openstack 2.2.0 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 884339fc18898d36fca662e853c156bb029b193f
-  data.tar.gz: f85e37571dc9182651aec8019cec200b023d3de7
+  metadata.gz: 019f3ab58603e2185aa4558273454869205efb90
+  data.tar.gz: d6a1995446cc59cf255d03354552738e81d3efeb
 SHA512:
-  metadata.gz: c237b9cf749c80d7147c954fb2239032dd5dffed0eeca36f87874bb549147c36713c7b851673a38c2c01e2ebbd6c4791f76553075c3d1c367672261bd5bc4515
-  data.tar.gz: a18111ee6f10c9137e983f1afa4a0ae3d32504b80704f005bd037115283ba8a64f869935e30274db322bdd7ae87361d0a74cadec143cb7f7502ab1c760983580
+  metadata.gz: cde951d618983f94dc1e808d60240647ef5ead95d6d345fbd9e5b25929a0ad89742f279e5d2d9e00082ec6c71bce816ba4573fb1b5b8d9f9c24d9d6d94c519e0
+  data.tar.gz: 2eab3097fbd3de0458141ecbd06a4d55cb949369ef46df26220c9e3e07eac1c82b7dafca2cd04a9ee9779b983c07d1cb019ad34b4be4a918e38d5bcd0debce1c

data/README.md

@@ -1,18 +1,33 @@
 # Ruby OpenStack
 
-Ruby OpenStack Compute, Object-Store, Block Storage and Network bindings for the OpenStack API. It supports Keystone Authentication (v1.0 and v2.0), Nova and Swift. See the [getting started](https://github.com/ruby-openstack/ruby-openstack/wiki) for documentation.
+Ruby OpenStack Compute, Object-Store, Block Storage and Network bindings for the OpenStack API. It supports Keystone Authentication (v1.0, v2.0 and v3.0), Nova and Swift. See the [getting started](https://github.com/ruby-openstack/ruby-openstack/wiki) for documentation.
 
-[![Build Status](https://travis-ci.org/ruby-openstack/ruby-openstack.svg?branch=next)](https://travis-ci.org/ruby-openstack/ruby-openstack)
+[![Build Status](https://travis-ci.org/ruby-openstack/ruby-openstack.svg?branch=master)](https://travis-ci.org/ruby-openstack/ruby-openstack)
+
+## Installation
+
+Add the Ruby OpenStack as dependency to your project Gemfile: 
+
+```
+source 'https://rubygems.org'
+gem 'openstack'
+```
+
+## Maintainer
+
+The library is currently maintained by [Nitrado](http://nitrado.net/).
+The people behind the OpenStack Team from Nitrado are Alexander Birkner and Aaron Fischer.
 
 ## Authors
 
+* Alexander Birkner (alexander.birkner@marbis.net)
+* Aaron Fischer (aaron.fischer@marbis.net)
 * Marios Andreou (marios@redhat.com)
 * Dan Prince (dprince@redhat.com)
 * Naveed Massjouni (naveedm9@gmail.com)
-* Aaron Fischer (aaron.fischer@marbis.net)
-* Alexander Birkner (alexander.birkner@marbis.net)
 
-Initial code checkin on May 23rd 2012 - code refactored from and based on the Rackspace [Cloud Servers gem](https://github.com/rackspace/ruby-openstack-compute) and [Rackspace Cloud Files gem](https://github.com/rackspace/ruby-cloudfiles). Since Nov 2015 maintained by [Marbis GmbH](http://nitrado.net/).
+Initial code checkin on May 23rd 2012 - code refactored from and based on the Rackspace [Cloud Servers gem](https://github.com/rackspace/ruby-openstack-compute) and [Rackspace Cloud Files gem](https://github.com/rackspace/ruby-cloudfiles).
+Since Nov 2015 the library is maintained by [Nitrado](http://nitrado.net/).
 
 ## License
 

data/VERSION

@@ -1 +1 @@
-2.2.0
+3.0.0

data/lib/openstack/compute/connection.rb

@@ -117,7 +117,9 @@ module Compute
     #   => "NewServerSHMGpvI"
     def create_server(options)
       raise OpenStack::Exception::MissingArgument, "Server name, flavorRef, and imageRef, must be supplied" unless (options[:name] && options[:flavorRef] && options[:imageRef])
-      options[:personality] = Personalities.get_personality(options[:personality])
+      if options[:personality]
+        options[:personality] = Personalities.get_personality(options[:personality])
+      end
       options[:security_groups] = (options[:security_groups] || []).inject([]){|res, c| res << {"name"=>c} ;res}
       data = JSON.generate(:server => options)
       response = @connection.csreq("POST",@connection.service_host,"#{@connection.service_path}/servers",@connection.service_port,@connection.service_scheme,{'content-type' => 'application/json'},data)
@@ -125,7 +127,7 @@ module Compute
       server_info = JSON.parse(response.body)['server']
       server = OpenStack::Compute::Server.new(self,server_info['id'])
       server.adminPass = server_info['adminPass']
-      return server
+      server
     end
 
