occi-api 4.3.13 → 4.3.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/occi/api/client/http/authn_plugins/keystone.rb +51 -22
- data/lib/occi/api/client/http/helpers.rb +2 -0
- data/lib/occi/api/version.rb +1 -1
- data/occi-api.gemspec +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fce814d6c2a7c043db73c5541ea5c70b5fd2e288
|
4
|
+
data.tar.gz: bc4d4c17d48337edf1cedaa721ca77d99ba17931
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0c0b46c1a5c0b70e73155194e663d75a43d2d3383d1d4b970398ac861b4b5559fb8e53425c7efe1b696e81465b7940b1b14313ad9eb6d80f5dad8a83b6685f6e
|
7
|
+
data.tar.gz: 2d5242472689a59d10574c7228151abfc538a234f8c0e70530a2f0e9aed91f38410c6172f7e8d07a8b056adce276d4beb4037f10f93e0a68802e0191e7413030
|
@@ -13,7 +13,10 @@ module Occi::Api::Client
|
|
13
13
|
|
14
14
|
# discover Keystone API version
|
15
15
|
@env_ref.class.headers.delete 'X-Auth-Token'
|
16
|
-
|
16
|
+
if @options[:type] == 'oauth2'
|
17
|
+
keystone_version = 3
|
18
|
+
end
|
19
|
+
set_auth_token ENV['ROCCI_CLIENT_KEYSTONE_TENANT'], keystone_version
|
17
20
|
|
18
21
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
19
22
|
"Unable to get a tenant from Keystone, fallback failed!" if @env_ref.class.headers['X-Auth-Token'].blank?
|
@@ -54,14 +57,14 @@ module Occi::Api::Client
|
|
54
57
|
@keystone_url = match[3]
|
55
58
|
end
|
56
59
|
|
57
|
-
def set_auth_token(tenant = nil)
|
60
|
+
def set_auth_token(tenant = nil, keystone_version = nil)
|
58
61
|
response = @env_ref.class.get @keystone_url
|
59
62
|
Occi::Api::Log.debug response.inspect
|
60
63
|
|
61
64
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
62
65
|
"Unable to get Keystone API version from the response, fallback failed!" if (400..599).include?(response.code)
|
63
66
|
|
64
|
-
# multiple choices, sort them by version id
|
67
|
+
# multiple choices, sort them by version id (preferred is v2)
|
65
68
|
if response.code == 300
|
66
69
|
versions = response['versions']['values'].sort_by { |v| v['id']}
|
67
70
|
else
|
@@ -74,18 +77,28 @@ module Occi::Api::Client
|
|
74
77
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
75
78
|
"Unable to get Keystone API version from the response, fallback failed!" unless match && match[1]
|
76
79
|
if match[1] == '2'
|
77
|
-
|
80
|
+
if keystone_version == nil or keystone_version == 2
|
81
|
+
Occi::Api::Log.debug "Selecting Keystone V2 interface"
|
82
|
+
handler_class = KeystoneV2
|
83
|
+
else
|
84
|
+
next
|
85
|
+
end
|
78
86
|
elsif match[1] == '3'
|
79
|
-
|
87
|
+
if keystone_version == nil or keystone_version == 3
|
88
|
+
Occi::Api::Log.debug "Selecting Keystone V3 interface"
|
89
|
+
handler_class = KeystoneV3
|
90
|
+
else
|
91
|
+
next
|
92
|
+
end
|
80
93
|
end
|
81
94
|
v['links'].each do |link|
|
82
95
|
begin
|
83
96
|
if link['rel'] == 'self'
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
97
|
+
keystone_url = link['href'].chomp('/')
|
98
|
+
keystone_handler = handler_class.new(keystone_url, @env_ref, @options)
|
99
|
+
token = keystone_handler.set_auth_token(tenant)
|
100
|
+
# found a working keystone, stop looking
|
101
|
+
return
|
89
102
|
end
|
90
103
|
rescue ::Occi::Api::Client::Errors::AuthnError
|
91
104
|
# ignore and try with next link
|
@@ -194,35 +207,51 @@ module Occi::Api::Client
|
|
194
207
|
|
195
208
|
def set_auth_token(tenant = nil)
|
196
209
|
if @options[:original_type] == "x509"
|
197
|
-
|
210
|
+
set_voms_unscoped_token
|
211
|
+
elsif @options[:type] == "oauth2"
|
212
|
+
set_oauth2_unscoped_token
|
198
213
|
elsif @options[:username] && @options[:password]
|
199
|
-
passwd_authenticate
|
214
|
+
passwd_authenticate
|
200
215
|
else
|
201
216
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
202
217
|
"Unable to request a token from Keystone! Chosen " \
|
203
218
|
"AuthN is not supported, fallback failed!"
|
204
219
|
end
|
220
|
+
|
221
|
+
if !tenant.blank?
