swift_client 0.1.2 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 44973422875ba91bde545267d984f7ad5ce67f5f
-  data.tar.gz: 044594bc8d651dde398221808252ba417a1292bf
+  metadata.gz: 4555d9e6b744150b80127f8a144e358666a4d70c
+  data.tar.gz: f6da1e97fa79dc31ee538f5c3fa08981d9e76c06
 SHA512:
-  metadata.gz: 51f7033388ebd75a8f83d62900880cd5de518ad08e94fd9c64e8420a8ca0d24eb3e41fc29fa96d4dff4001c2b88ed79831f733fb2b1da80245cc01ceb446c5a1
-  data.tar.gz: 5a5199435b62f2b318aacf1728150894d0a242adc8030a167d22b25656c5a925a5472242768b633164359133a346de9d26852b6f221bc551ab4e402d0f259e6c
+  metadata.gz: 34f5162ea5b2b2fcfa3f5647eaf8c2d31dbf8947678a32cb8f6c0134f299c63a6c1b89b5c85a19c82d660bb0510ac48bbdd25e5247aa41b00a632b99e9d29ec2
+  data.tar.gz: 570eaee9130d6c3bd43af82dabe763ab8af06b60add3fc577d805ddeb28623889c50de51c1bd28efad0e6edc2f2e04b8dd6461e760a4eb0a6674cb20e92d5b7c

data/README.md

@@ -67,7 +67,32 @@ swift_client = SwiftClient.new(
   :storage_url => "https://storage.example.com/v1/AUTH_account",
   :username => "username",
   :password => "password",
-  :domain => "example.com" # :domain_id => "..." is valid as well
+  :user_domain => "example.com" # :user_domain_id => "..." is valid as well
+)
+
+# OR
+
+# project scoped authentication
+
+swift_client = SwiftClient.new(
+  :auth_url => "https://auth.example.com/v3",
+  :username => "username",
+  :password => "password",
+  :user_domain => "example.com", # :user_domain_id => "..." is valid as well
+  :project_id => "p-123456", # :project_name => "..." is valid as well
+  :project_domain_id => "d-123456" # :project_domain_name => "..." is valid as well
+)
+
+# OR
+
+# domain scoped authentication
+
+swift_client = SwiftClient.new(
+  :auth_url => "https://auth.example.com/v3",
+  :username => "username",
+  :password => "password",
+  :user_domain => "example.com", # :user_domain_id => "..." is valid as well
+  :domain_id => "d-123456" # :domain_name => "..." is valid as well
 )
 
 # OR
@@ -120,7 +145,7 @@ SwiftClient offers the following requests:
 * get_objects(container_name, query = {}) -> HTTParty::Response
 * paginate_objects(container_name, query = {}) -> Enumerator
 * public_url(object_name, container_name) -> HTTParty::Response
-* temp_url(object_name, container_name) -> HTTParty::Response
+* temp_url(object_name, container_name, options = {}) -> HTTParty::Response
 
 ## Contributing
 

data/lib/swift_client.rb

@@ -28,6 +28,8 @@ class SwiftClient
   attr_accessor :options, :auth_token, :storage_url
 
   def initialize(options = {})
+    raise(OptionError, "Setting expires_in connection wide is deprecated") if options[:expires_in]
+
     self.options = options
 
     authenticate
@@ -148,7 +150,7 @@ class SwiftClient
     raise(EmptyNameError) if object_name.empty? || container_name.empty?
     raise(TempUrlKeyMissing) unless options[:temp_url_key]
 
-    expires = (Time.now + (options[:expires_in] || 3600).to_i).to_i
+    expires = (Time.now + (opts[:expires_in] || 3600).to_i).to_i
     path = URI.parse("#{storage_url}/#{container_name}/#{object_name}").path
 
     signature = OpenSSL::HMAC.hexdigest("sha1", options[:temp_url_key], "GET\n#{expires}\n#{path}")
@@ -234,16 +236,15 @@ class SwiftClient
   end
 
   def authenticate_v3
-    [:auth_url, :storage_url].each do |key|
-      raise(AuthenticationError, "#{key} missing") unless options[key]
-    end
+    raise(AuthenticationError, "auth_url missing") unless options[:auth_url]
+    raise(AuthenticationError, "username in combination with domain/domain_id is deprecated, please use user_domain/user_domain_id instead") if options[:username] && (options[:domain] || options[:domain_id]) && !options[:user_domain] && !options[:user_domain_id]
 
