occi-api 4.0.0.alpha.1 → 4.0.0.alpha.2

data/lib/occi-api.rb

@@ -8,7 +8,6 @@ module Occi::Api; end
 require 'occi/api/version'
 require 'occi/api/client/client_base'
 require 'occi/api/client/errors'
-require 'occi/api/client/http/authn_plugins'
 require 'occi/api/client/client_http'
 require 'occi/api/client/client_amqp'
 require 'occi/api/dsl'

data/lib/occi/api/client/client_base.rb

@@ -196,17 +196,15 @@ module Occi
         # @param [String] resource name or resource identifier
         # @return [Occi::Core::Resource] new resource instance
         def get_resource(resource_type)
-
           Occi::Log.debug("Instantiating #{resource_type} ...")
 
-          type_id = nil
-          if @model.get_by_id resource_type
+          type_id = if @model.get_by_id resource_type
             # we got a resource type identifier
-            type_id = resource_type
+            resource_type
           else
             # we got a resource type name
             type_ids = @model.kinds.select { |kind| kind.term == resource_type }
-            type_id = type_ids.first.type_identifier if type_ids.any?
+            type_ids.first.type_identifier if type_ids.any?
           end
 
           raise "Unknown resource type! [#{resource_type}]" unless type_id
@@ -320,97 +318,72 @@ module Occi
         # @param [Boolean] should we describe the mixin or return its link?
         # @return [String, Occi::Collection, nil] link, mixin description or nothing found
         def find_mixin(name, type = nil, describe = false)
-
           Occi::Log.debug("Looking for mixin #{name} + #{type} + #{describe}")
-
-          # is type valid?
           raise "Unknown mixin type! [#{type}]" if type && !@mixins.has_key?(type.to_sym)
 
           # TODO: extend this code to support multiple matches and regex filters
           # should we look for links or descriptions?
-          if describe
-            # we are looking for descriptions
-            find_mixin_describe name, type
-          else
-            # we are looking for links
-            find_mixin_list name, type
-          end
+          describe ? describe_mixin(name, type) : list_mixin(name, type)
         end
 
         # Looks up a mixin using its name and, optionally, a type as well.
         # Will return mixin's full description.
         #
         # @example
-        #    client.find_mixin "debian6"
+        #    client.describe_mixin "debian6"
         #     # => #<Occi::Collection>
-        #    client.find_mixin "debian6", "os_tpl"
+        #    client.describe_mixin "debian6", "os_tpl"
         #     # => #<Occi::Collection>
-        #    client.find_mixin "large", "resource_tpl"
+        #    client.describe_mixin "large", "resource_tpl"
         #     # => #<Occi::Collection>
-        #    client.find_mixin "debian6", "resource_tpl" # => nil
+        #    client.describe_mixin "debian6", "resource_tpl" # => nil
         #
         # @param [String] name of the mixin
         # @param [String] type of the mixin
         # @return [Occi::Collection, nil] mixin description or nothing found
-        def find_mixin_describe(name, type = nil)
-          found_ary = []
-
-          if type
-            # get the first match from either os_tpls or resource_tpls
-            case type
-            when "os_tpl"
-              found_ary = get_os_templates.select { |mixin| mixin.term == name }
-            when "resource_tpl"
-              found_ary = get_resource_templates.select { |template| template.term == name }
-            else
-              # TODO: should raise an Error?
-            end
-          else
-            # try in os_tpls first
-            found_ary = get_os_templates.select { |os| os.term == name }
+        def describe_mixin(name, type = nil)
+          found_ary = type ? describe_mixin_w_type(name, type) : describe_mixin_wo_type(name)
+          found_ary.any? ? found_ary.first : nil
+        end
 
-            # then try in resource_tpls
+        #
+        #
+        #
+        def describe_mixin_w_type(name, type)
+          return unless %w( os_tpl resource_tpl ).include? type.to_s
+          send("get_#{type.to_s}s".to_sym).select { |mixin| mixin.term == name }
+        end
 
-            found_ary = get_resource_templates.select {
-              |template| template.term == name
-            } unless found_ary.any?
+        #
+        #
+        #
+        def describe_mixin_wo_type(name)
+          %w( os_tpl resource_tpl ).each do |type|
+            found = send("get_#{type}s".to_sym).select { |mixin| mixin.term == name }
+            return found if found.any?
           end
 