     # Returns an array of hashes listing available server images that you have access too,
@@ -508,12 +510,18 @@ module Compute
       true
     end
 
-    def get_floating_ip_polls
+    def get_floating_ip_pools
       check_extension 'os-floating-ip-pools'
       response = @connection.req('GET', '/os-floating-ip-pools')
       JSON.parse(response.body)['floating_ip_pools']
     end
 
+    #deprecated - please do not use this typo method :)
+    def get_floating_ip_polls
+      puts "get_floating_ip_polls() is DEPRECATED: Please use get_floating_ip_pools() without typo!"
+      self.get_floating_ip_pools
+    end
+
     def get_floating_ips_bulk
       check_extension 'os-floating-ips-bulk'
       response = @connection.req('GET', '/os-floating-ips-bulk')

data/lib/openstack/connection.rb

@@ -22,6 +22,14 @@ class Connection
     attr_reader   :auth_path
     attr_reader   :service_name
     attr_reader   :service_type
+    attr_reader   :user_domain
+    attr_reader   :user_domain_id
+    attr_reader   :project_id
+    attr_reader   :project_name
+    attr_reader   :project_domain_name
+    attr_reader   :project_domain_id
+    attr_reader   :domain_name
+    attr_reader   :domain_id
     attr_reader   :proxy_host
     attr_reader   :proxy_port
     attr_reader   :ca_cert
@@ -45,14 +53,23 @@ class Connection
     #
     #   options hash:
     #
-    #   :auth_method - Type of authentication - 'password', 'key', 'rax-kskey' - defaults to 'password'
     #   :username - Your OpenStack username or public key, depending on auth_method. *required*
+    #   :auth_method - Type of authentication - 'password', 'key', 'rax-kskey', 'token' - defaults to 'password'.
+    #     For auth v3.0 valid options are 'password', 'token', 'password_user_id'
     #   :authtenant_name OR :authtenant_id - Your OpenStack tenant name or id *required*. Defaults to username.
     #     passing :authtenant will default to using that parameter as tenant name.
     #   :api_key - Your OpenStack API key *required* (either private key or password, depending on auth_method)
     #   :auth_url - Configurable auth_url endpoint.
     #   :service_name - (Optional for v2.0 auth only). The optional name of the compute service to use.
     #   :service_type - (Optional for v2.0 auth only). Defaults to "compute"
+    #   :user_domain - (Optional for v3.0 auth only). The optional name of the user domain.
+    #   :user_domain_id - (Optional for v3.0 auth only). Defaults to "default"
+    #   :project_id - (Optional for v3.0 auth only). For authorization scoping
+    #   :project_name - (Optional for v3.0 auth only). For authorization scoping
+    #   :project_domain_name - (Optional for v3.0 auth only). For authorization scoping
+    #   :project_domain_id - (Optional for v3.0 auth only). For authorization scoping
+    #   :domain_name - (Optional for v3.0 auth only). For authorization scoping
+    #   :domain_id - (Optional for v3.0 auth only). For authorization scoping
     #   :region - (Optional for v2.0 auth only). The specific service region to use. Defaults to first returned region.
     #   :retry_auth - Whether to retry if your auth token expires (defaults to true)
     #   :proxy_host - If you need to connect through a proxy, supply the hostname here
@@ -60,6 +77,7 @@ class Connection
     #   :ca_cert - path to a CA chain in PEM format
     #   :ssl_version - explicitly set an version (:SSLv3 etc, see  OpenSSL::SSL::SSLContext::METHODS)
     #   :is_debug - Only for development purpose for debug output
+    #   :endpoint_type - Type of endpoint. Optional. 'publicURL', 'internalURL', 'adminURL'
     #
     # The options hash is used to create a new OpenStack::Connection object
     # (private constructor) and this is passed to the constructor of OpenStack::Compute::Connection
@@ -98,6 +116,14 @@ class Connection
       @auth_method = options[:auth_method] || "password"
       @service_name = options[:service_name] || nil
       @service_type = options[:service_type] || "compute"
+      @user_domain_id = options[:user_domain_id] || "default"
+      @user_domain = options[:user_domain] || nil
+      @project_id = options[:project_id] || nil
+      @project_name = options[:project_name] || nil
+      @project_domain_name = options[:project_domain_name] || nil
+      @project_domain_id = options[:project_domain_id] || nil
+      @domain_name = options[:domain_name] || nil
+      @domain_id = options[:domain_id] || nil
       @region = options[:region] || @region = nil
       @regions_list = {} # this is populated during authentication - from the returned service catalogue
       @is_debug = options[:is_debug]
@@ -144,10 +170,10 @@ class Connection
       start_http(server,path,port,scheme,hdrhash)
       response = @http[server].request(request)
       if @is_debug
-          puts "REQUEST: PUT => #{path}"
-          puts data if data
-          puts "RESPONSE: #{response.body}"
-          puts '----------------------------------------'
+        puts "REQUEST: PUT => #{path}"
+        puts data if data
+        puts "RESPONSE: #{response.body}"
+        puts '----------------------------------------'
       end
       raise OpenStack::Exception::ExpiredAuthToken if response.code == "401"
       response
@@ -185,10 +211,10 @@ class Connection
         response = @http[server].request(request)
       end
       if @is_debug
-          puts "REQUEST: #{auth_method} => #{path}"
-          puts data if data
-          puts "RESPONSE: #{response.body}"
-          puts '----------------------------------------'
+        puts "REQUEST: #{method.to_s} => #{path}"
+        puts data if data
+        puts "RESPONSE: #{response.body}"
+        puts '----------------------------------------'
       end
       raise OpenStack::Exception::ExpiredAuthToken if response.code == "401"
       response
@@ -264,64 +290,119 @@ class Connection
       end
     end
 
