diff options
| author | Dean Troyer <dtroyer@gmail.com> | 2014-08-22 17:26:07 -0500 |
|---|---|---|
| committer | Dean Troyer <dtroyer@gmail.com> | 2014-09-08 00:06:52 -0500 |
| commit | ae957b176e5918f41024c00cbc39ea371a0c37c6 (patch) | |
| tree | f087abc03197bdbfbfe07ab46cefde083a487c56 /openstackclient/common/clientmanager.py | |
| parent | 3317e0abf694c56cb3b24bdf2b2b10577ea47f6b (diff) | |
| download | python-openstackclient-ae957b176e5918f41024c00cbc39ea371a0c37c6.tar.gz | |
Use Keystone client session.Session
This replaces the restapi requests wrapper with the one from Keystone client so
we can take advantage of the auth plugins.
As a first step only the v2 and v3 token and password plugins are supported.
This maintainis no changes to the command options or environment variables.
The next steps will include reworking the other API client interfaces to
fully utilize the single auth session.
Blueprint: ksc-session-auth
Change-Id: I47ec63291e4c3cf36c8061299a4764f60b36ab89
Diffstat (limited to 'openstackclient/common/clientmanager.py')
| -rw-r--r-- | openstackclient/common/clientmanager.py | 68 |
1 files changed, 57 insertions, 11 deletions
diff --git a/openstackclient/common/clientmanager.py b/openstackclient/common/clientmanager.py index 4dcec8e0..4206ad00 100644 --- a/openstackclient/common/clientmanager.py +++ b/openstackclient/common/clientmanager.py @@ -19,7 +19,9 @@ import logging import pkg_resources import sys -from openstackclient.common import restapi +from keystoneclient.auth.identity import v2 as v2_auth +from keystoneclient.auth.identity import v3 as v3_auth +from keystoneclient import session from openstackclient.identity import client as identity_client @@ -80,24 +82,68 @@ class ClientManager(object): self._cacert = verify self._insecure = False - self.session = restapi.RESTApi( - verify=verify, - debug=True, - ) + ver_prefix = identity_client.AUTH_VERSIONS[ + self._api_version[identity_client.API_NAME] + ] # Get logging from root logger root_logger = logging.getLogger('') LOG.setLevel(root_logger.getEffectiveLevel()) - restapi_logger = logging.getLogger('restapi') - restapi_logger.setLevel(root_logger.getEffectiveLevel()) - self.auth_ref = None + # NOTE(dtroyer): These plugins are hard-coded for the first step + # in using the new Keystone auth plugins. + + if self._url: + LOG.debug('Using token auth %s', ver_prefix) + if ver_prefix == 'v2': + self.auth = v2_auth.Token( + auth_url=url, + token=token, + ) + else: + self.auth = v3_auth.Token( + auth_url=url, + token=token, + ) + else: + LOG.debug('Using password auth %s', ver_prefix) + if ver_prefix == 'v2': + self.auth = v2_auth.Password( + auth_url=auth_url, + username=username, + password=password, + trust_id=trust_id, + tenant_id=project_id, + tenant_name=project_name, + ) + else: + self.auth = v3_auth.Password( + auth_url=auth_url, + username=username, + password=password, + trust_id=trust_id, + user_domain_id=user_domain_id, + user_domain_name=user_domain_name, + domain_id=domain_id, + domain_name=domain_name, + project_id=project_id, + project_name=project_name, + project_domain_id=project_domain_id, + project_domain_name=project_domain_name, + ) + + self.session = session.Session( + auth=self.auth, + verify=verify, + ) + self.auth_ref = None if not self._url: + # Trigger the auth call + self.auth_ref = self.session.auth.get_auth_ref(self.session) # Populate other password flow attributes - self.auth_ref = self.identity.auth_ref - self._token = self.identity.auth_token - self._service_catalog = self.identity.service_catalog + self._token = self.session.auth.get_token(self.session) + self._service_catalog = self.auth_ref.service_catalog return |