-          found_ary.any? ? found_ary.first : nil
+          []
         end
 
         # Looks up a mixin using its name and, optionally, a type as well.
         # Will return mixin's full location.
         #
         # @example
-        #    client.find_mixin "debian6"
+        #    client.list_mixin "debian6"
         #     # => "http://my.occi.service/occi/infrastructure/os_tpl#debian6"
-        #    client.find_mixin "debian6", "os_tpl"
+        #    client.list_mixin "debian6", "os_tpl"
         #     # => "http://my.occi.service/occi/infrastructure/os_tpl#debian6"
-        #    client.find_mixin "large", "resource_tpl"
+        #    client.list_mixin "large", "resource_tpl"
         #     # => "http://my.occi.service/occi/infrastructure/resource_tpl#large"
-        #    client.find_mixin "debian6", "resource_tpl" # => nil
+        #    client.list_mixin "debian6", "resource_tpl" # => nil
         #
         # @param [String] name of the mixin
         # @param [String] type of the mixin
         # @return [String, nil] link or nothing found
-        def find_mixin_list(name, type = nil)
-          # prefix mixin name with '#' to simplify the search
-          mxns = []
-          name_rev = "##{name}".reverse
-
-          if type
-            # return the first match with the selected type
-            mxns = @mixins[type.to_sym].select {
-              |mixin| mixin.to_s.reverse.start_with? name_rev
-            }
-          else
-            # there is no type preference, return first global match
-            mxns = @mixins.flatten(2).select {
-              |mixin| mixin.to_s.reverse.start_with? name_rev
-            }
-          end
-
+        def list_mixin(name, type = nil)
+          mxns = type ? @mixins[type.to_sym] : @mixins.flatten(2)
+          mxns = mxns.select { |mixin| mixin.to_s.reverse.start_with? "##{name}".reverse }
           mxns.any? ? mxns.first : nil
         end
 
@@ -433,18 +406,11 @@ module Occi
           if type
             # is type valid?
             raise "Unknown mixin type! #{type}" unless @mixins.has_key? type.to_sym
-
-            # return mixin of the selected type
             @mixins[type.to_sym]
           else
             # we did not get a type, return all mixins
             mixins = []
-
-            # flatten the hash and remove its keys
-            get_mixin_types.each do |ltype|
-              mixins.concat @mixins[ltype.to_sym]
-            end
-
+            get_mixin_types.each { |ltype| mixins.concat @mixins[ltype.to_sym] }
             mixins
           end
         end
@@ -472,7 +438,7 @@ module Occi
           identifiers = []
 
           get_mixin_types.each do |mixin_type|
-            identifiers << 'http://schemas.ogf.org/occi/infrastructure#' + mixin_type
+            identifiers << "http://schemas.ogf.org/occi/infrastructure##{mixin_type}"
           end
 
           identifiers
@@ -487,6 +453,7 @@ module Occi
         def get_os_templates
           @model.get.mixins.select { |mixin| mixin.related.select { |rel| rel.end_with? 'os_tpl' }.any? }
         end
+        alias_method :get_os_tpls, :get_os_templates
 
         # Retrieves available resource_tpls from the model.
         #
@@ -497,6 +464,7 @@ module Occi
         def get_resource_templates
           @model.get.mixins.select { |mixin| mixin.related.select { |rel| rel.end_with? 'resource_tpl' }.any? }
         end
+        alias_method :get_resource_tpls, :get_resource_templates
 
         # Creates a link of a specified kind and binds it to the given resource.
         #
@@ -611,7 +579,7 @@ module Occi
         #
         # @param [Hash] logger options
         def set_logger(log_options)
-          if log_options[:logger].nil? || (not log_options[:logger].kind_of? Occi::Log)
+          unless log_options[:logger] && log_options[:logger].kind_of?(Occi::Log)
             @logger = Occi::Log.new(log_options[:out])
             @logger.level = log_options[:level]
           end
@@ -626,7 +594,7 @@ module Occi
         # @param [String] endpoint URI in a non-canonical string
         # @return [String] canonical endpoint URI in a string, with a trailing slash
         def set_endpoint(endpoint)
-          raise 'Endpoint not a valid URI' if (endpoint =~ URI::ABS_URI).nil?
+          raise 'Endpoint not a valid URI' unless (endpoint =~ URI::ABS_URI)
           @endpoint = endpoint.chomp('/') + '/'
         end
 
@@ -644,7 +612,7 @@ module Occi
 
           @mixins = {
             :os_tpl => get_os_tpl_mixins_ary,
-            :resource_tpl => get_res_tpl_mixins_ary
+            :resource_tpl => get_resource_tpl_mixins_ary
           }
 
           @model
@@ -654,32 +622,30 @@ module Occi
         #
         #
         def get_os_tpl_mixins_ary
-          os_tpls = []
-
-          get_os_templates.each do |os_tpl|
-            unless os_tpl.nil? || os_tpl.type_identifier.nil?
-              tid = os_tpl.type_identifier.strip
-              os_tpls << tid unless tid.empty?
-            end
-          end
+          get_mixins_ary(:os_tpl)
+        end
 
-          os_tpls
+        #
+        #
+        #
+        def get_resource_tpl_mixins_ary
+          get_mixins_ary(:resource_tpl)
         end
 
         #
         #
         #
-        def get_res_tpl_mixins_ary
-          res_tpls = []
+        def get_mixins_ary(mixin_type)
+          mixins = []
+
+          send("get_#{mixin_type.to_s}s".to_sym).each do |mixin|
+            next if mixin.nil? || mixin.type_identifier.nil?
 