     auth = { "auth" => { "identity" => {} } }
 
-    if options[:username] && options[:password] && (options[:domain] || options[:domain_id])
+    if options[:username] && options[:password] && (options[:user_domain] || options[:user_domain_id])
       auth["auth"]["identity"]["methods"] = ["password"]
       auth["auth"]["identity"]["password"] = { "user" => { "name" => options[:username], "password" => options[:password] } }
-      auth["auth"]["identity"]["password"]["user"]["domain"] = options[:domain] ? { "name" => options[:domain] } : { "id" => options[:domain_id] }
+      auth["auth"]["identity"]["password"]["user"]["domain"] = options[:user_domain] ? { "name" => options[:user_domain] } : { "id" => options[:user_domain_id] }
     elsif options[:user_id] && options[:password]
       auth["auth"]["identity"]["methods"] = ["password"]
       auth["auth"]["identity"]["password"] = { "user" => { "id" => options[:user_id], "password" => options[:password] } }
@@ -254,12 +255,46 @@ class SwiftClient
       raise AuthenticationError, "Unknown authentication method"
     end
 
+    # handle project authentication scope
+
+    if (options[:project_id] || options[:project_name]) && (options[:project_domain_name] || options[:project_domain_id])
+      auth["auth"]["scope"] = { "project" => { "domain" => {} } }
+      auth["auth"]["scope"]["project"]["name"] =  options[:project_name] if options[:project_name]
+      auth["auth"]["scope"]["project"]["id"] =  options[:project_id] if options[:project_id]
+      auth["auth"]["scope"]["project"]["domain"]["name"] = options[:project_domain_name] if options[:project_domain_name]
+      auth["auth"]["scope"]["project"]["domain"]["id"] = options[:project_domain_id] if options[:project_domain_id]
+    end
+
+    # handle domain authentication scope
+
+    if options[:domain_name] || options[:domain_id]
+      auth["auth"]["scope"] = { "domain" => {} }
+      auth["auth"]["scope"]["domain"]["name"] = options[:domain_name] if options[:domain_name]
+      auth["auth"]["scope"]["domain"]["id"] = options[:domain_id] if options[:domain_id]
+    end
+
     response = HTTParty.post("#{options[:auth_url].gsub(/\/+$/, "")}/auth/tokens", :body => JSON.dump(auth), :headers => { "Content-Type" => "application/json" })
 
     raise(AuthenticationError, "#{response.code}: #{response.message}") unless response.success?
 
     self.auth_token = response.headers["X-Subject-Token"]
-    self.storage_url = options[:storage_url]
+    self.storage_url = options[:storage_url] || storage_url_from_v3_response(response)
+
+    raise(AuthenticationError, "storage_url missing") unless storage_url
+  end
+
+  def storage_url_from_v3_response(response)
+    swift_services = Array(response.parsed_response["token"]["catalog"]).select { |service| service["type"] == "object-store" }
+    swift_service = swift_services.first
+
+    return unless swift_services.size == 1
+
+    swift_endpoints = swift_service["endpoints"].select { |endpoint| endpoint["interface"] == "public" }
+    swift_endpoint = swift_endpoints.first
+
+    return unless swift_endpoints.size == 1
+
+    swift_endpoint["url"]
   end
 
   def paginate(method, *args, query)

data/lib/swift_client/version.rb

@@ -1,5 +1,5 @@
 
 class SwiftClient
-  VERSION = "0.1.2"
+  VERSION = "0.1.3"
 end
 

data/swift_client.gemspec

@@ -25,4 +25,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rake"
   spec.add_development_dependency "minitest"
   spec.add_development_dependency "webmock"
+  spec.add_development_dependency "mocha"
 end

data/test/swift_client_test.rb

@@ -11,15 +11,58 @@ class SwiftClientTest < MiniTest::Test
     assert_equal "https://example.com/v1/AUTH_account", @swift_client.storage_url
   end
 
