openstack/python-openstackclient
Code Issues Proposed changes
3f9c68f1c6
python-openstackclient/openstackclient/common/clientmanager.py
Dean Troyer 3f9c68f1c6 Add options to support TLS certificate verification 
Add --os-cacert and --verify|--insecure options using the same
sematics as the other project CLIs.  --verify is included for
completeness.

Bug: 1236608

Change-Id: I8a116d790db5aa4cb17a2207efedce7cb229eba3
2013-10-07 18:17:48 -05:00

96 lines
3.4 KiB
Python
Raw Blame History

# Copyright 2012-2013 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
"""Manage access to the clients, including authenticating when needed."""
import logging
from openstackclient.compute import client as compute_client
from openstackclient.identity import client as identity_client
from openstackclient.image import client as image_client
from openstackclient.object import client as object_client
from openstackclient.volume import client as volume_client
LOG = logging.getLogger(__name__)
class ClientCache(object):
"""Descriptor class for caching created client handles."""
def __init__(self, factory):
self.factory = factory
self._handle = None
def __get__(self, instance, owner):
# Tell the ClientManager to login to keystone
if self._handle is None:
self._handle = self.factory(instance)
return self._handle
class ClientManager(object):
"""Manages access to API clients, including authentication."""
compute = ClientCache(compute_client.make_client)
identity = ClientCache(identity_client.make_client)
image = ClientCache(image_client.make_client)
object = ClientCache(object_client.make_client)
volume = ClientCache(volume_client.make_client)
def __init__(self, token=None, url=None, auth_url=None, project_name=None,
project_id=None, username=None, password=None,
region_name=None, verify=True, api_version=None):
self._token = token
self._url = url
self._auth_url = auth_url
self._project_name = project_name
self._project_id = project_id
self._username = username
self._password = password
self._region_name = region_name
self._api_version = api_version
self._service_catalog = None
# verify is the Requests-compatible form
self._verify = verify
# also store in the form used by the legacy client libs
self._cacert = None
if verify is True or verify is False:
self._insecure = not verify
else:
self._cacert = verify
self._insecure = True
self.auth_ref = None
if not self._url:
# Populate other password flow attributes
self.auth_ref = self.identity.auth_ref
self._token = self.identity.auth_token
self._service_catalog = self.identity.service_catalog
return
def get_endpoint_for_service_type(self, service_type):
"""Return the endpoint URL for the service type."""
# See if we are using password flow auth, i.e. we have a
# service catalog to select endpoints from
if self._service_catalog:
endpoint = self._service_catalog.url_for(
service_type=service_type)
else:
# Hope we were given the correct URL.
endpoint = self._url
return endpoint
View Git Blame Copy Permalink