summaryrefslogtreecommitdiff
path: root/openstackclient/identity
Commit message (Collapse)AuthorAgeFilesLines
* Support for keystone auth pluginsMatthieu Huin2014-10-091-15/+6
| | | | | | | | | | | | | | | | | | | | | | | This patch allows the user to choose which authentication plugin to use with the CLI. The arguments needed by the auth plugins are automatically added to the argument parser. Some examples with the currently available authentication plugins:: OS_USERNAME=admin OS_PROJECT_NAME=admin OS_AUTH_URL=http://keystone:5000/v2.0 \ OS_PASSWORD=admin openstack user list OS_USERNAME=admin OS_PROJECT_DOMAIN_NAME=default OS_USER_DOMAIN_NAME=default \ OS_PROJECT_NAME=admin OS_AUTH_URL=http://keystone:5000/v3 OS_PASSWORD=admin \ OS_IDENTITY_API_VERSION=3 OS_AUTH_PLUGIN=v3password openstack project list OS_TOKEN=1234 OS_URL=http://service_url:35357/v2.0 \ OS_IDENTITY_API_VERSION=2.0 openstack user list The --os-auth-plugin option can be omitted; if so the CLI will attempt to guess which plugin to use from the other options. Change-Id: I330c20ddb8d96b3a4287c68b57c36c4a0f869669 Co-Authored-By: Florent Flament <florent.flament-ext@cloudwatt.com>
* Merge "CRUD operations for federated protocols"Jenkins2014-10-091-0/+182
|\
| * CRUD operations for federated protocolsMarek Denis2014-10-081-0/+182
| | | | | | | | | | | | | | | | | | Openstackclient needs to have a capability to manage federated protocols (like saml2, openid connect, abfab). This patch allows users to administrate such operations from the commandline. Change-Id: I59eef2acdda60c7ec795d1bfe31e8e960b4478a1 Implements: bp/add-openstackclient-federation-crud
* | Merge "Pass in domain and project as positional args, not kwargs"Jenkins2014-10-091-2/+2
|\ \ | |/ |/|
| * Pass in domain and project as positional args, not kwargsSteve Martinelli2014-10-021-2/+2
| | | | | | | | | | | | | | | | | | | | The signature for users.set in keystoneclient dictates that domain and project be sent in, not domainId and projectId, which are being incorrectly sent in as 'extra' data. Closes-Bug: #1376833 Change-Id: I44df3e492f61eab2241f3758dee622417bb6f399
* | Implement CRUD operations for Mapping objectsMarek Denis2014-10-081-0/+209
|/ | | | | Change-Id: I4b8f2e77e741cf74f50aba98ab975af7321b02c6 Implements: bp/add-openstackclient-federation-crud
* v3 credential set always needs --user optionwanghong2014-09-231-4/+5
| | | | | Change-Id: Ieca76bb6ee2f328f4e33010623c25eb9c18e6952 Closes-Bug: #1372744
* Fixing typo and improving docstring of find_domainVictor Silva2014-09-191-5/+5
| | | | | | | | | This should make it easier to understand the purpose of find_domain - I believe the reason for which find_resource wasn't enough was not quite clear. Change-Id: I6a1cdfa86f52401d95c6da2cd38d7c95a140b4a1
* Merge "Add service catalog commands"Jenkins2014-09-191-0/+98
|\
| * Add service catalog commandsDean Troyer2014-09-181-0/+98
| | | | | | | | | | | | | | | | 'catalog list' and 'catalog show' for Identity v2 Identity v2 only so far. Change-Id: I9df0dac3d5bb7c18f38a81bd7d29f8119462d3a5
* | Return current user/project for user/project show commandsDean Troyer2014-09-142-17/+53
|/ | | | | | | | If non-admin user attempts 'project show' or 'user show' on the currently authenticated project or user return the information that is already in the service catalog rather than throwing a Forbidden error. Change-Id: Ieeb6eacf71a471e410fbd3c09e7871740547e890
* Use Keystone client session.SessionDean Troyer2014-09-082-25/+14
| | | | | | | | | | | | | | This replaces the restapi requests wrapper with the one from Keystone client so we can take advantage of the auth plugins. As a first step only the v2 and v3 token and password plugins are supported. This maintainis no changes to the command options or environment variables. The next steps will include reworking the other API client interfaces to fully utilize the single auth session. Blueprint: ksc-session-auth Change-Id: I47ec63291e4c3cf36c8061299a4764f60b36ab89
* Merge "Add action 'user password set' for identiy v3"Jenkins2014-09-071-0/+29
|\
| * Add action 'user password set' for identiy v3Mouad Benchchaoui2014-09-071-0/+29
| | | | | | | | | | | | | | | | | | | | | | This new action will allow a user to change their own password by either providing the new password as an argument (--password) or by being prompted to enter the new password. In both cases user will be prompted to enter their current password as required by the v3 API. Closes-Bug: #1337245 Change-Id: I5e1e0fd2b46a4502318da57f7cce2b236fb2d93d