-  def test_v3_authentication_with_password
+  def test_v3_authentication_unscoped_with_password
     stub_request(:post, "https://auth.example.com/v3/auth/tokens").with(:body => JSON.dump("auth" => { "identity" => { "methods" => ["password"], "password" => { "user" => { "name" => "username", "password" => "secret", "domain" => { "name" => "example.com" }}}}})).to_return(:status => 200, :body => JSON.dump("token" => "..."), :headers => { "X-Subject-Token" => "Token", "Content-Type" => "application/json" })
 
-    @swift_client = SwiftClient.new(:storage_url => "https://example.com/v1/AUTH_account", :auth_url => "https://auth.example.com/v3", :username => "username", :domain => "example.com", :password => "secret")
+    @swift_client = SwiftClient.new(:storage_url => "https://example.com/v1/AUTH_account", :auth_url => "https://auth.example.com/v3", :username => "username", :user_domain => "example.com", :password => "secret")
 
     assert_equal "Token", @swift_client.auth_token
     assert_equal "https://example.com/v1/AUTH_account", @swift_client.storage_url
   end
 
+  def test_v3_authentication_project_scoped_with_password
+    stub_request(:post, "https://auth.example.com/v3/auth/tokens").with(:body => JSON.dump("auth" => { "identity" => { "methods" => ["password"], "password" => { "user" => { "name" => "username", "password" => "secret", "domain" => { "name" => "example.com" }}}}, "scope"=> { "project" => { "domain" => { "id" => "domain1" }, "id" => "project1" }}})).to_return(:status => 200, :body => JSON.dump("token" => "..."), :headers => { "X-Subject-Token" => "Token", "Content-Type" => "application/json" })
+
+    @swift_client = SwiftClient.new(:storage_url => "https://example.com/v1/AUTH_account", :auth_url => "https://auth.example.com/v3", :username => "username", :user_domain => "example.com", :password => "secret", :project_id => 'project1', :project_domain_id => 'domain1')
+
+    assert_equal "Token", @swift_client.auth_token
+    assert_equal "https://example.com/v1/AUTH_account", @swift_client.storage_url
+  end
+
+  def test_v3_authentication_domain_scoped_with_password
+    stub_request(:post, "https://auth.example.com/v3/auth/tokens").with(:body => JSON.dump("auth" => { "identity" => { "methods" => ["password"], "password" => { "user" => { "name" => "username", "password" => "secret", "domain" => { "name" => "example.com" }}}}, "scope"=> { "domain" => { "id" => "domain1" }}})).to_return(:status => 200, :body => JSON.dump("token" => "..."), :headers => { "X-Subject-Token" => "Token", "Content-Type" => "application/json" })
+
+    @swift_client = SwiftClient.new(:storage_url => "https://example.com/v1/AUTH_account", :auth_url => "https://auth.example.com/v3", :username => "username", :user_domain => "example.com", :password => "secret", :domain_id => 'domain1')
+
+    assert_equal "Token", @swift_client.auth_token
+    assert_equal "https://example.com/v1/AUTH_account", @swift_client.storage_url
+  end
+
+  def test_v3_authentication_storage_url_from_catalog
+    stub_request(:post, "https://auth.example.com/v3/auth/tokens").with(:body => JSON.dump("auth" => { "identity" => { "methods" => ["password"], "password" => { "user" => { "name" => "username", "password" => "secret", "domain" => { "name" => "example.com" }}}}})).to_return(:status => 200, :body => JSON.dump("token" => { "catalog"=> [{ "type" => "object-store", "endpoints" => [{ "interface"=>"public", "url"=> "https://example.com/v1/AUTH_account" }] }] }), :headers => { "X-Subject-Token" => "Token", "Content-Type" => "application/json" })
+
+    @swift_client = SwiftClient.new(:auth_url => "https://auth.example.com/v3", :username => "username", :user_domain => "example.com", :password => "secret")
+
+    assert_equal "Token", @swift_client.auth_token
+    assert_equal "https://example.com/v1/AUTH_account", @swift_client.storage_url
+  end
+
+  def test_v3_authentication_without_storage_url_and_multiple_swifts
+    stub_request(:post, "https://auth.example.com/v3/auth/tokens").with(:body => JSON.dump("auth" => { "identity" => { "methods" => ["password"], "password" => { "user" => { "name" => "username", "password" => "secret", "domain" => { "name" => "example.com" }}}}})).to_return(:status => 200, :body => JSON.dump("token" => { "catalog"=> [{ "type" => "object-store", "endpoints" => [{ "interface"=>"public", "url"=> "https://example.com/v1/AUTH_account" }] }, { "type" => "object-store", "endpoints" => [{ "interface"=>"public", "url"=> "https://example.com/v1/AUTH_account" }] }] }), :headers => { "X-Subject-Token" => "Token", "Content-Type" => "application/json" })
+
+    assert_raises SwiftClient::AuthenticationError do
+      SwiftClient.new :auth_url => "https://auth.example.com/v3", :username => "username", :user_domain => "example.com", :password => "secret"
+    end
+  end
+
+  def test_v3_authentication_without_storage_url_and_multiple_endpoints
+    stub_request(:post, "https://auth.example.com/v3/auth/tokens").with(:body => JSON.dump("auth" => { "identity" => { "methods" => ["password"], "password" => { "user" => { "name" => "username", "password" => "secret", "domain" => { "name" => "example.com" }}}}})).to_return(:status => 200, :body => JSON.dump("token" => { "catalog"=> [{ "type" => "object-store", "endpoints" => [{ "interface"=>"public", "url"=> "https://first.example.com/v1/AUTH_account" }, { "interface"=>"public", "url"=> "https://second.example.com/v1/AUTH_account" }] }] }), :headers => { "X-Subject-Token" => "Token", "Content-Type" => "application/json" })
+
+    assert_raises SwiftClient::AuthenticationError do
+      SwiftClient.new :auth_url => "https://auth.example.com/v3", :username => "username", :user_domain => "example.com", :password => "secret"
+    end
+  end
+
   def test_v3_authentication_with_token
     stub_request(:post, "https://auth.example.com/v3/auth/tokens").with(:body => JSON.dump("auth" => { "identity" => { "methods" => ["token"], "token" => { "id" => "Token" }}})).to_return(:status => 200, :body => JSON.dump("token" => "..."), :headers => { "X-Subject-Token" => "Token", "Content-Type" => "application/json" })
 
