diff options
Diffstat (limited to 'openstackclient')
| -rw-r--r-- | openstackclient/common/clientmanager.py | 43 | ||||
| -rw-r--r-- | openstackclient/compute/client.py | 11 | ||||
| -rw-r--r-- | openstackclient/identity/client.py | 25 | ||||
| -rw-r--r-- | openstackclient/shell.py | 36 |
4 files changed, 68 insertions, 47 deletions
diff --git a/openstackclient/common/clientmanager.py b/openstackclient/common/clientmanager.py index ab47cc5d..04aef1db 100644 --- a/openstackclient/common/clientmanager.py +++ b/openstackclient/common/clientmanager.py @@ -21,7 +21,6 @@ class ClientCache(object): def __get__(self, instance, owner): # Tell the ClientManager to login to keystone if self._handle is None: - instance.init_token() self._handle = self.factory(instance) return self._handle @@ -30,9 +29,7 @@ class ClientManager(object): """Manages access to API clients, including authentication. """ - # Identity client is instantiated in init_token() - # otherwise we have a recursion problem - identity = None + identity = ClientCache(identity_client.make_client) compute = ClientCache(compute_client.make_client) def __init__(self, token=None, url=None, @@ -55,40 +52,16 @@ class ClientManager(object): self._identity_api_version = identity_api_version self._compute_api_version = compute_api_version self._image_api_version = image_api_version + self._service_catalog = None - def init_token(self): - """Return the auth token and endpoint. - """ - if self._token: - LOG.debug('using existing auth token') - return - - LOG.debug('validating authentication options') - if not self._username: - raise exc.CommandError( - "You must provide a username via" - " either --os-username or env[OS_USERNAME]") - - if not self._password: - raise exc.CommandError( - "You must provide a password via" - " either --os-password or env[OS_PASSWORD]") - - if not (self._tenant_id or self._tenant_name): - raise exc.CommandError( - "You must provide a tenant_id via" - " either --os-tenant-id or via env[OS_TENANT_ID]") + # Create the identity client + self.identity - if not self._auth_url: - raise exc.CommandError( - "You must provide an auth url via" - " either --os-auth-url or via env[OS_AUTH_URL]") + if not self._url: + # Populate other password flow attributes + self._token = self.identity.auth_token + self._service_catalog = self.identity.service_catalog - # Get an Identity client and keep a token and catalog - if not self.identity: - self.identity = identity_client.make_client(self) - self._token = self.identity.auth_token - self._service_catalog = self.identity.service_catalog return def get_endpoint_for_service_type(self, service_type): diff --git a/openstackclient/compute/client.py b/openstackclient/compute/client.py index 07f69aa1..30a724e0 100644 --- a/openstackclient/compute/client.py +++ b/openstackclient/compute/client.py @@ -28,8 +28,13 @@ def make_client(instance): ) # Populate the Nova client to skip another auth query to Identity - client.client.management_url = instance.get_endpoint_for_service_type( - 'compute') - client.client.service_catalog = instance._service_catalog + if instance._url: + # token flow + client.client.management_url = instance._url + else: + # password flow + client.client.management_url = instance.get_endpoint_for_service_type( + 'compute') + client.client.service_catalog = instance._service_catalog client.client.auth_token = instance._token return client diff --git a/openstackclient/identity/client.py b/openstackclient/identity/client.py index be44098e..2d823d2b 100644 --- a/openstackclient/identity/client.py +++ b/openstackclient/identity/client.py @@ -8,13 +8,20 @@ LOG = logging.getLogger(__name__) def make_client(instance): """Returns an identity service client. """ - LOG.debug('instantiating identity client') - client = identity_client.Client( - username=instance._username, - password=instance._password, - tenant_name=instance._tenant_name, - tenant_id=instance._tenant_id, - auth_url=instance._auth_url, - region_name=instance._region_name, - ) + if instance._url: + LOG.debug('instantiating identity client: token flow') + client = identity_client.Client( + endpoint=instance._url, + token=instance._token, + ) + else: + LOG.debug('instantiating identity client: password flow') + client = identity_client.Client( + username=instance._username, + password=instance._password, + tenant_name=instance._tenant_name, + tenant_id=instance._tenant_id, + auth_url=instance._auth_url, + region_name=instance._region_name, + ) return client diff --git a/openstackclient/shell.py b/openstackclient/shell.py index fb5d0727..83dd1040 100644 --- a/openstackclient/shell.py +++ b/openstackclient/shell.py @@ -27,6 +27,7 @@ from cliff.app import App from cliff.commandmanager import CommandManager from openstackclient.common import clientmanager +from openstackclient.common import exceptions as exc from openstackclient.common import utils @@ -141,6 +142,41 @@ class OpenStackShell(App): 'image': self.options.os_image_api_version, } + self.log.debug('validating authentication options') + if self.options.os_token or self.options.os_url: + # Token flow auth takes priority + if not self.options.os_token: + raise exc.CommandError( + "You must provide a token via" + " either --os-token or env[OS_TOKEN]") + + if not self.options.os_url: + raise exc.CommandError( + "You must provide a service URL via" + " either --os-url or env[OS_URL]") + + else: + # Validate password flow auth + if not self.options.os_username: + raise exc.CommandError( + "You must provide a username via" + " either --os-username or env[OS_USERNAME]") + + if not self.options.os_password: + raise exc.CommandError( + "You must provide a password via" + " either --os-password or env[OS_PASSWORD]") + + if not (self.options.os_tenant_id or self.options.os_tenant_name): + raise exc.CommandError( + "You must provide a tenant_id via" + " either --os-tenant-id or via env[OS_TENANT_ID]") + + if not self.options.os_auth_url: + raise exc.CommandError( + "You must provide an auth url via" + " either --os-auth-url or via env[OS_AUTH_URL]") + self.client_manager = clientmanager.ClientManager( token=self.options.os_token, url=self.options.os_url, |