-          get_resource_templates.each do |res_tpl|
-            unless res_tpl.nil? || res_tpl.type_identifier.nil?
-              tid = res_tpl.type_identifier.strip
-              res_tpls << tid unless tid.empty?
-            end
+            tid = mixin.type_identifier.strip
+            mixins << tid unless tid.empty?
           end
 
-          res_tpls
+          mixins
         end
 
       end

data/lib/occi/api/client/client_http.rb

@@ -2,7 +2,8 @@ require 'httparty'
 
 require 'occi/api/client/http/net_http_fix'
 require 'occi/api/client/http/httparty_fix'
-require 'occi/api/client/http/authn_utils'
+require 'occi/api/client/authn_utils'
+require 'occi/api/client/http/authn_plugins'
 
 module Occi
   module Api
@@ -323,7 +324,9 @@ module Occi
             entity_type = Occi::Core::Link if kind.related_to? Occi::Core::Link
           end
 
-          Occi::Log.debug "Parser call: #{response.content_type} #{entity_type} #{path.include?('-/')}"
+          entity_type = Occi::Core::Resource unless entity_type
+
+          Occi::Log.debug "Parser call: #{response.content_type} #{path.include?('-/')} #{entity_type} #{response.headers.inspect}"
           collection = Occi::Parser.parse(response.content_type, response.body, path.include?('-/'), entity_type, response.headers)
 
           Occi::Log.debug "Parsed collection: empty? #{collection.empty?}"
@@ -378,7 +381,13 @@ module Occi
               collection.resources.first.location if collection.resources.first
             end
           when 201
-            Occi::Parser.locations(response.header["content-type"].split(";").first, response.body, response.headers).first
+            # TODO: OCCI-OS hack, look for header Location instead of uri-list
+            # This should be probably implemented in Occi::Parser.locations
+            if response.header['location']
+              response.header['location']
+            else
+              Occi::Parser.locations(response.header["content-type"].split(";").first, response.body, response.header).first
+            end
           else
             raise "HTTP POST failed! #{response_msg}"
           end
@@ -481,6 +490,7 @@ module Occi
             Occi::Log.debug e.message
 
             if @authn_plugin.fallbacks.any?
+              # TODO: multiple fallbacks
               @auth_options[:original_type] = @auth_options[:type]
               @auth_options[:type] = @authn_plugin.fallbacks.first
 

data/lib/occi/api/client/http/authn_plugins/base.rb

@@ -16,7 +16,7 @@ module Occi::Api::Client
         def setup(options = {}); end
 
         def authenticate(options = {})
-          response = @env_ref.class.head @env_ref.endpoint
+          response = @env_ref.class.head "#{@env_ref.endpoint}-/"
           raise ::Occi::Api::Client::Errors::AuthnError, "Authentication failed with code #{response.code.to_s}!" unless response.success?
         end
 

data/lib/occi/api/client/http/authn_plugins/keystone.rb

@@ -5,25 +5,50 @@ module Occi::Api::Client
       class Keystone < Base
 
         def setup(options = {})
-          response = @env_ref.class.head @env_ref.endpoint
+          # get Keystone URL if possible, get unscoped token
+          set_keystone_base_url
+          set_auth_token
+
+          # use unscoped token for tenant discovery, get scoped token
+          tenant = get_prefered_tenant
+          set_auth_token(tenant)
+        end
+
+        def authenticate(options = {})
+          # OCCI-OS doesn't support HEAD method!
+          response = @env_ref.class.get "#{@env_ref.endpoint}-/"
+          raise ::Occi::Api::Client::Errors::AuthnError, "Authentication failed with code #{response.code.to_s}!" unless response.success?
+        end
+
+        private
+
+        def set_keystone_base_url
+          response = @env_ref.class.head "#{@env_ref.endpoint}-/"
           Occi::Log.debug response.inspect
 
           return if response.success?
           raise ::Occi::Api::Client::Errors::AuthnError, "Keystone AuthN failed with #{response.code.to_s}!" unless response.code == 401
 
           unless response.headers['www-authenticate'] && response.headers['www-authenticate'].start_with?('Keystone')
-            raise ::Occi::Api::Client::Errors::AuthnError, "Target endpoint is probably not OpenStack!"
+            raise ::Occi::Api::Client::Errors::AuthnError, "Target endpoint is probably not OpenStack, fallback failed!"
           end
 