-end #end class Connection
+  end #end class Connection
 
-#============================
-# OpenStack::Authentication
-#============================
+  #============================
+  # OpenStack::Authentication
+  #============================
 
-class Authentication
+  class Authentication
 
-  # Performs an authentication to the OpenStack auth server.
-  # If it succeeds, it sets the service_host, service_path, service_port,
-  # service_scheme, authtoken, and authok variables on the connection.
-  # If it fails, it raises an exception.
+    # Performs an authentication to the OpenStack auth server.
+    # If it succeeds, it sets the service_host, service_path, service_port,
+    # service_scheme, authtoken, and authok variables on the connection.
+    # If it fails, it raises an exception.
 
-  def self.init(conn)
-    if conn.auth_path =~ /.*v2.0\/?$/
-      AuthV20.new(conn)
-    else
-      AuthV10.new(conn)
+    def self.init(conn)
+      if conn.auth_path =~ /.*v3\/?$/
+        AuthV30.new(conn)
+      elsif conn.auth_path =~ /.*v2.0\/?$/
+        AuthV20.new(conn)
+      else
+        AuthV10.new(conn)
+      end
     end
   end
 
-end
+  private
+
+  class AuthV10
+    def initialize(connection)
+      tries = connection.retries
+      time = 3
 
- private
-class AuthV20
-  attr_reader :uri
-  attr_reader :version
-  def initialize(connection)
-
-    tries = connection.retries
-    time = 3
-
-    begin
-      server = Net::HTTP::Proxy(connection.proxy_host, connection.proxy_port).new(connection.auth_host, connection.auth_port)
-      if connection.auth_scheme == "https"
-        server.use_ssl = true
-        server.verify_mode = OpenSSL::SSL::VERIFY_NONE
-
-        # use the ca_cert if were given one, and make sure we verify!
-        if !connection.ca_cert.nil?
-          server.ca_file = connection.ca_cert
-          server.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      hdrhash = { "X-Auth-User" => connection.authuser, "X-Auth-Key" => connection.authkey }
+      begin
+        server = Net::HTTP::Proxy(connection.proxy_host, connection.proxy_port).new(connection.auth_host, connection.auth_port)
+        if connection.auth_scheme == "https"
+          server.use_ssl = true
+          server.verify_mode = OpenSSL::SSL::VERIFY_NONE
+
+          # use the ca_cert if were given one, and make sure to verify!
+          if !connection.ca_cert.nil?
+            server.ca_file = connection.ca_cert
+            server.verify_mode = OpenSSL::SSL::VERIFY_PEER
+          end
+
+          # explicitly set the SSL version to use
+          server.ssl_version = connection.ssl_version if !connection.ssl_version.nil?
         end
+        server.start
+      rescue
+        puts "Can't connect to the server: #{tries} tries  to reconnect" if connection.is_debug
+        sleep time += 1
+        retry unless (tries -= 1) <= 0
+        raise OpenStack::Exception::Connection, "Unable to connect to #{server}"
+      end
 
