occi-api 4.2.5 → 4.2.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/occi/api/client/http/authn_plugins/keystone.rb +36 -24
- data/lib/occi/api/version.rb +1 -1
- data/occi-api.gemspec +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a33443d89ab0c83183170cd0876da0c9af576c64
|
|
4
|
+
data.tar.gz: 9da580054d01f0c6e007ceabc1b9266e0673324d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a039a1a18bcc7e42736f158b4259f7dd14a976ebdf56b137e19454abbc5b469bf01d05cb0b4bafa717d82e3838950305cd28ce018a5f6bbc9d42e095731f1e76
|
|
7
|
+
data.tar.gz: 573576b99c9d4ddca4e1b0d5a6e1d1dc4b96e20f04f9550ee9e391290a346792e5102df995aac2434edbc7a0e4af9251ceacaa68a403fe2ab6a015a825bbbdd5
|
|
@@ -7,13 +7,18 @@ module Occi::Api::Client
|
|
|
7
7
|
KEYSTONE_URI_REGEXP = /^(Keystone|snf-auth) uri='(.+)'$/
|
|
8
8
|
|
|
9
9
|
def setup(options = {})
|
|
10
|
-
# get Keystone URL if possible
|
|
10
|
+
# get Keystone URL if possible
|
|
11
11
|
set_keystone_base_url
|
|
12
|
+
|
|
13
|
+
# get an un-scoped token
|
|
12
14
|
set_auth_token
|
|
13
15
|
|
|
14
|
-
# use
|
|
15
|
-
|
|
16
|
-
|
|
16
|
+
# use the un-scoped token for tenant discovery
|
|
17
|
+
# and get a scoped token
|
|
18
|
+
get_prefered_tenant
|
|
19
|
+
|
|
20
|
+
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
21
|
+
"Unable to get a tenant from Keystone, fallback failed!" if @env_ref.class.headers['X-Auth-Token'].blank?
|
|
17
22
|
end
|
|
18
23
|
|
|
19
24
|
def authenticate(options = {})
|
|
@@ -46,20 +51,16 @@ module Occi::Api::Client
|
|
|
46
51
|
|
|
47
52
|
match = KEYSTONE_URI_REGEXP.match(authN_header)
|
|
48
53
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
49
|
-
"Unable to get Keystone's URL from the response!" unless match && match[2]
|
|
54
|
+
"Unable to get Keystone's URL from the response, fallback failed!" unless match && match[2]
|
|
50
55
|
|
|
51
56
|
@keystone_url = match[2].chomp('/').chomp('/v2.0')
|
|
52
57
|
end
|
|
53
58
|
|
|
54
59
|
def set_auth_token(tenant = nil)
|
|
55
|
-
headers = @env_ref.class.headers.clone
|
|
56
|
-
headers['Content-Type'] = "application/json"
|
|
57
|
-
headers['Accept'] = headers['Content-Type']
|
|
58
|
-
|
|
59
60
|
response = @env_ref.class.post(
|
|
60
61
|
"#{@keystone_url}/v2.0/tokens",
|
|
61
62
|
:body => get_keystone_req(tenant),
|
|
62
|
-
:headers =>
|
|
63
|
+
:headers => get_req_headers
|
|
63
64
|
)
|
|
64
65
|
Occi::Api::Log.debug response.inspect
|
|
65
66
|
|
|
@@ -67,7 +68,7 @@ module Occi::Api::Client
|
|
|
67
68
|
@env_ref.class.headers['X-Auth-Token'] = response['access']['token']['id']
|
|
68
69
|
else
|
|
69
70
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
70
|
-
"Unable to get a token from Keystone!"
|
|
71
|
+
"Unable to get a token from Keystone, fallback failed!"
|
|
71
72
|
end
|
|
72
73
|
end
|
|
73
74
|
|
|
@@ -85,32 +86,43 @@ module Occi::Api::Client
|
|
|
85
86
|
}
|
|
86
87
|
else
|
|
87
88
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
88
|
-
"Unable to request a token from Keystone! Chosen
|
|
89
|
+
"Unable to request a token from Keystone! Chosen " \
|
|
90
|
+
"AuthN is not supported, fallback failed!"
