Python keystoneauth1.identity.v3.Token() Examples
The following are 14
code examples of keystoneauth1.identity.v3.Token().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
keystoneauth1.identity.v3
, or try the search function
.
.
Example #1
| Source File: keystone.py From zun with Apache License 2.0 | 6 votes |
|
def _get_auth(self):
if self.context.auth_token_info:
access_info = ka_access.create(body=self.context.auth_token_info,
auth_token=self.context.auth_token)
auth = ka_access_plugin.AccessInfoPlugin(access_info)
elif self.context.auth_token:
auth = ka_v3.Token(auth_url=self.auth_url,
token=self.context.auth_token)
elif self.context.is_admin:
auth = ka_loading.load_auth_from_conf_options(CONF,
ksconf.CFG_GROUP)
else:
msg = ('Keystone API connection failed: no password, '
'trust_id or token found.')
LOG.error(msg)
raise exception.AuthorizationFailure(client='keystone',
message='reason %s' % msg)
return auth
Example #2
| Source File: actions.py From mistral-extra with Apache License 2.0 | 6 votes |
|
def _create_client(self, context):
LOG.debug("Gnocchi action security context: %s", context)
gnocchi_endpoint = keystone_utils.get_endpoint_for_project(
service_type="metric")
keystone_endpoint = keystone_utils.get_keystone_endpoint()
auth = ks_identity_v3.Token(
auth_url=keystone_endpoint.url,
tenant_name=context.user_name,
token=context.auth_token,
tenant_id=context.project_id
)
return self._get_client_class()(
adapter_options={"region_name": gnocchi_endpoint.region,
"project_id": context.project_id,
"endpoint": gnocchi_endpoint.url,
"insecure": context.insecure},
session_options={"auth": auth}
)
Example #3
| Source File: base_client.py From shipyard with Apache License 2.0 | 6 votes |
|
def get_resp(self, url, query_params=None):
""" Thin wrapper of requests get """
if not query_params:
query_params = {}
try:
headers = {
'X-Context-Marker': self.context.context_marker,
'X-Auth-Token': self.get_token()
}
query_params['verbosity'] = self.context.verbosity
self.debug('url: ' + url)
self.debug('Query Params: ' + str(query_params))
response = requests.get(url, params=query_params, headers=headers)
# handle some cases where the response code is sufficient to know
# what needs to be done
if response.status_code == 401:
raise UnauthenticatedClientError()
if response.status_code == 403:
raise UnauthorizedClientError()
return response
except requests.exceptions.RequestException as e:
self.error(str(e))
raise ClientError(str(e))
Example #4
| Source File: cloudkitty.py From cloudkitty-dashboard with Apache License 2.0 | 6 votes |
|
def cloudkittyclient(request):
"""Initialization of Cloudkitty client."""
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
auth_url = getattr(settings, 'OPENSTACK_KEYSTONE_URL', None)
auth = Token(
auth_url,
token=request.user.token.id,
project_id=request.user.project_id,
domain_id=request.user.domain_id,
)
adapter_options = {
'region_name': request.user.services_region,
}
return ck_client.Client(
'1',
auth=auth,
cacert=cacert,
insecure=insecure,
adapter_options=adapter_options,
)
Example #5
| Source File: keystone.py From a10-neutron-lbaas with Apache License 2.0 | 5 votes |
|
def _get_keystone_token(self, ks_version, auth_url, auth_token, tenant_id):
if int(ks_version) == 2:
auth = v2.Token(auth_url=auth_url, token=auth_token, tenant_id=tenant_id)
elif int(ks_version) == 3:
auth = v3.Token(auth_url=auth_url, token=auth_token, project_id=tenant_id)
else:
raise a10_ex.InvalidConfig('keystone version must be protocol version 2 or 3')
return self._get_keystone_stuff(ks_version, auth)
Example #6
| Source File: shell.py From eclcli with Apache License 2.0 | 5 votes |
|
def _get_keystone_v3_auth(self, v3_auth_url, **kwargs):
auth_token = kwargs.pop('auth_token', None)
if auth_token:
return v3_auth.Token(v3_auth_url, auth_token)
else:
return v3_auth.Password(v3_auth_url, **kwargs)
Example #7
| Source File: shell.py From eclcli with Apache License 2.0 | 5 votes |
|
def _get_keystone_v2_auth(self, v2_auth_url, **kwargs):
auth_token = kwargs.pop('auth_token', None)
tenant_id = kwargs.pop('project_id', None)
tenant_name = kwargs.pop('project_name', None)
if auth_token:
return v2_auth.Token(v2_auth_url, auth_token,
tenant_id=tenant_id,
tenant_name=tenant_name)
else:
return v2_auth.Password(v2_auth_url,
username=kwargs.pop('username', None),
password=kwargs.pop('password', None),
tenant_id=tenant_id,
tenant_name=tenant_name)
Example #8
| Source File: keystone.py From magnum with Apache License 2.0 | 5 votes |
|
def _get_auth(self):
if self.context.auth_token_info:
access_info = ka_access.create(body=self.context.auth_token_info,
auth_token=self.context.auth_token)
auth = ka_access_plugin.AccessInfoPlugin(access_info)
elif self.context.auth_token:
auth = ka_v3.Token(auth_url=self.auth_url,
token=self.context.auth_token)
elif self.context.trust_id:
auth_info = {
'auth_url': self.auth_url,
'username': self.context.user_name,
'password': self.context.password,
'user_domain_id': self.context.user_domain_id,
'user_domain_name': self.context.user_domain_name,
'trust_id': self.context.trust_id
}
auth = ka_v3.Password(**auth_info)
elif self.context.is_admin:
try:
auth = ka_loading.load_auth_from_conf_options(
CONF, ksconf.CFG_GROUP)
except ka_exception.MissingRequiredOptions:
auth = self._get_legacy_auth()
else:
msg = ('Keystone API connection failed: no password, '
'trust_id or token found.')
