RubyGems - occi-api - Versions diffs - 4.3.13 → 4.3.14 - Mend

occi-api 4.3.13 → 4.3.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/occi/api/client/http/authn_plugins/keystone.rb +51 -22
data/lib/occi/api/client/http/helpers.rb +2 -0
data/lib/occi/api/version.rb +1 -1
data/occi-api.gemspec +1 -1
metadata +5 -5

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: eea00cabd97f5ec155984db2ac1f3c69c7461e11
-  data.tar.gz: 6b8d9f42712d77b0165396a580664449489d4536
+  metadata.gz: fce814d6c2a7c043db73c5541ea5c70b5fd2e288
+  data.tar.gz: bc4d4c17d48337edf1cedaa721ca77d99ba17931
 SHA512:
-  metadata.gz: 2cfc57efcf030120d74ed27c04bbef90c5c50211d005970e506b1fc0fd27b12119dcfe3b5bb3f37f693b1d45cadcf73a1faf0fa754236c123c6797707e961bc3
-  data.tar.gz: 36c0befdbd3f743ea3f2fb13e4fa1220fb58164390f70c63d2ba6a16328eac37f9629226ce167f673fbd3db279a6b7ec1e6fa9d68be36d9c0583f340d0dc02e7
+  metadata.gz: 0c0b46c1a5c0b70e73155194e663d75a43d2d3383d1d4b970398ac861b4b5559fb8e53425c7efe1b696e81465b7940b1b14313ad9eb6d80f5dad8a83b6685f6e
+  data.tar.gz: 2d5242472689a59d10574c7228151abfc538a234f8c0e70530a2f0e9aed91f38410c6172f7e8d07a8b056adce276d4beb4037f10f93e0a68802e0191e7413030

data/lib/occi/api/client/http/authn_plugins/keystone.rb CHANGED

@@ -13,7 +13,10 @@ module Occi::Api::Client
           # discover Keystone API version
           @env_ref.class.headers.delete 'X-Auth-Token'
-          set_auth_token ENV['ROCCI_CLIENT_KEYSTONE_TENANT']
+          if @options[:type] == 'oauth2'
+            keystone_version = 3
+          end
+          set_auth_token ENV['ROCCI_CLIENT_KEYSTONE_TENANT'], keystone_version
           raise ::Occi::Api::Client::Errors::AuthnError,
                 "Unable to get a tenant from Keystone, fallback failed!" if @env_ref.class.headers['X-Auth-Token'].blank?
@@ -54,14 +57,14 @@ module Occi::Api::Client
           @keystone_url = match[3]
         end
-        def set_auth_token(tenant = nil)
+        def set_auth_token(tenant = nil, keystone_version = nil)
           response = @env_ref.class.get @keystone_url
           Occi::Api::Log.debug response.inspect
           raise ::Occi::Api::Client::Errors::AuthnError,
                 "Unable to get Keystone API version from the response, fallback failed!" if (400..599).include?(response.code)
-          # multiple choices, sort them by version id
+          # multiple choices, sort them by version id (preferred is v2)
           if response.code == 300
             versions = response['versions']['values'].sort_by { |v| v['id']}
           else
@@ -74,18 +77,28 @@ module Occi::Api::Client
             raise ::Occi::Api::Client::Errors::AuthnError,
                   "Unable to get Keystone API version from the response, fallback failed!" unless match && match[1]
             if match[1] == '2'
-              handler_class = KeystoneV2
+              if keystone_version == nil or keystone_version == 2
+                Occi::Api::Log.debug "Selecting Keystone V2 interface"
+                handler_class = KeystoneV2
+              else
+                next
+              end
             elsif match[1] == '3'
-              handler_class = KeystoneV3
+              if keystone_version == nil or keystone_version == 3
+                Occi::Api::Log.debug "Selecting Keystone V3 interface"
+                handler_class = KeystoneV3
+              else
+                next
+              end
             end
             v['links'].each do |link|
               begin
                 if link['rel'] == 'self'
-                 keystone_url = link['href'].chomp('/')
-                 keystone_handler = handler_class.new(keystone_url, @env_ref, @options)
-                 token = keystone_handler.set_auth_token(tenant)
-                 # found a working keystone, stop looking
-                 return
+                  keystone_url = link['href'].chomp('/')
+                  keystone_handler = handler_class.new(keystone_url, @env_ref, @options)
+                  token = keystone_handler.set_auth_token(tenant)
+                  # found a working keystone, stop looking
+                  return
                 end
               rescue ::Occi::Api::Client::Errors::AuthnError
                 # ignore and try with next link
@@ -194,35 +207,51 @@ module Occi::Api::Client
         def set_auth_token(tenant = nil)
           if @options[:original_type] == "x509"
-            voms_authenticate(tenant)
+            set_voms_unscoped_token
+          elsif @options[:type] == "oauth2"
+            set_oauth2_unscoped_token
           elsif @options[:username] && @options[:password]
-            passwd_authenticate(tenant)
+            passwd_authenticate
           else
             raise ::Occi::Api::Client::Errors::AuthnError,
                   "Unable to request a token from Keystone! Chosen " \
                   "AuthN is not supported, fallback failed!"
           end
+          if !tenant.blank?
+            set_scoped_token(tenant)
+          else
+            get_first_working_project
+          end
         end
-        def passwd_authenticate(tenant = nil)
+        def passwd_authenticate
           raise ::Occi::Api::Client::Errors::AuthnError,
                 "Needs to be implemented, check http://developer.openstack.org/api-ref-identity-v3.html#authenticatePasswordUnscoped"
         end
-        def voms_authenticate(tenant = nil)
-          set_voms_unscoped_token
+        def set_voms_unscoped_token
+          response = @env_ref.class.post(
+            # FIXME(enolfc) egi.eu and mapped below should be configurable
+            "#{@base_url}/OS-FEDERATION/identity_providers/egi.eu/protocols/mapped/auth",
+          )
+          Occi::Api::Log.debug response.inspect
-          if !tenant.blank?
-            set_scoped_token(tenant)
+          if response.success?
+            @env_ref.class.headers['X-Auth-Token'] = response.headers['x-subject-token']
           else
-            get_first_working_project
+            raise ::Occi::Api::Client::Errors::AuthnError,
+                  "Unable to get a token from Keystone, fallback failed!"
           end
         end
-        def set_voms_unscoped_token
+        def set_oauth2_unscoped_token
+          headers = get_req_headers
+          headers['Authorization'] = "Bearer #{@options[:token]}"
           response = @env_ref.class.post(
-            # egi.eu and mapped below should be configurable
-            "#{@base_url}/OS-FEDERATION/identity_providers/egi.eu/protocols/mapped/auth",
+            # FIXME(enolfc) egi.eu and oidc below should be configurable
+            "#{@base_url}/OS-FEDERATION/identity_providers/egi.eu/protocols/oidc/auth",
+            :headers => headers
           )
           Occi::Api::Log.debug response.inspect
@@ -287,7 +316,7 @@ module Occi::Api::Client
         def get_req_headers
           headers = @env_ref.class.headers.clone
-          headers['Content-Type'] = "application/json"
+          headers['Content-Type'] = 'application/json'
           headers['Accept'] = headers['Content-Type']
           headers