|
|
89
91
|
end
|
|
90
92
|
|
|
91
|
-
body['auth']['tenantName'] = tenant
|
|
93
|
+
body['auth']['tenantName'] = tenant unless tenant.blank?
|
|
92
94
|
body.to_json
|
|
93
95
|
end
|
|
94
96
|
|
|
95
97
|
def get_prefered_tenant(match = nil)
|
|
96
|
-
headers = @env_ref.class.headers.clone
|
|
97
|
-
headers['Content-Type'] = "application/json"
|
|
98
|
-
headers['Accept'] = headers['Content-Type']
|
|
99
|
-
|
|
100
98
|
response = @env_ref.class.get(
|
|
101
99
|
"#{@keystone_url}/v2.0/tenants",
|
|
102
|
-
:headers =>
|
|
100
|
+
:headers => get_req_headers
|
|
103
101
|
)
|
|
104
102
|
Occi::Api::Log.debug response.inspect
|
|
105
103
|
|
|
106
|
-
# TODO: impl match with regexp in case of multiple tenants?
|
|
107
|
-
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
108
|
-
"Keystone didn't return any tenants!" unless response['tenants'] && response['tenants'].first
|
|
109
|
-
tenant = response['tenants'].first['name'] if response.success?
|
|
110
104
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
111
|
-
"
|
|
105
|
+
"Keystone didn't return any tenants, fallback failed!" if response['tenants'].blank?
|
|
106
|
+
|
|
107
|
+
response['tenants'].each do |tenant|
|
|
108
|
+
begin
|
|
109
|
+
Occi::Api::Log.debug "Authenticating for tenant #{tenant['name'].inspect}"
|
|
110
|
+
set_auth_token(tenant['name'])
|
|
111
|
+
|
|
112
|
+
# found a working tenant, stop looking
|
|
113
|
+
break
|
|
114
|
+
rescue ::Occi::Api::Client::Errors::AuthnError
|
|
115
|
+
# ignoring and trying the next tenant
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
def get_req_headers
|
|
121
|
+
headers = @env_ref.class.headers.clone
|
|
122
|
+
headers['Content-Type'] = "application/json"
|
|
123
|
+
headers['Accept'] = headers['Content-Type']
|
|
112
124
|
|
|
113
|
-
|
|
125
|
+
headers
|
|
114
126
|
end
|
|
115
127
|
|
|
116
128
|
end
|
data/lib/occi/api/version.rb
CHANGED
data/occi-api.gemspec
CHANGED
|
@@ -18,7 +18,7 @@ Gem::Specification.new do |gem|
|
|
|
18
18
|
gem.test_files = `git ls-files -- {test,spec}/*`.split("\n")
|
|
19
19
|
gem.require_paths = ["lib"]
|
|
20
20
|
|
|
21
|
-
gem.add_dependency 'occi-core', '~> 4.2.
|
|
21
|
+
gem.add_dependency 'occi-core', '~> 4.2.16'
|
|
22
22
|
gem.add_dependency 'httparty'
|
|
23
23
|
gem.add_dependency 'json'
|
|
24
24
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: occi-api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.2.
|
|
4
|
+
version: 4.2.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Florian Feldhaus
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2014-
|
|
13
|
+
date: 2014-08-14 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: occi-core
|
|
@@ -18,14 +18,14 @@ dependencies:
|
|
|
18
18
|
requirements:
|
|
19
19
|
- - ~>
|
|
20
20
|
- !ruby/object:Gem::Version
|
|
21
|
-
version: 4.2.
|
|
21
|
+
version: 4.2.16
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
25
25
|
requirements:
|
|
26
26
|
- - ~>
|
|
27
27
|
- !ruby/object:Gem::Version
|
|
28
|
-
version: 4.2.
|
|
28
|
+
version: 4.2.16
|
|
29
29
|
- !ruby/object:Gem::Dependency
|
|
30
30
|
name: httparty
|
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|