occi-api 4.2.5 → 4.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/occi/api/client/http/authn_plugins/keystone.rb +36 -24
- data/lib/occi/api/version.rb +1 -1
- data/occi-api.gemspec +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a33443d89ab0c83183170cd0876da0c9af576c64
|
|
4
|
+
data.tar.gz: 9da580054d01f0c6e007ceabc1b9266e0673324d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a039a1a18bcc7e42736f158b4259f7dd14a976ebdf56b137e19454abbc5b469bf01d05cb0b4bafa717d82e3838950305cd28ce018a5f6bbc9d42e095731f1e76
|
|
7
|
+
data.tar.gz: 573576b99c9d4ddca4e1b0d5a6e1d1dc4b96e20f04f9550ee9e391290a346792e5102df995aac2434edbc7a0e4af9251ceacaa68a403fe2ab6a015a825bbbdd5
|
|
@@ -7,13 +7,18 @@ module Occi::Api::Client
|
|
|
7
7
|
KEYSTONE_URI_REGEXP = /^(Keystone|snf-auth) uri='(.+)'$/
|
|
8
8
|
|
|
9
9
|
def setup(options = {})
|
|
10
|
-
# get Keystone URL if possible
|
|
10
|
+
# get Keystone URL if possible
|
|
11
11
|
set_keystone_base_url
|
|
12
|
+
|
|
13
|
+
# get an un-scoped token
|
|
12
14
|
set_auth_token
|
|
13
15
|
|
|
14
|
-
# use
|
|
15
|
-
|
|
16
|
-
|
|
16
|
+
# use the un-scoped token for tenant discovery
|
|
17
|
+
# and get a scoped token
|
|
18
|
+
get_prefered_tenant
|
|
19
|
+
|
|
20
|
+
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
21
|
+
"Unable to get a tenant from Keystone, fallback failed!" if @env_ref.class.headers['X-Auth-Token'].blank?
|
|
17
22
|
end
|
|
18
23
|
|
|
19
24
|
def authenticate(options = {})
|
|
@@ -46,20 +51,16 @@ module Occi::Api::Client
|
|
|
46
51
|
|
|
47
52
|
match = KEYSTONE_URI_REGEXP.match(authN_header)
|
|
48
53
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
49
|
-
"Unable to get Keystone's URL from the response!" unless match && match[2]
|
|
54
|
+
"Unable to get Keystone's URL from the response, fallback failed!" unless match && match[2]
|
|
50
55
|
|
|
51
56
|
@keystone_url = match[2].chomp('/').chomp('/v2.0')
|
|
52
57
|
end
|
|
53
58
|
|
|
54
59
|
def set_auth_token(tenant = nil)
|
|
55
|
-
headers = @env_ref.class.headers.clone
|
|
56
|
-
headers['Content-Type'] = "application/json"
|
|
57
|
-
headers['Accept'] = headers['Content-Type']
|
|
58
|
-
|
|
59
60
|
response = @env_ref.class.post(
|
|
60
61
|
"#{@keystone_url}/v2.0/tokens",
|
|
61
62
|
:body => get_keystone_req(tenant),
|
|
62
|
-
:headers =>
|
|
63
|
+
:headers => get_req_headers
|
|
63
64
|
)
|
|
64
65
|
Occi::Api::Log.debug response.inspect
|
|
65
66
|
|
|
@@ -67,7 +68,7 @@ module Occi::Api::Client
|
|
|
67
68
|
@env_ref.class.headers['X-Auth-Token'] = response['access']['token']['id']
|
|
68
69
|
else
|
|
69
70
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
70
|
-
"Unable to get a token from Keystone!"
|
|
71
|
+
"Unable to get a token from Keystone, fallback failed!"
|
|
71
72
|
end
|
|
72
73
|
end
|
|
73
74
|
|
|
@@ -85,32 +86,43 @@ module Occi::Api::Client
|
|
|
85
86
|
}
|
|
86
87
|
else
|
|
87
88
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
88
|
-
"Unable to request a token from Keystone! Chosen
|
|
89
|
+
"Unable to request a token from Keystone! Chosen " \
|
|
90
|
+
"AuthN is not supported, fallback failed!"