@@ -29,6 +72,12 @@ class SwiftClientTest < MiniTest::Test
     assert_equal "https://example.com/v1/AUTH_account", @swift_client.storage_url
   end
 
+  def test_v3_authentication_username_domain_deprecation
+    assert_raises SwiftClient::AuthenticationError do
+      SwiftClient.new :auth_url => "https://auth.example.com/v3", :username => "username", :domain => "example.com", :password => "secret"
+    end
+  end
+
   def test_v2_authentication_with_password
     stub_request(:post, "https://auth.example.com/v2.0/tokens").with(:body => JSON.dump("auth" => { "tenantName" => "Tenant", "passwordCredentials" => { "username" => "Username", :password => "Password"  }})).to_return(:status => 200, :body => JSON.dump("access" => { "token" => { "id" => "Token" }}), :headers => { "Content-Type" => "application/json" })
 
@@ -243,7 +292,10 @@ class SwiftClientTest < MiniTest::Test
   end
 
   def test_temp_url
-    assert @swift_client.temp_url("object", "container", :expires_in => 3600) =~ %r{https://example.com/v1/AUTH_account/container/object\?temp_url_sig=[a-f0-9]{40}&temp_url_expires=[0-9]+}
+    Time.expects(:now).at_least_once.returns(1_000_000)
+
+    assert @swift_client.temp_url("object", "container") =~ %r{https://example.com/v1/AUTH_account/container/object\?temp_url_sig=[a-f0-9]{40}&temp_url_expires=1003600}
+    assert @swift_client.temp_url("object", "container", :expires_in => 86400) =~ %r{https://example.com/v1/AUTH_account/container/object\?temp_url_sig=[a-f0-9]{40}&temp_url_expires=1086400}
   end
 end
 

data/test/test_helper.rb

@@ -3,4 +3,5 @@ require "swift_client"
 require "minitest"
 require "minitest/autorun"
 require "webmock/minitest"
-
+require "minitest/unit"
+require "mocha/mini_test"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: swift_client
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - Benjamin Vetter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-23 00:00:00.000000000 Z
+date: 2016-03-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -94,6 +94,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Small but powerful client to interact with OpenStack Swift
 email:
 - vetter@plainpicture.de