-          keystone_uri = /^Keystone uri='(.+)'$/.match(response.headers['www-authenticate'])[1]
+          @keystone_url = /^Keystone uri='(.+)'$/.match(response.headers['www-authenticate'])[1]
+          raise ::Occi::Api::Client::Errors::AuthnError, "Unable to get Keystone's URL from the response!" unless @keystone_url
 
-          raise ::Occi::Api::Client::Errors::AuthnError, "Unable to get Keystone's URL from the response!" unless keystone_uri
+          @keystone_url = @keystone_url.chomp('/')
+        end
 
+        def set_auth_token(tenant = nil)
           headers = @env_ref.class.headers.clone
           headers['Content-Type'] = "application/json"
           headers['Accept'] = headers['Content-Type']
 
-          response = @env_ref.class.post(keystone_uri + "/v2.0/tokens", :body => get_keystone_req, :headers => headers)
+          response = @env_ref.class.post(
+            "#{@keystone_url}/v2.0/tokens",
+            :body => get_keystone_req(tenant),
+            :headers => headers
+          )
           Occi::Log.debug response.inspect
 
           if response.success?
@@ -33,9 +58,7 @@ module Occi::Api::Client
           end
         end
 
-        private
-
-        def get_keystone_req(json = true)
+        def get_keystone_req(tenant = nil)
           if @options[:original_type] == "x509"
             body = { "auth" => { "voms" => true } }
           elsif @options[:username] && @options[:password]
@@ -51,7 +74,27 @@ module Occi::Api::Client
             raise ::Occi::Api::Client::Errors::AuthnError, "Unable to request a token from Keystone! Chosen AuthN not supported."
           end
 
-          json ? body.to_json : body
+          body['auth']['tenantName'] = tenant if tenant && !tenant.empty?
+          body.to_json
+        end
+
+        def get_prefered_tenant(match = nil)
+          headers = @env_ref.class.headers.clone
+          headers['Content-Type'] = "application/json"
+          headers['Accept'] = headers['Content-Type']
+
+          response = @env_ref.class.get(
+            "#{@keystone_url}/v2.0/tenants",
+            :headers => headers
+          )
+          Occi::Log.debug response.inspect
+
+          # TODO: impl match with regexp in case of multiple tenants?
+          raise ::Occi::Api::Client::Errors::AuthnError, "Keystone didn't return any tenants!" unless response['tenants'] && response['tenants'].first
+          tenant = response['tenants'].first['name'] if response.success?
+          raise ::Occi::Api::Client::Errors::AuthnError, "Unable to get a tenant from Keystone!" unless tenant
+
+          tenant
         end
 
       end

data/lib/occi/api/client/http/httparty_fix.rb

@@ -3,44 +3,20 @@ module HTTParty
 
     private
 
-    def attach_ssl_certificates(http, options)
-      if http.use_ssl?
-        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-
-        # Client certificate authentication
-        if options[:pem]
-          http.cert = OpenSSL::X509::Certificate.new(options[:pem])
-          http.key = OpenSSL::PKey::RSA.new(options[:pem], options[:pem_password])
-          http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        end
-
-        # Set chain of client certificates
-        if options[:ssl_extra_chain_cert]
-          http.extra_chain_cert = []
-
-          options[:ssl_extra_chain_cert].each do |p_ca|
-            http.extra_chain_cert << OpenSSL::X509::Certificate.new(p_ca)
-          end
-        end
+    alias_method :old_attach_ssl_certificates, :attach_ssl_certificates
 
-        # SSL certificate authority file and/or directory
-        if options[:ssl_ca_file]
-          http.ca_file = options[:ssl_ca_file]
-          http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        end
+    def attach_ssl_certificates(http, options)
+      old_attach_ssl_certificates(http, options)
 
-        if options[:ssl_ca_path]
-          http.ca_path = options[:ssl_ca_path]
-          http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        end
+      # Set chain of client certificates
+      if options[:ssl_extra_chain_cert]
+        http.extra_chain_cert = []
 
-        # This is only Ruby 1.9+
-        if options[:ssl_version] && http.respond_to?(:ssl_version=)
-          http.ssl_version = options[:ssl_version]
+        options[:ssl_extra_chain_cert].each do |p_ca|
+          http.extra_chain_cert << OpenSSL::X509::Certificate.new(p_ca)
         end
       end
     end
-
   end
 
   module ClassMethods