-        # explicitly set the SSL version to use
-        server.ssl_version = connection.ssl_version if !connection.ssl_version.nil?
+      response = server.get(connection.auth_path, hdrhash)
+
+      if (response.code =~ /^20./)
+        connection.authtoken = response["x-auth-token"]
+        case connection.service_type
+        when "compute"
+          uri = URI.parse(response["x-server-management-url"])
+        when "object-store"
+          uri = URI.parse(response["x-storage-url"])
+        end
+        raise OpenStack::Exception::Authentication, "Unexpected Response from  #{connection.auth_host} - couldn't get service URLs: \"x-server-management-url\" is: #{response["x-server-management-url"]} and \"x-storage-url\" is: #{response["x-storage-url"]}"  if (uri.host.nil? || uri.host=="")
+        connection.service_host = uri.host
+        connection.service_path = uri.path
+        connection.service_port = uri.port
+        connection.service_scheme = uri.scheme
+        connection.authok = true
+      else
+        connection.authok = false
+        raise OpenStack::Exception::Authentication, "Authentication failed with response code #{response.code}"
       end
-      server.start
-    rescue
-      puts "Can't connect to the server: #{tries} tries  to reconnect" if connection.is_debug
-      sleep time += 1
-      retry unless (tries -= 1) <= 0
-      raise OpenStack::Exception::Connection, "Unable to connect to  #{server}"
+      server.finish
     end
+  end
+
+  class AuthV20
+    attr_reader :uri
+    attr_reader :version
+    def initialize(connection)
+
+      tries = connection.retries
+      time = 3
+
+      begin
+        server = Net::HTTP::Proxy(connection.proxy_host, connection.proxy_port).new(connection.auth_host, connection.auth_port)
+        if connection.auth_scheme == "https"
+          server.use_ssl = true
+          server.verify_mode = OpenSSL::SSL::VERIFY_NONE
+
+          # use the ca_cert if were given one, and make sure we verify!
+          if !connection.ca_cert.nil?
+            server.ca_file = connection.ca_cert
+            server.verify_mode = OpenSSL::SSL::VERIFY_PEER
+          end
+
+          # explicitly set the SSL version to use
+          server.ssl_version = connection.ssl_version if !connection.ssl_version.nil?
+        end
+        server.start
+      rescue
+        puts "Can't connect to the server: #{tries} tries  to reconnect" if connection.is_debug
+        sleep time += 1
+        retry unless (tries -= 1) <= 0
+        raise OpenStack::Exception::Connection, "Unable to connect to  #{server}"
+      end
 
-    @uri = String.new
+      @uri = String.new
 
-    case connection.auth_method
+      case connection.auth_method
       when "password"
         auth_data = JSON.generate({ "auth" =>  { "passwordCredentials" => { "username" => connection.authuser, "password" => connection.authkey }, connection.authtenant[:type] => connection.authtenant[:value]}})
       when "rax-kskey"
@@ -330,248 +411,330 @@ class AuthV20
         auth_data = JSON.generate({"auth" => { "apiAccessKeyCredentials" => {"accessKey" => connection.authuser, "secretKey" => connection.authkey}, connection.authtenant[:type] => connection.authtenant[:value]}})
       else
         raise Exception::InvalidArgument, "Unrecognized auth method #{connection.auth_method}"
-    end
+      end
 