|
222
|
+
set_scoped_token(tenant)
|
223
|
+
else
|
224
|
+
get_first_working_project
|
225
|
+
end
|
205
226
|
end
|
206
227
|
|
207
|
-
def passwd_authenticate
|
228
|
+
def passwd_authenticate
|
208
229
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
209
230
|
"Needs to be implemented, check http://developer.openstack.org/api-ref-identity-v3.html#authenticatePasswordUnscoped"
|
210
231
|
end
|
211
232
|
|
212
|
-
def
|
213
|
-
|
233
|
+
def set_voms_unscoped_token
|
234
|
+
response = @env_ref.class.post(
|
235
|
+
# FIXME(enolfc) egi.eu and mapped below should be configurable
|
236
|
+
"#{@base_url}/OS-FEDERATION/identity_providers/egi.eu/protocols/mapped/auth",
|
237
|
+
)
|
238
|
+
Occi::Api::Log.debug response.inspect
|
214
239
|
|
215
|
-
if
|
216
|
-
|
240
|
+
if response.success?
|
241
|
+
@env_ref.class.headers['X-Auth-Token'] = response.headers['x-subject-token']
|
217
242
|
else
|
218
|
-
|
243
|
+
raise ::Occi::Api::Client::Errors::AuthnError,
|
244
|
+
"Unable to get a token from Keystone, fallback failed!"
|
219
245
|
end
|
220
246
|
end
|
221
247
|
|
222
|
-
def
|
248
|
+
def set_oauth2_unscoped_token
|
249
|
+
headers = get_req_headers
|
250
|
+
headers['Authorization'] = "Bearer #{@options[:token]}"
|
223
251
|
response = @env_ref.class.post(
|
224
|
-
# egi.eu and
|
225
|
-
"#{@base_url}/OS-FEDERATION/identity_providers/egi.eu/protocols/
|
252
|
+
# FIXME(enolfc) egi.eu and oidc below should be configurable
|
253
|
+
"#{@base_url}/OS-FEDERATION/identity_providers/egi.eu/protocols/oidc/auth",
|
254
|
+
:headers => headers
|
226
255
|
)
|
227
256
|
Occi::Api::Log.debug response.inspect
|
228
257
|
|
@@ -287,7 +316,7 @@ module Occi::Api::Client
|
|
287
316
|
|
288
317
|
def get_req_headers
|
289
318
|
headers = @env_ref.class.headers.clone
|
290
|
-
headers['Content-Type'] =
|
319
|
+
headers['Content-Type'] = 'application/json'
|
291
320
|
headers['Accept'] = headers['Content-Type']
|
292
321
|
|
293
322
|
headers
|
@@ -30,6 +30,8 @@ module Occi::Api::Client
|
|
30
30
|
raise ::Occi::Api::Client::Errors::AuthnError,
|
31
31
|
"This authN method is for fallback only!" unless fallback
|
32
32
|
Http::AuthnPlugins::Keystone.new self, auth_options
|
33
|
+
when "oauth2"
|
34
|
+
Http::AuthnPlugins::Keystone.new self, auth_options
|
33
35
|
when "none", nil
|
34
36
|
Http::AuthnPlugins::Dummy.new self
|
35
37
|
else
|
data/lib/occi/api/version.rb
CHANGED
data/occi-api.gemspec
CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |gem|
|
|
18
18
|
gem.test_files = `git ls-files -- {test,spec}/*`.split("\n")
|
19
19
|
gem.require_paths = ['lib']
|
20
20
|
|
21
|
-
gem.add_dependency 'occi-core', '>= 4.3.
|
21
|
+
gem.add_dependency 'occi-core', '>= 4.3.6', '< 5'
|
22
22
|
gem.add_dependency 'httparty', '>= 0.13.1', '< 1'
|
23
23
|
gem.add_dependency 'json', '>= 1.8.1', '< 3'
|
24
24
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: occi-api
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.3.
|
4
|
+
version: 4.3.14
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Florian Feldhaus
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2017-
|
13
|
+
date: 2017-08-15 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: occi-core
|
@@ -18,7 +18,7 @@ dependencies:
|
|
18
18
|
requirements:
|
19
19
|
- - ">="
|
20
20
|
- !ruby/object:Gem::Version
|
21
|
-
version: 4.3.
|
21
|
+
version: 4.3.6
|
22
22
|
- - "<"
|
23
23
|
- !ruby/object:Gem::Version
|
24
24
|
version: '5'
|
@@ -28,7 +28,7 @@ dependencies:
|
|
28
28
|
requirements:
|
29
29
|
- - ">="
|
30
30
|
- !ruby/object:Gem::Version
|
31
|
-
version: 4.3.
|
31
|
+
version: 4.3.6
|
32
32
|
- - "<"
|
33
33
|
- !ruby/object:Gem::Version
|
34
34
|
version: '5'
|
@@ -463,7 +463,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
463
463
|
version: '0'
|
464
464
|
requirements: []
|
465
465
|
rubyforge_project:
|
466
|
-
rubygems_version: 2.6.
|
466
|
+
rubygems_version: 2.6.12
|
467
467
|
signing_key:
|
468
468
|
specification_version: 4
|
469
469
|
summary: OCCI development library providing a high-level client API
|