94 lines
3.5 KiB
Python
94 lines
3.5 KiB
Python
# Copyright (c) 2014 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
from oslo_config import cfg
|
|
import swiftclient
|
|
|
|
from sahara import context
|
|
from sahara.swift import swift_helper as sh
|
|
from sahara.swift import utils as su
|
|
from sahara.utils.openstack import base
|
|
from sahara.utils.openstack import keystone as k
|
|
|
|
opts = [
|
|
cfg.BoolOpt('api_insecure',
|
|
default=False,
|
|
help='Allow to perform insecure SSL requests to swift.'),
|
|
cfg.StrOpt('ca_file',
|
|
help='Location of ca certificates file to use for swift '
|
|
'client requests.'),
|
|
cfg.StrOpt("endpoint_type",
|
|
default="internalURL",
|
|
help="Endpoint type for swift client requests")
|
|
]
|
|
|
|
swift_group = cfg.OptGroup(name='swift',
|
|
title='Swift client options')
|
|
|
|
CONF = cfg.CONF
|
|
CONF.register_group(swift_group)
|
|
CONF.register_opts(opts, group=swift_group)
|
|
|
|
|
|
def client(username, password, trust_id=None):
|
|
'''return a Swift client
|
|
|
|
This will return a Swift client for the specified username scoped to the
|
|
current context project, unless a trust identifier is specified.
|
|
|
|
If a trust identifier is present then the Swift client will be created
|
|
based on a preauthorized token generated by the username scoped to the
|
|
trust identifier.
|
|
|
|
:param username: The username for the Swift client
|
|
:param password: The password associated with the username
|
|
:param trust_id: A trust identifier for scoping the username (optional)
|
|
:returns: A Swift client object
|
|
|
|
'''
|
|
if trust_id:
|
|
proxyauth = k.auth_for_proxy(username, password, trust_id)
|
|
return client_from_token(k.token_from_auth(proxyauth))
|
|
else:
|
|
return swiftclient.Connection(
|
|
auth_version='3',
|
|
cacert=CONF.swift.ca_file,
|
|
insecure=CONF.swift.api_insecure,
|
|
authurl=su.retrieve_auth_url(CONF.keystone.endpoint_type),
|
|
user=username,
|
|
key=password,
|
|
tenant_name=sh.retrieve_tenant(),
|
|
retries=CONF.retries.retries_number,
|
|
retry_on_ratelimit=True,
|
|
starting_backoff=CONF.retries.retry_after,
|
|
max_backoff=CONF.retries.retry_after)
|
|
|
|
|
|
def client_from_token(token=None):
|
|
if not token:
|
|
token = context.get_auth_token()
|
|
'''return a Swift client authenticated from a token.'''
|
|
return swiftclient.Connection(auth_version='3',
|
|
cacert=CONF.swift.ca_file,
|
|
insecure=CONF.swift.api_insecure,
|
|
preauthurl=base.url_for(
|
|
service_type="object-store",
|
|
endpoint_type=CONF.swift.endpoint_type),
|
|
preauthtoken=token,
|
|
retries=CONF.retries.retries_number,
|
|
retry_on_ratelimit=True,
|
|
starting_backoff=CONF.retries.retry_after,
|
|
max_backoff=CONF.retries.retry_after)
|