-    response = server.post(connection.auth_path.chomp("/")+"/tokens", auth_data, {'Content-Type' => 'application/json'})
-    if (response.code =~ /^20./)
-      resp_data=JSON.parse(response.body)
-      connection.authtoken = resp_data['access']['token']['id']
-      implemented_services = resp_data["access"]["serviceCatalog"].inject([]){|res, current| res << current["type"] ;res}
-      raise OpenStack::Exception::NotImplemented.new("The requested service: \"#{connection.service_type}\" is not present " +
-        "in the returned service catalogue.", 501, "#{resp_data["access"]["serviceCatalog"]}") unless implemented_services.include?(connection.service_type)
-      resp_data['access']['serviceCatalog'].each do |service|
-        service["endpoints"].each do |endpoint|
-          connection.regions_list[endpoint["region"]] ||= []
-          connection.regions_list[endpoint["region"]] << {:service=>service["type"], :versionId => endpoint["versionId"]}
-        end
-        if connection.service_name
-          check_service_name = connection.service_name
-        else
-          check_service_name = service['name']
-        end
-        if service['type'] == connection.service_type and service['name'] == check_service_name
-          endpoints = service["endpoints"]
-          if connection.region
-            endpoints.each do |ep|
-              if ep["region"] and ep["region"].upcase == connection.region.upcase
-                @uri = URI.parse(ep[connection.endpoint_type])
-              end
-            end
-          else
-            @uri = URI.parse(endpoints[0][connection.endpoint_type])
+      response = server.post(connection.auth_path.chomp("/")+"/tokens", auth_data, {'Content-Type' => 'application/json'})
+      if (response.code =~ /^20./)
+        resp_data=JSON.parse(response.body)
+        connection.authtoken = resp_data['access']['token']['id']
+        implemented_services = resp_data["access"]["serviceCatalog"].inject([]){|res, current| res << current["type"] ;res}
+        raise OpenStack::Exception::NotImplemented.new("The requested service: \"#{connection.service_type}\" is not present " +
+                                                       "in the returned service catalogue.", 501, "#{resp_data["access"]["serviceCatalog"]}") unless implemented_services.include?(connection.service_type)
+        resp_data['access']['serviceCatalog'].each do |service|
+          service["endpoints"].each do |endpoint|
+            connection.regions_list[endpoint["region"]] ||= []
+            connection.regions_list[endpoint["region"]] << {:service=>service["type"], :versionId => endpoint["versionId"]}
           end
-          if @uri == ""
-            raise OpenStack::Exception::Authentication, "No API endpoint for region #{connection.region}"
+          if connection.service_name
+            check_service_name = connection.service_name
           else
-            if @version #already got one version of endpoints
-              current_version = get_version_from_response(service,connection.endpoint_type)
-              if @version.to_f > current_version.to_f
-                next
+            check_service_name = service['name']
+          end
+          if service['type'] == connection.service_type and service['name'] == check_service_name
+            endpoints = service["endpoints"]
+            if connection.region
+              endpoints.each do |ep|
+                if ep["region"] and ep["region"].upcase == connection.region.upcase
+                  @uri = URI.parse(ep[connection.endpoint_type])
+                end
+              end
+            else
+              @uri = URI.parse(endpoints[0][connection.endpoint_type])
+            end
+            if @uri == ""
+              raise OpenStack::Exception::Authentication, "No API endpoint for region #{connection.region}"
+            else
+              if @version #already got one version of endpoints
+                current_version = get_version_from_response(service,connection.endpoint_type)
+                if @version.to_f > current_version.to_f
+                  next
+                end
               end
+              #grab version to check next time round for multi-version deployments
+              @version = get_version_from_response(service,connection.endpoint_type)
+              connection.service_host = @uri.host
+              connection.service_path = @uri.path
+              connection.service_port = @uri.port
+              connection.service_scheme = @uri.scheme
+              connection.authok = true
             end
-            #grab version to check next time round for multi-version deployments
-            @version = get_version_from_response(service,connection.endpoint_type)
-            connection.service_host = @uri.host
-            connection.service_path = @uri.path
-            connection.service_port = @uri.port
-            connection.service_scheme = @uri.scheme
-            connection.authok = true
           end
         end
+      else
+        connection.authtoken = false
+        raise OpenStack::Exception::Authentication, "Authentication failed with response code #{response.code}"
       end
-    else
-      connection.authtoken = false
-      raise OpenStack::Exception::Authentication, "Authentication failed with response code #{response.code}"
+      server.finish if server.started?
     end
-    server.finish if server.started?
-  end
 
-  def get_version_from_response(service,endpoint_type)
-    service["endpoints"].first["versionId"] || parse_version_from_endpoint(service["endpoints"].first[endpoint_type])
-  end
+    def get_version_from_response(service,endpoint_type)
+      service["endpoints"].first["versionId"] || parse_version_from_endpoint(service["endpoints"].first[endpoint_type])
+    end
 
-  #IN  --> https://az-2.region-a.geo-1.compute.hpcloudsvc.com/v1.1/46871569847393
-  #OUT --> "1.1"
-  def parse_version_from_endpoint(endpoint)
-    endpoint.match(/\/v(\d).(\d)/).to_s.sub("/v", "")
+    #IN  --> https://az-2.region-a.geo-1.compute.hpcloudsvc.com/v1.1/46871569847393
+    #OUT --> "1.1"
+    def parse_version_from_endpoint(endpoint)
+      endpoint.match(/\/v(\d).(\d)/).to_s.sub("/v", "")
+    end
   end
 
-end
+  # Implement the Identity Version 3.x API
+  # http://developer.openstack.org/api-ref-identity-v3.html
+  # This is still experimental, so don't use in production.
+  class AuthV30
+    attr_reader :uri, :version
+    # TODO: Parse the version for an endpoint
 
-class AuthV10
+    def initialize(connection)
+      tries = connection.retries
+      time = 3
 
-  def initialize(connection)
+      begin
+        server = Net::HTTP::Proxy(connection.proxy_host, connection.proxy_port).new(connection.auth_host, connection.auth_port)
+        if connection.auth_scheme == "https"
+          server.use_ssl = true
+          server.verify_mode = OpenSSL::SSL::VERIFY_NONE
+
+          # use the ca_cert if were given one, and make sure we verify!
+          unless connection.ca_cert.nil?
+            server.ca_file = connection.ca_cert
+            server.verify_mode = OpenSSL::SSL::VERIFY_PEER
+          end
 
-    tries = connection.retries
-    time = 3
+          # explicitly set the SSL version to use
+          server.ssl_version = connection.ssl_version unless connection.ssl_version.nil?
+        end
+        server.start
+      rescue
+        puts "Can't connect to the server: #{tries} tries to reconnect" if connection.is_debug
+        sleep time += 1
+        retry unless (tries -= 1) <= 0
+        raise OpenStack::Exception::Connection, "Unable to connect to #{server}"
+      end
 
