diff options
| author | Dean Troyer <dtroyer@gmail.com> | 2015-01-07 22:01:21 -0600 |
|---|---|---|
| committer | Dean Troyer <dtroyer@gmail.com> | 2015-01-15 13:51:31 -0600 |
| commit | d3b87d7795356d3c4e4b6f578a1f426a74f9afbd (patch) | |
| tree | f1d126e6d9b3e4d4f4d0f136363c51a0aae21eef /openstackclient/api/auth.py | |
| parent | 6b196d1a17531b56d0a19b95a81a21c6a2ccc625 (diff) | |
| download | python-openstackclient-d3b87d7795356d3c4e4b6f578a1f426a74f9afbd.tar.gz | |
Add version url config workaround
This subclasses KSC's generic Password plugin to allow version discovery with
default Keystone configurations that leave admin_endpoint and public_endpoint
at the default values (http://localhost:xxxx). This patch copies the scheme
and netloc from the original auth_url into the URL returned from version
discovery if the returned netloc begins with 'localhost'.
Due to the specific nature of this review, the Keystone team is not
inclned to include it in keystoneclient so it is addressed here.
Closes-bug: #1410364
Change-Id: I877fe74d86aab3a63122a07b77d1302a007f5b30
Diffstat (limited to 'openstackclient/api/auth.py')
| -rw-r--r-- | openstackclient/api/auth.py | 46 |
1 files changed, 45 insertions, 1 deletions
diff --git a/openstackclient/api/auth.py b/openstackclient/api/auth.py index bfb2f83a..898a2504 100644 --- a/openstackclient/api/auth.py +++ b/openstackclient/api/auth.py @@ -16,11 +16,13 @@ import argparse import logging +from six.moves.urllib import parse as urlparse import stevedore from oslo.config import cfg from keystoneclient.auth import base +from keystoneclient.auth.identity.generic import password as ksc_password from openstackclient.common import exceptions as exc from openstackclient.common import utils @@ -72,7 +74,7 @@ def select_auth_plugin(options): auth_plugin_name = 'v2password' else: # let keystoneclient figure it out itself - auth_plugin_name = 'password' + auth_plugin_name = 'osc_password' elif options.os_token: if options.os_identity_api_version == '3': auth_plugin_name = 'v3token' @@ -230,3 +232,45 @@ class TokenEndpoint(base.BaseAuthPlugin): ]) return options + + +class OSCGenericPassword(ksc_password.Password): + """Auth plugin hack to work around broken Keystone configurations + + The default Keystone configuration uses http://localhost:xxxx in + admin_endpoint and public_endpoint and are returned in the links.href + attribute by the version routes. Deployments that do not set these + are unusable with newer keystoneclient version discovery. + + """ + + def create_plugin(self, session, version, url, raw_status=None): + """Handle default Keystone endpoint configuration + + Build the actual API endpoint from the scheme, host and port of the + original auth URL and the rest from the returned version URL. + """ + + ver_u = urlparse.urlparse(url) + + # Only hack this if it is the default setting + if ver_u.netloc.startswith('localhost'): + auth_u = urlparse.urlparse(self.auth_url) + # from original auth_url: scheme, netloc + # from api_url: path, query (basically, the rest) + url = urlparse.urlunparse(( + auth_u.scheme, + auth_u.netloc, + ver_u.path, + ver_u.params, + ver_u.query, + ver_u.fragment, + )) + LOG.debug('Version URL updated: %s' % url) + + return super(OSCGenericPassword, self).create_plugin( + session=session, + version=version, + url=url, + raw_status=raw_status, + ) |