6fb1a4e496
* move auth option checking back to OpenStackShell() to keep the shell-level interaction at that level; add checking for token flow options * make identity.client.make_client() configure keystoneclient.v2_0.Client() properly for both password flow and token flow auth * eliminated ClientManager.init_token(), set _service_catalog in __init__() * compute client handles token flow Change-Id: I42481b5424489387798c4ec6d3e2a723ab1e6067
79 lines
2.5 KiB
Python
79 lines
2.5 KiB
Python
"""Manage access to the clients, including authenticating when needed.
|
|
"""
|
|
|
|
import logging
|
|
|
|
from openstackclient.common import exceptions as exc
|
|
from openstackclient.compute import client as compute_client
|
|
from openstackclient.identity import client as identity_client
|
|
|
|
LOG = logging.getLogger(__name__)
|
|
|
|
|
|
class ClientCache(object):
|
|
"""Descriptor class for caching created client handles.
|
|
"""
|
|
|
|
def __init__(self, factory):
|
|
self.factory = factory
|
|
self._handle = None
|
|
|
|
def __get__(self, instance, owner):
|
|
# Tell the ClientManager to login to keystone
|
|
if self._handle is None:
|
|
self._handle = self.factory(instance)
|
|
return self._handle
|
|
|
|
|
|
class ClientManager(object):
|
|
"""Manages access to API clients, including authentication.
|
|
"""
|
|
|
|
identity = ClientCache(identity_client.make_client)
|
|
compute = ClientCache(compute_client.make_client)
|
|
|
|
def __init__(self, token=None, url=None,
|
|
auth_url=None,
|
|
tenant_name=None, tenant_id=None,
|
|
username=None, password=None,
|
|
region_name=None,
|
|
identity_api_version=None,
|
|
compute_api_version=None,
|
|
image_api_version=None,
|
|
):
|
|
self._token = token
|
|
self._url = url
|
|
self._auth_url = auth_url
|
|
self._tenant_name = tenant_name
|
|
self._tenant_id = tenant_id
|
|
self._username = username
|
|
self._password = password
|
|
self._region_name = region_name
|
|
self._identity_api_version = identity_api_version
|
|
self._compute_api_version = compute_api_version
|
|
self._image_api_version = image_api_version
|
|
self._service_catalog = None
|
|
|
|
# Create the identity client
|
|
self.identity
|
|
|
|
if not self._url:
|
|
# Populate other password flow attributes
|
|
self._token = self.identity.auth_token
|
|
self._service_catalog = self.identity.service_catalog
|
|
|
|
return
|
|
|
|
def get_endpoint_for_service_type(self, service_type):
|
|
"""Return the endpoint URL for the service type.
|
|
"""
|
|
# See if we are using password flow auth, i.e. we have a
|
|
# service catalog to select endpoints from
|
|
if self._service_catalog:
|
|
endpoint = self._service_catalog.url_for(
|
|
service_type=service_type)
|
|
else:
|
|
# Hope we were given the correct URL.
|
|
endpoint = self._url
|
|
return endpoint
|