-    hdrhash = { "X-Auth-User" => connection.authuser, "X-Auth-Key" => connection.authkey }
-    begin
-      server = Net::HTTP::Proxy(connection.proxy_host, connection.proxy_port).new(connection.auth_host, connection.auth_port)
-      if connection.auth_scheme == "https"
-        server.use_ssl = true
-        server.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      # Build Auth JSON
+      auth = { "auth" => { "identity" => {} } }
+
+      case connection.auth_method.to_sym
+      when :password
+        auth["auth"]["identity"]["methods"] = ["password"]
+        auth["auth"]["identity"]["password"] = { "user" => { "name" => connection.authuser, "password" => connection.authkey } }
+        auth["auth"]["identity"]["password"]["user"]["domain"] = connection.user_domain ? { "name" => connection.user_domain } : { "id" => connection.user_domain_id }
+      when :password_user_id
+        auth["auth"]["identity"]["methods"] = ["password"]
+        auth["auth"]["identity"]["password"] = { "user" => { "id" => connection.authuser, "password" => connection.authkey } }
+      when :token
+        auth["auth"]["identity"]["methods"] = ["token"]
+        auth["auth"]["identity"]["token"] = { "id" => connection.authkey }
+      else
+        raise Exception::InvalidArgument, "Unrecognized auth method #{connection.auth_method}."
+      end
 
-        # use the ca_cert if were given one, and make sure to verify!
-        if !connection.ca_cert.nil?
-          server.ca_file = connection.ca_cert
-          server.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        end
+      # handle project authentication scope
+      if (connection.project_id || connection.project_name) && (connection.project_domain_name || connection.project_domain_id)
+        auth["auth"]["scope"] = { "project" => { "domain" => {} } }
+        auth["auth"]["scope"]["project"]["name"] =  connection.project_name if connection.project_name
+        auth["auth"]["scope"]["project"]["id"] =  connection.project_id if connection.project_id
+        auth["auth"]["scope"]["project"]["domain"]["name"] = connection.project_domain_name if connection.project_domain_name
+        auth["auth"]["scope"]["project"]["domain"]["id"] = connection.project_domain_id if connection.project_domain_id
+      end
 
-        # explicitly set the SSL version to use
-        server.ssl_version = connection.ssl_version if !connection.ssl_version.nil?
+      # handle domain authentication scope
+      if connection.domain_name || connection.domain_id
+        auth["auth"]["scope"] = { "domain" => {} }
+        auth["auth"]["scope"]["domain"]["name"] = connection.domain_name if connection.domain_name
+        auth["auth"]["scope"]["domain"]["id"] = connection.domain_id if connection.domain_id
       end
-      server.start
-    rescue
-      puts "Can't connect to the server: #{tries} tries  to reconnect" if connection.is_debug
-      sleep time += 1
-      retry unless (tries -= 1) <= 0
-      raise OpenStack::Exception::Connection, "Unable to connect to #{server}"
-    end
 
-    response = server.get(connection.auth_path, hdrhash)
+      response = server.post(connection.auth_path.chomp('/') + '/auth/tokens',
+                             JSON.generate(auth),
+                             {'Content-Type' => 'application/json'})
 
-    if (response.code =~ /^20./)
-      connection.authtoken = response["x-auth-token"]
-      case connection.service_type
-        when "compute"
-          uri = URI.parse(response["x-server-management-url"])
-        when "object-store"
-          uri = URI.parse(response["x-storage-url"])
+      # debugging
+      if connection.is_debug
+        puts "REQUEST: POST => #{connection.auth_path.chomp('/') + '/auth/tokens'}"
+        puts "RESPONSE: #{response.body}"
+        puts '----------------------------------------'
       end
-      raise OpenStack::Exception::Authentication, "Unexpected Response from  #{connection.auth_host} - couldn't get service URLs: \"x-server-management-url\" is: #{response["x-server-management-url"]} and \"x-storage-url\" is: #{response["x-storage-url"]}"  if (uri.host.nil? || uri.host=="")
-      connection.service_host = uri.host
-      connection.service_path = uri.path
-      connection.service_port = uri.port
-      connection.service_scheme = uri.scheme
-      connection.authok = true
-    else
-      connection.authok = false
-      raise OpenStack::Exception::Authentication, "Authentication failed with response code #{response.code}"
-    end
-    server.finish
-  end
 
-end
+      if response.code =~ /^20./
+        connection.authtoken = response['X-Subject-Token']
 
+        resp_data=JSON.parse(response.body)
 
-#============================
-# OpenStack::Exception
-#============================
+        catalog = resp_data["token"]["catalog"]
+        unless catalog
+          raise OpenStack::Exception::Authentication, "No service catalog returned. Maybe your auth request is unscoped. Please check if your selected user has a default project."
+        end
 