LOG.error(msg)
raise exception.AuthorizationFailure(client='keystone',
message='reason %s' % msg)
return auth
Example #9
| Source File: actions.py From mistral-extra with Apache License 2.0 | 5 votes |
|
def _create_client(self, context):
LOG.debug(
"Baremetal introspection action security context: %s", context)
inspector_endpoint = keystone_utils.get_endpoint_for_project(
service_type='baremetal-introspection'
)
auth = Token(endpoint=inspector_endpoint.url,
token=context.auth_token)
return self._get_client_class()(
api_version=1,
session=ks_session.Session(auth)
)
Example #10
| Source File: actions.py From mistral-extra with Apache License 2.0 | 5 votes |
|
def _create_client(self, context):
LOG.debug("Senlin action security context: %s", context)
keystone_endpoint = keystone_utils.get_keystone_endpoint()
senlin_endpoint = self.get_service_endpoint()
if context.is_trust_scoped and keystone_utils.is_token_trust_scoped(
context.auth_token):
if context.trust_id is None:
raise Exception(
"'trust_id' must be provided in the admin context."
)
auth = ks_identity_v3.Password(
auth_url=keystone_endpoint.url,
trust_id=context.trust_id,
username=CONF.keystone_authtoken.username,
password=CONF.keystone_authtoken.password,
user_domain_name=CONF.keystone_authtoken.user_domain_name
)
else:
auth = ks_identity_v3.Token(
auth_url=keystone_endpoint.url,
token=context.auth_token,
project_id=context.project_id
)
return self._get_client_class()(
endpoint_url=senlin_endpoint.url,
session=ks_session.Session(auth=auth),
tenant_id=context.project_id,
region_name=senlin_endpoint.region,
auth_url=keystone_endpoint.url,
insecure=context.insecure
)
Example #11
| Source File: keystone.py From qinling with Apache License 2.0 | 5 votes |
|
def _get_user_keystone_session():
ctx = context.get_ctx()
auth = v3.Token(
auth_url=CONF.keystone_authtoken.www_authenticate_uri,
token=ctx.auth_token,
project_domain_name=ctx.project_domain_name,
project_name=ctx.project_name
)
return session.Session(auth=auth, verify=False)
Example #12
| Source File: base_client.py From shipyard with Apache License 2.0 | 5 votes |
|
def post_resp(self,
url,
query_params=None,
data=None,
content_type='application/x-yaml'):
""" Thin wrapper of requests post """
if not query_params:
query_params = {}
if not data:
data = {}
try:
headers = {
'X-Context-Marker': self.context.context_marker,
'content-type': content_type,
'X-Auth-Token': self.get_token()
}
query_params['verbosity'] = self.context.verbosity
self.debug('Post request url: ' + url)
self.debug('Query Params: ' + str(query_params))
# This could use keystoneauth1 session, but that library handles
# responses strangely (wraps all 400/500 in a keystone exception)
response = requests.post(
url, data=data, params=query_params, headers=headers)
# handle some cases where the response code is sufficient to know
# what needs to be done
if response.status_code == 401:
raise UnauthenticatedClientError()
if response.status_code == 403:
raise UnauthorizedClientError()
if response.status_code == 400:
raise InvalidCollectionError(response.text)
if response.status_code == 409:
raise ShipyardBufferError(response.text)
return response
except requests.exceptions.RequestException as e:
self.error(str(e))
raise ClientError(str(e))
Example #13
| Source File: base_client.py From shipyard with Apache License 2.0 | 5 votes |
|
def get_token(self):
"""Returns the simple token string for a token
Attempt to read token from environment variable, if present use it.
If not, return the token obtained from Keystone.
"""
token = os.environ.get('OS_AUTH_TOKEN')
if token:
return token
else:
return self._get_ks_session().get_auth_headers().get('X-Auth-Token')
Example #14
| Source File: base_client.py From shipyard with Apache License 2.0 | 5 votes |
|
def _get_ks_session(self):
self.logger.debug('Accessing keystone for keystone session')
try:
if self.context.keystone_auth.get("token"):
auth = v3.Token(**self.context.keystone_auth)
else:
auth = v3.Password(**self.context.keystone_auth)
return session.Session(auth=auth)
except AuthorizationFailure as e:
self.logger.error('Could not authorize against keystone: %s',
str(e))
raise ClientError(str(e))
