diff options
| author | guang-yee <guang.yee@hpe.com> | 2016-02-08 11:16:24 -0800 |
|---|---|---|
| committer | guang-yee <guang.yee@hpe.com> | 2016-02-19 16:07:13 -0800 |
| commit | 41e1bd0be64e15a5e0c12b45bdf3dcde5fabf244 (patch) | |
| tree | 0d5f55b0495c3208f981b7a180619d8d6b02d3a2 /openstackclient/common/clientmanager.py | |
| parent | ab6ba385a2c292a7a906390ad911db8c59811a07 (diff) | |
| download | python-openstackclient-41e1bd0be64e15a5e0c12b45bdf3dcde5fabf244.tar.gz | |
Support unscoped token request
Make scope check optional for the "token issue" command as unscoped token is
a valid Keystone V2/V3 API.
Change-Id: Ie1cded4dbfdafd3a78c0ebdf89e3f66762509930
Closes-Bug: #1543214
Diffstat (limited to 'openstackclient/common/clientmanager.py')
| -rw-r--r-- | openstackclient/common/clientmanager.py | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/openstackclient/common/clientmanager.py b/openstackclient/common/clientmanager.py index dce19725..48b3aca5 100644 --- a/openstackclient/common/clientmanager.py +++ b/openstackclient/common/clientmanager.py @@ -113,19 +113,35 @@ class ClientManager(object): root_logger = logging.getLogger('') LOG.setLevel(root_logger.getEffectiveLevel()) - def setup_auth(self): + # NOTE(gyee): use this flag to indicate whether auth setup has already + # been completed. If so, do not perform auth setup again. The reason + # we need this flag is that we want to be able to perform auth setup + # outside of auth_ref as auth_ref itself is a property. We can not + # retrofit auth_ref to optionally skip scope check. Some operations + # do not require a scoped token. In those cases, we call setup_auth + # prior to dereferrencing auth_ref. + self._auth_setup_completed = False + + def setup_auth(self, required_scope=True): """Set up authentication + :param required_scope: indicate whether a scoped token is required + This is deferred until authentication is actually attempted because it gets in the way of things that do not require auth. """ + if self._auth_setup_completed: + return + # If no auth type is named by the user, select one based on # the supplied options self.auth_plugin_name = auth.select_auth_plugin(self._cli_options) # Basic option checking to avoid unhelpful error messages - auth.check_valid_auth_options(self._cli_options, self.auth_plugin_name) + auth.check_valid_auth_options(self._cli_options, + self.auth_plugin_name, + required_scope=required_scope) # Horrible hack alert...must handle prompt for null password if # password auth is requested. @@ -180,6 +196,8 @@ class ClientManager(object): user_agent=USER_AGENT, ) + self._auth_setup_completed = True + return @property |