-class Exception
+        # Check if the used service is available
+        implemented_services = resp_data["token"]["catalog"].map {|service| service['type']}
+        raise OpenStack::Exception::NotImplemented.new("The requested service: \"#{connection.service_type}\" is not present " +
+                                                       "in the returned service catalogue.", 501, "#{resp_data["access"]["serviceCatalog"]}") unless implemented_services.include?(connection.service_type)
+        catalog.each do |service|
+          service["endpoints"].each do |endpoint|
+            connection.regions_list[endpoint["region"]] ||= []
+            connection.regions_list[endpoint["region"]] << {:service=>service["type"], :versionId => endpoint["versionId"]}
+          end
 
-  class ComputeError < StandardError
+          # set use preset service name if set, otherwise ignore.
+          if connection.service_name
+            check_service_name = connection.service_name
+          else
+            check_service_name = service['name']
+          end
 
-    attr_reader :response_body
-    attr_reader :response_code
+          if service['type'] == connection.service_type and service['name'] == check_service_name
+            endpoints = service["endpoints"]
 
-    def initialize(message, code, response_body)
-      @response_code=code
-      @response_body=response_body
-      super(message)
-    end
+            # filter endpoints by interfacetype
+            interface_type = connection.endpoint_type.gsub('URL','')
+            endpoints = endpoints.select {|ep| ep['interface'] == interface_type}
 
-  end
+            # Select endpoint based on region
+            if connection.region
+              endpoints.each do |ep|
+                if ep["region"] and ep["region"].upcase == connection.region.upcase
+                  @uri = URI.parse(ep['url'])
+                end
+              end
+            else
+              @uri = URI.parse(endpoints[0]['url'])
+            end
 
-  class ComputeFault                < ComputeError # :nodoc:
-  end
-  class ServiceUnavailable          < ComputeError # :nodoc:
-  end
-  class Unauthorized                < ComputeError # :nodoc:
-  end
-  class BadRequest                  < ComputeError # :nodoc:
-  end
-  class OverLimit                   < ComputeError # :nodoc:
-  end
-  class BadMediaType                < ComputeError # :nodoc:
-  end
-  class BadMethod                   < ComputeError # :nodoc:
-  end
-  class ItemNotFound                < ComputeError # :nodoc:
-  end
-  class BuildInProgress             < ComputeError # :nodoc:
-  end
-  class ServerCapacityUnavailable   < ComputeError # :nodoc:
-  end
-  class BackupOrResizeInProgress    < ComputeError # :nodoc:
-  end
-  class ResizeNotAllowed            < ComputeError # :nodoc:
-  end
-  class NotImplemented              < ComputeError # :nodoc:
-  end
-  class Other                       < ComputeError # :nodoc:
-  end
-  class ResourceStateConflict       < ComputeError # :nodoc:
-  end
-  class QuantumError                < ComputeError # :nodoc:
+            if @uri == ""
+              raise OpenStack::Exception::Authentication, "No API endpoint for region #{connection.region}"
+            else
+              connection.service_host = @uri.host
+              connection.service_path = @uri.path
+              connection.service_port = @uri.port
+              connection.service_scheme = @uri.scheme
+              connection.authok = true
+            end
+          end
+        end
+      else
+        connection.authtoken = false
+        raise OpenStack::Exception::Authentication, "Authentication failed with response code #{response.code}"
+      end
+      server.finish if server.started?
+    end
   end
 
-  # Plus some others that we define here
 
-  class ExpiredAuthToken            < StandardError # :nodoc:
-  end
-  class MissingArgument             < StandardError # :nodoc:
-  end
-  class InvalidArgument             < StandardError # :nodoc:
-  end
-  class TooManyPersonalityItems     < StandardError # :nodoc:
-  end
-  class PersonalityFilePathTooLong  < StandardError # :nodoc:
-  end
-  class PersonalityFileTooLarge     < StandardError # :nodoc:
-  end
-  class Authentication              < StandardError # :nodoc:
-  end
-  class Connection                  < StandardError # :nodoc:
-  end
+  #============================
+  # OpenStack::Exception
+  #============================
 
