.
|
||||
:param boolean insecure: Allow insecure.
|
||||
:param string cacert: Path to the Privacy Enhanced Mail (PEM) file
|
||||
which contains certificates needed to establish
|
||||
SSL connection with the identity service.
|
||||
:param session: Keystone session object. Required.
|
||||
:param string sahara_url: Endpoint override.
|
||||
:param string endpoint_type: Desired Sahara endpoint type.
|
||||
:param string service_type: Sahara service name in Keystone catalog.
|
||||
:param string region_name: Name of a region to select when choosing an
|
||||
endpoint from the service catalog.
|
||||
"""
|
||||
def __init__(self, username=None, api_key=None, project_id=None,
|
||||
project_name=None, auth_url=None, sahara_url=None,
|
||||
def __init__(self, session=None, sahara_url=None,
|
||||
endpoint_type='publicURL', service_type='data-processing',
|
||||
input_auth_token=None, session=None, auth=None,
|
||||
insecure=False, cacert=None, region_name=None, **kwargs):
|
||||
region_name=None, **kwargs):
|
||||
|
||||
if not session:
|
||||
warnings.simplefilter('once', category=DeprecationWarning)
|
||||
warnings.warn('Passing authentication parameters to saharaclient '
|
||||
'is deprecated. Please construct and pass an '
|
||||
'authenticated session object directly.',
|
||||
DeprecationWarning)
|
||||
warnings.resetwarnings()
|
||||
raise RuntimeError("Must provide session")
|
||||
|
||||
if input_auth_token:
|
||||
auth = token_endpoint.Token(sahara_url, input_auth_token)
|
||||
|
||||
else:
|
||||
auth = self._get_keystone_auth(auth_url=auth_url,
|
||||
username=username,
|
||||
api_key=api_key,
|
||||
project_id=project_id,
|
||||
project_name=project_name)
|
||||
|
||||
verify = True
|
||||
if insecure:
|
||||
verify = False
|
||||
elif cacert:
|
||||
verify = cacert
|
||||
|
||||
session = keystone_session.Session(verify=verify)
|
||||
|
||||
if not auth:
|
||||
auth = session.auth
|
||||
auth = session.auth
|
||||
|
||||
kwargs['user_agent'] = USER_AGENT
|
||||
kwargs.setdefault('interface', endpoint_type)
|
||||
|
@ -138,28 +94,6 @@ class Client(object):
|
|||
)
|
||||
self.job_types = job_types.JobTypesManager(client)
|
||||
|
||||
def _get_keystone_auth(self, username=None, api_key=None, auth_url=None,
|
||||
project_id=None, project_name=None):
|
||||
if not auth_url:
|
||||
raise RuntimeError("No auth url specified")
|
||||
|
||||
if 'v2.0' in auth_url:
|
||||
return v2.Password(auth_url=auth_url,
|
||||
username=username,
|
||||
password=api_key,
|
||||
tenant_id=project_id,
|
||||
tenant_name=project_name)
|
||||
else:
|
||||
# NOTE(jamielennox): Setting these to default is what
|
||||
# keystoneclient does in the event they are not passed.
|
||||
return v3.Password(auth_url=auth_url,
|
||||
username=username,
|
||||
password=api_key,
|
||||
user_domain_id='default',
|
||||
project_id=project_id,
|
||||
project_name=project_name,
|
||||
project_domain_id='default')
|
||||
|
||||
|
||||
class ClientV2(Client):
|
||||
|
||||
|
|
|
@ -41,8 +41,6 @@ def make_client(instance):
|
|||
client = data_processing_client(
|
||||
session=instance.session,
|
||||
region_name=instance._region_name,
|
||||
cacert=instance._cacert,
|
||||
insecure=instance._insecure,
|
||||
sahara_url=instance._cli_options.data_processing_url,
|
||||
**kwargs
|
||||
)
|
||||
|
|
|
@ -17,19 +17,19 @@ import testtools
|
|||
from saharaclient.api import base
|
||||
from saharaclient.api import client
|
||||
|
||||
from keystoneauth1 import session
|
||||
from requests_mock.contrib import fixture
|
||||
|
||||
|
||||
class BaseTestCase(testtools.TestCase):
|
||||
|
||||
URL = 'http://localhost:8386'
|
||||
TOKEN = 'token'
|
||||
SESSION = session.Session()
|
||||
|
||||
def setUp(self):
|
||||
super(BaseTestCase, self).setUp()
|
||||
self.responses = self.useFixture(fixture.Fixture())
|
||||
self.client = client.Client(sahara_url=self.URL,
|
||||
input_auth_token=self.TOKEN)
|
||||
self.client = client.Client(session=self.SESSION, sahara_url=self.URL)
|
||||
|
||||
def assertFields(self, body, obj):
|
||||
for key, value in body.items():
|
||||
|
|
|
@ -28,15 +28,11 @@ class TestDataProcessingPlugin(base.BaseTestCase):
|
|||
instance._api_version = {"data_processing": '1.1'}
|
||||
instance.session = 'session'
|
||||
instance._region_name = 'region_name'
|
||||
instance._cacert = 'cacert'
|
||||
instance._insecure = 'insecure'
|
||||
instance._cli_options.data_processing_url = 'url'
|
||||
instance._interface = 'public'
|
||||
|
||||
plugin.make_client(instance)
|
||||
p_client.assert_called_with(session='session',
|
||||
region_name='region_name',
|
||||
cacert='cacert',
|
||||
insecure='insecure',
|
||||
sahara_url='url',
|
||||
endpoint_type='public')
|
||||
|
|
Loading…
Reference in New Issue