* | Merge "Change app.restapi to app.client_manager.session"Jenkins2014-09-061-0/+10
|\ \
| * | Change app.restapi to app.client_manager.sessionDean Troyer2014-08-251-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is step 1 toward using Keystone client's session.Session as the primary session/requests interface in OSC. * Move the session create into ClientManager and rename 'restapi' attribute to 'session' * Set up ClientManager and session loggers * Fix container and object command references to restapi/api Change-Id: I013d81520b336c7a6422cd22c05d1d65655e64f8
* | | Merge "add service/interface/region filter for endpoint v3"Jenkins2014-09-061-1/+27
|\ \ \
| * | | add service/interface/region filter for endpoint v3wanghong2014-08-181-1/+27
| | | | | | | | | | | | | | | | | | | | Change-Id: I7eac5b2ff5f5a6f3f08b22dd3a48a5ae7e2c056b Closes-Bug: #1281888
* | | | Make Identity client load like the othersDean Troyer2014-08-281-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This does a couple of things: * Loads the Identity client module in the same manner as the other 'base' clients (where 'base' == 'included in the OSC repo') * Changes the entry point group name for the base clients to 'openstack.cli.base'. The extension group name remains the same. * Loads the base modules first followed by the extension modules. This load order ensures that the extension module commands are all loaded _after_ the base commands, allowing extensions to now override the base commands. Change-Id: I4b9ca7f1df6eb8bbe8e3f663f3065c2ed80ce20b
* | | | Merge "add tests for identity v3 endpoint"Jenkins2014-08-231-5/+11
|\ \ \ \ | |/ / /
| * | | add tests for identity v3 endpointwanghong2014-08-141-5/+11
| |/ / | | | | | | | | | | | | Change-Id: I1479460473656ea4e2a48a976808371e840b49c1 Closes-Bug: #1348867
* | | add tests for identity v3 domainwanghong2014-08-141-5/+6
|/ / | | | | | | Change-Id: I478215f62b51e6e73283f0304ea1b0736177d1b1
* | Merge "user create v2.0 depends on tenantId in response"Jenkins2014-08-071-3/+4
|\ \
| * | user create v2.0 depends on tenantId in responseSteve Martinelli2014-08-041-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | User create for v2.0 no longer always contains a tenantId in the response. Add a guard to check for tenantId first before pop'ing it. Change-Id: I428dbc26520bb86efad33768ce04f584217ad168 Closes-Bug: #1352119
* | | v3 endpoint set shouldn't always need service optionwanghong2014-08-041-2/+6
|/ / | | | | | | | | Change-Id: I71aab1ee4f467dc963e7afa7fc1c82b4255ea822 Closes-Bug: #1351121
* | fix typo in identity/v3/endpoint.pywanghong2014-07-291-4/+4
| | | | | | | | Change-Id: Idf57a6a988f5c0f20f3b0b19ab896642ce10d70b
* | More make_client() logging cleanupDean Troyer2014-07-261-1/+1
| | | | | | | | Change-Id: I5af4b9c52c69d6e31e6ca5f90d5880c097880a71
* | Merge "Normalize more help strings"Jenkins2014-07-242-12/+12
|\ \
| * | Normalize more help stringsDean Troyer2014-07-242-12/+12
| | | | | | | | | | | | Change-Id: I2b21bc904e35c1cc50da369d148e607fe3e8cf90
* | | Fix IDP commandsJamie Lennox2014-07-211-7/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | identity_client.identity_providers doesn't exist as a manager. These are located at identity_client.federation.identity_providers. Fix the routes. Also fix passing id to .create() as a positional argument. This is not allowed from keystoneclient it should be passed as a keyword argument. Change-Id: I912c27fcee58b0723e27e9147def2cbd1c62c288
* | | Merge "Domain administrator cannot do project operations"Jenkins2014-07-092-12/+27
|\ \ \
| * | | Domain administrator cannot do project operationsTerry Howe2014-07-072-12/+27
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Domain administrator cannot do project operations because the require access to the domain API (which they don't have). When attempting to find a domain for project operations, ignore errors because the API returns nothing without indicating there is a problem. The domain administrators will have to use a domain id, but they will still be able to do project operations. If the user does not have permission to read the domain table, they cannot use domain names. Change-Id: Ieed5d420022a407c8296a0bb3569d9469c89d752 Closes-Bug: #1317478 Closes-Bug: #1317485