data/lib/occi/api/client/http/helpers.rb CHANGED

@@ -30,6 +30,8 @@ module Occi::Api::Client
                           raise ::Occi::Api::Client::Errors::AuthnError,
                                 "This authN method is for fallback only!" unless fallback
                           Http::AuthnPlugins::Keystone.new self, auth_options
+                        when "oauth2"
+                          Http::AuthnPlugins::Keystone.new self, auth_options
                         when "none", nil
                           Http::AuthnPlugins::Dummy.new self
                         else

data/lib/occi/api/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Occi
   module Api
-    VERSION = "4.3.13" unless defined?(::Occi::Api::VERSION)
+    VERSION = "4.3.14" unless defined?(::Occi::Api::VERSION)
   end
 end

data/occi-api.gemspec CHANGED

@@ -18,7 +18,7 @@ Gem::Specification.new do |gem|
   gem.test_files    = `git ls-files -- {test,spec}/*`.split("\n")
   gem.require_paths = ['lib']
-  gem.add_dependency 'occi-core', '>= 4.3.5', '< 5'
+  gem.add_dependency 'occi-core', '>= 4.3.6', '< 5'
   gem.add_dependency 'httparty', '>= 0.13.1', '< 1'
   gem.add_dependency 'json', '>= 1.8.1', '< 3'

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: occi-api
 version: !ruby/object:Gem::Version
-  version: 4.3.13
+  version: 4.3.14
 platform: ruby
 authors:
 - Florian Feldhaus
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-06-14 00:00:00.000000000 Z
+date: 2017-08-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: occi-core
@@ -18,7 +18,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.3.5
+        version: 4.3.6
     - - "<"
       - !ruby/object:Gem::Version
         version: '5'
@@ -28,7 +28,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.3.5
+        version: 4.3.6
     - - "<"
       - !ruby/object:Gem::Version
         version: '5'
@@ -463,7 +463,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.8
+rubygems_version: 2.6.12
 signing_key:
 specification_version: 4
 summary: OCCI development library providing a high-level client API