-  # In the event of a non-200 HTTP status code, this method takes the HTTP response, parses
-  # the JSON from the body to get more information about the exception, then raises the
-  # proper error.  Note that all exceptions are scoped in the OpenStack::Compute::Exception namespace.
-  def self.raise_exception(response)
-    return if response.code =~ /^20.$/
-    begin
-      fault = nil
-      info = nil
-      if response.body.nil? && response.code == "404" #HEAD ops no body returned
-        exception_class = self.const_get("ItemNotFound")
-        raise exception_class.new("The resource could not be found", "404", "")
-      else
-        JSON.parse(response.body).each_pair do |key, val|
-          fault=key
-          info=val
-        end
-        exception_class = self.const_get(fault[0,1].capitalize+fault[1,fault.length])
-        raise exception_class.new((info["message"] || info), response.code, response.body)
+  class Exception
+    class ComputeError < StandardError
+      attr_reader :response_body
+      attr_reader :response_code
+
+      def initialize(message, code, response_body)
+        @response_code=code
+        @response_body=response_body
+        super(message)
       end
-    rescue JSON::ParserError => parse_error
+    end
+
+    class ComputeFault                < ComputeError # :nodoc:
+    end
+    class ServiceUnavailable          < ComputeError # :nodoc:
+    end
+    class Unauthorized                < ComputeError # :nodoc:
+    end
+    class BadRequest                  < ComputeError # :nodoc:
+    end
+    class OverLimit                   < ComputeError # :nodoc:
+    end
+    class BadMediaType                < ComputeError # :nodoc:
+    end
+    class BadMethod                   < ComputeError # :nodoc:
+    end
+    class ItemNotFound                < ComputeError # :nodoc:
+    end
+    class BuildInProgress             < ComputeError # :nodoc:
+    end
+    class ServerCapacityUnavailable   < ComputeError # :nodoc:
+    end
+    class BackupOrResizeInProgress    < ComputeError # :nodoc:
+    end
+    class ResizeNotAllowed            < ComputeError # :nodoc:
+    end
+    class NotImplemented              < ComputeError # :nodoc:
+    end
+    class Other                       < ComputeError # :nodoc:
+    end
+    class ResourceStateConflict       < ComputeError # :nodoc:
+    end
+    class QuantumError                < ComputeError # :nodoc:
+    end
+
+    # Plus some others that we define here
+
+    class ExpiredAuthToken            < StandardError # :nodoc:
+    end
+    class MissingArgument             < StandardError # :nodoc:
+    end
+    class InvalidArgument             < StandardError # :nodoc:
+    end
+    class TooManyPersonalityItems     < StandardError # :nodoc:
+    end
+    class PersonalityFilePathTooLong  < StandardError # :nodoc:
+    end
+    class PersonalityFileTooLarge     < StandardError # :nodoc:
+    end
+    class Authentication              < StandardError # :nodoc:
+    end
+    class Connection                  < StandardError # :nodoc:
+    end
+
+    # In the event of a non-200 HTTP status code, this method takes the HTTP response, parses
+    # the JSON from the body to get more information about the exception, then raises the
+    # proper error.  Note that all exceptions are scoped in the OpenStack::Compute::Exception namespace.
+    def self.raise_exception(response)
+      return if response.code =~ /^20.$/
+      begin
+        fault = nil
+        info = nil
+        if response.body.nil? && response.code == "404" #HEAD ops no body returned
+          exception_class = self.const_get("ItemNotFound")
+          raise exception_class.new("The resource could not be found", "404", "")
+        else
+          JSON.parse(response.body).each_pair do |key, val|
+            fault=key
+            info=val
+          end
+          exception_class = self.const_get(fault[0,1].capitalize+fault[1,fault.length])
+          raise exception_class.new((info["message"] || info), response.code, response.body)
+        end
+      rescue JSON::ParserError => parse_error
         deal_with_faulty_error(response, parse_error)
-    rescue NameError
-      raise OpenStack::Exception::Other.new("The server returned status #{response.code}", response.code, response.body)
+      rescue NameError
+        raise OpenStack::Exception::Other.new("The server returned status #{response.code}", response.code, response.body)
+      end
     end
-  end
 
-  private
+    private
 
-  #e.g. os.delete("non-existant") ==> response.body is:
-  # "404 Not Found\n\nThe resource could not be found.\n\n   "
-  # which doesn't parse. Deal with such cases here if possible (JSON::ParserError)
-  def self.deal_with_faulty_error(response, parse_error)
-    case response.code
-    when "404"
-      klass = self.const_get("ItemNotFound")
-      msg = "The resource could not be found"
-    when "409"
-      klass = self.const_get("ResourceStateConflict")
-      msg = "There was a conflict with the state of the resource"
-    else
-      klass = self.const_get("Other")
-      msg = "Oops - not sure what happened: #{parse_error}"
-    end
-    raise klass.new(msg, response.code.to_s, response.body)
+    #e.g. os.delete("non-existant") ==> response.body is:
+    # "404 Not Found\n\nThe resource could not be found.\n\n   "
+    # which doesn't parse. Deal with such cases here if possible (JSON::ParserError)
+    def self.deal_with_faulty_error(response, parse_error)
+      case response.code
+      when "404"
+        klass = self.const_get("ItemNotFound")
+        msg = "The resource could not be found"
+      when "409"
+        klass = self.const_get("ResourceStateConflict")
+        msg = "There was a conflict with the state of the resource"
+      else
+        klass = self.const_get("Other")
+        msg = "Oops - not sure what happened: #{parse_error}"
+      end
+      raise klass.new(msg, response.code.to_s, response.body)
+    end
   end
 end
 
-end
-

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: openstack
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 3.0.0
 platform: ruby
 authors:
 - Dan Prince