* | | Clean up make_client() loggingDean Troyer2014-07-081-2/+4
|/ / | | | | | | Change-Id: I0b6760a6401b50e3dfb891af75424ae89df42ebc
* | trust authenticationMatthieu Huin2014-07-031-0/+2
|/ | | | | | | | | This patch enables authenticating by using a trust. The trust ID must be set with the parameter --os-trust-id or the env variable OS_TRUST_ID. Trusts are available for the identity v3 API. Co-Authored-By: Florent Flament <florent.flament@cloudwatt.com> Change-Id: Iacc389b203bbadda53ca31a7f5a9b8b6e1a1f522
* Merge "Rename token classes to match command"Jenkins2014-06-272-14/+17
|\
| * Rename token classes to match commandDean Troyer2014-06-272-14/+17
| | | | | | | | | | | | | | The token create/delete commands were renamed but not the class names. Rename them to match. Change-Id: Icbf9c0a954ed0332fa4c99e4ee2612bb11f89e3a
* | Fixed typos in the identity clientAlex Gaynor2014-06-261-2/+2
|/ | | | Change-Id: I76042110f5a008d4c097862a572448448f92a504
* Complete Identity v3 list command filtersDean Troyer2014-06-192-23/+74
| | | | | | | Complete the 'group list' and 'user list' filter options following the refactor in https://review.openstack.org/69878 Change-Id: Ib4af417c56d4f7da4b88852f191af615cc7fa2ec
* Merge "Refactor role list subcommand for identity v3 api"Jenkins2014-06-193-158/+115
|\
| * Refactor role list subcommand for identity v3 apiQiu Yu2014-06-133-158/+115
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently parts of user list and group list command are actually functioning as role listing, which is quite counter intuitive and misleading. This refactor change move role related logic to a single place of role list command. It now allows role grants listing for user/group + domain/project combinations. If no user or group specified, it will list all roles in the system, which is the default behaviour. Change-Id: I4ced6df4b76f018d01000d28b4281ad9f252ffcc
* | Merge "Change the token verb to issue/revoke"Jenkins2014-06-182-3/+3
|\ \
| * | Change the token verb to issue/revokeTerry Howe2014-06-182-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Change the token verb to issue/revoke as documented in: https://wiki.openstack.org/wiki/OpenStackClient/Commands#token https://wiki.openstack.org/wiki/OpenStackClient/Commands#Actions Change-Id: I44f77f98ad3269c4f2149301c204804dcb75ac81
* | | Merge "Add token delete command for identity v2"Jenkins2014-06-181-0/+22
|\ \ \ | |/ /
| * | Add token delete command for identity v2Terry Howe2014-05-231-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | Identity v2 has undocumented support for token delete and keystoneclient also has support. Change-Id: Ib98d17958ceb88f7b63471691dee71fdb884ce2e Closes-Bug: #1318442
* | | Refactor oauth1 code for updatesSteve Martinelli2014-06-142-141/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The keystoneclient code for oauth1 support has changed. As such, we should remove the delete, list and authenticate functions, since they are not in keystoneclient. Also, we must now pass in the project id when creating a request token. Additionally we must now pass in roles when authorizing a request token. Added functional tests to ensure output and input args are the same. bp add-oauth-support Change-Id: I559c18a73ad95a0c8b7a6a95f463b78334186f61
* | | Merge "Add role assignments list support to identity v3"Jenkins2014-06-131-0/+156
|\ \ \ | |_|/ |/| |
| * | Add role assignments list support to identity v3henriquetruta2014-05-301-0/+156
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The assignments manager and its test class were created. Some fake stubs were also added on the fakes.py module. The "openstack role assignment list" command was created. Change-Id: Iae94f4fee608ea3e09ff38961ad22edc38efb89c Implements: blueprint roles-assignment-list Closes-Bug: 1246310
* | | Merge "replace string format arguments with function parameters"Jenkins2014-06-1019-97/+97
|\ \ \ | |/ / |/| |
| * | replace string format arguments with function parametersChristian Berendt2014-05-2019-97/+97
| |/ | | | | | | | | | | | | | | There are files containing string format arguments inside logging messages. Using logging function parameters should be preferred. Change-Id: Ic749ac9eb55564ed631d57055a5a4dfc3aebd169
* | Fixed several typos throughout the codebaseAlex Gaynor2014-05-212-2/+2
|/ | | | Change-Id: I048ee857fc1215fea7f60978364894e1b5abdf66
View Lorry Controller Status