68 lines
2.4 KiB
Python
68 lines
2.4 KiB
Python
# Copyright 2015 United States Government as represented by the
|
|
# Administrator of the National Aeronautics and Space Administration.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
from keystoneclient.client import Client as KeystoneClient
|
|
from oauth2client.client import AccessTokenCredentials
|
|
from oauth2client.client import GoogleCredentials
|
|
|
|
|
|
class CredentialsProvider(object):
|
|
def __init__(self, supp):
|
|
self._supp = supp
|
|
|
|
def _trace(self, msg):
|
|
self._supp.trace(msg)
|
|
|
|
def _get_app_credentials(self):
|
|
self._trace('Create GoogleCredentials from default app file')
|
|
return GoogleCredentials.get_application_default()
|
|
|
|
def _get_token_crenetials(self):
|
|
client = self._create_keystone_client()
|
|
token = client.auth_token
|
|
self._trace('Created token {}'.format(token))
|
|
return AccessTokenCredentials(access_token=token,
|
|
user_agent='GCE test')
|
|
|
|
def _create_keystone_client(self):
|
|
cfg = self._supp.cfg
|
|
auth_data = {
|
|
'username': cfg.username,
|
|
'password': cfg.password,
|
|
'tenant_name': cfg.project_id,
|
|
'auth_url': cfg.auth_url
|
|
}
|
|
self._trace('Create keystone client, auth_data={}'.format(auth_data))
|
|
client = KeystoneClient(**auth_data)
|
|
if not client.authenticate():
|
|
raise Exception('Failed to authenticate user')
|
|
return client
|
|
|
|
@property
|
|
def keystone_client(self):
|
|
return self._create_keystone_client()
|
|
|
|
@property
|
|
def credentials(self):
|
|
cred_type = self._supp.cfg.cred_type
|
|
if cred_type == 'os_token':
|
|
return self._get_token_crenetials()
|
|
elif cred_type == 'gcloud_auth':
|
|
return self._get_app_credentials()
|
|
else:
|
|
raise Exception('Unknown cred_type {}'.format(cred_type))
|