|
|
89
91
|
end
|
|
90
92
|
|
|
91
|
-
body['auth']['tenantName'] = tenant
|
|
93
|
+
body['auth']['tenantName'] = tenant unless tenant.blank?
|
|
92
94
|
body.to_json
|
|
93
95
|
end
|
|
94
96
|
|
|
95
97
|
def get_prefered_tenant(match = nil)
|
|
96
|
-
headers = @env_ref.class.headers.clone
|
|
97
|
-
headers['Content-Type'] = "application/json"
|
|
98
|
-
headers['Accept'] = headers['Content-Type']
|
|
99
|
-
|
|
100
98
|
response = @env_ref.class.get(
|
|
101
99
|
"#{@keystone_url}/v2.0/tenants",
|
|
102
|
-
:headers =>
|
|
100
|
+
:headers => get_req_headers
|
|
103
101
|
)
|
|
104
102
|
Occi::Api::Log.debug response.inspect
|
|
105
103
|
|
|
106
|
-
# TODO: impl match with regexp in case of multiple tenants?
|
|
107
|
-
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
108
|
-
"Keystone didn't return any tenants!" unless response['tenants'] && response['tenants'].first
|
|
109
|
-
tenant = response['tenants'].first['name'] if response.success?
|
|
110
104
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
|
111
|
-
"
|
|
105
|
+
"Keystone didn't return any tenants, fallback failed!" if response['tenants'].blank?
|
|
106
|
+
|
|
107
|
+
response['tenants'].each do |tenant|
|
|
108
|
+
begin
|
|
109
|
+
Occi::Api::Log.debug "Authenticating for tenant #{tenant['name'].inspect}"
|
|
110
|
+
set_auth_token(tenant['name'])
|
|
111
|
+
|
|
112
|
+
# found a working tenant, stop looking
|
|
113
|
+
break
|
|
114
|
+
rescue ::Occi::Api::Client::Errors::AuthnError
|
|
115
|
+
# ignoring and trying the next tenant
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
def get_req_headers
|
|
121
|
+
headers = @env_ref.class.headers.clone
|
|
122
|
+
headers['Content-Type'] = "application/json"
|
|
123
|
+
headers['Accept'] = headers['Content-Type']
|
|
112
124
|
|
|
113
|
-
|
|
125
|
+
headers
|
|
114
126
|
end
|
|
115
127
|
|
|
116
128
|
end
|
data/lib/occi/api/version.rb
CHANGED
data/occi-api.gemspec
CHANGED
|
@@ -18,7 +18,7 @@ Gem::Specification.new do |gem|
|
|
|
18
18
|
gem.test_files = `git ls-files -- {test,spec}/*`.split("\n")
|
|
19
19
|
gem.require_paths = ["lib"]
|
|
20
20
|
|
|
21
|
-
gem.add_dependency 'occi-core', '~> 4.2.
|
|
21
|
+
gem.add_dependency 'occi-core', '~> 4.2.16'
|
|
22
22
|
gem.add_dependency 'httparty'
|
|
23
23
|
gem.add_dependency 'json'
|
|
24
24
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: occi-api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.2.
|
|
4
|
+
version: 4.2.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Florian Feldhaus
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2014-
|
|
13
|
+
date: 2014-08-14 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: occi-core
|
|
@@ -18,14 +18,14 @@ dependencies:
|
|
|
18
18
|
requirements:
|
|
19
19
|
- - ~>
|
|
20
20
|
- !ruby/object:Gem::Version
|
|
21
|
-
version: 4.2.
|
|
21
|
+
version: 4.2.16
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
25
25
|
requirements:
|
|
26
26
|
- - ~>
|
|
27
27
|
- !ruby/object:Gem::Version
|
|
28
|
-
version: 4.2.
|
|
28
|
+
version: 4.2.16
|
|
29
29
|
- !ruby/object:Gem::Dependency
|
|
30
30
|
name: httparty
|
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|