83 lines
2.9 KiB
Python
83 lines
2.9 KiB
Python
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from oslo_config import cfg
|
|
from oslo_middleware import request_id as oslo_request_id
|
|
from oslo_utils import encodeutils
|
|
|
|
from senlin.common import context
|
|
from senlin.common import exception
|
|
from senlin.common import wsgi
|
|
|
|
|
|
class ContextMiddleware(wsgi.Middleware):
|
|
|
|
def process_request(self, req):
|
|
'''Build context from authentication info extracted from request.'''
|
|
|
|
headers = req.headers
|
|
environ = req.environ
|
|
try:
|
|
auth_url = headers.get('X-Auth-Url')
|
|
if not auth_url:
|
|
# Use auth_url defined in senlin.conf
|
|
auth_url = cfg.CONF.authentication.auth_url
|
|
|
|
auth_token = headers.get('X-Auth-Token')
|
|
auth_token_info = environ.get('keystone.token_info')
|
|
|
|
project = headers.get('X-Project-Id')
|
|
project_name = headers.get('X-Project-Name')
|
|
project_domain = headers.get('X-Project-Domain-Id')
|
|
project_domain_name = headers.get('X-Project-Domain-Name')
|
|
|
|
user = headers.get('X-User-Id')
|
|
user_name = headers.get('X-User-Name')
|
|
user_domain = headers.get('X-User-Domain-Id')
|
|
user_domain_name = headers.get('X-User-Domain-Name')
|
|
|
|
domain = headers.get('X-Domain-Id')
|
|
domain_name = headers.get('X-Domain-Name')
|
|
|
|
region_name = headers.get('X-Region-Name')
|
|
|
|
roles = headers.get('X-Roles')
|
|
if roles is not None:
|
|
roles = roles.split(',')
|
|
|
|
env_req_id = environ.get(oslo_request_id.ENV_REQUEST_ID)
|
|
if env_req_id is None:
|
|
request_id = None
|
|
else:
|
|
request_id = encodeutils.safe_decode(env_req_id)
|
|
|
|
except Exception:
|
|
raise exception.NotAuthenticated()
|
|
|
|
req.context = context.RequestContext(
|
|
auth_token=auth_token,
|
|
user=user,
|
|
project=project,
|
|
domain=domain,
|
|
user_domain=user_domain,
|
|
project_domain=project_domain,
|
|
request_id=request_id,
|
|
auth_url=auth_url,
|
|
user_name=user_name,
|
|
project_name=project_name,
|
|
domain_name=domain_name,
|
|
user_domain_name=user_domain_name,
|
|
project_domain_name=project_domain_name,
|
|
auth_token_info=auth_token_info,
|
|
region_name=region_name,
|
|
roles=roles)
|