kotovalexarian-likes-github/fog--fog
1
0
Fork 0
mirror of https://github.com/fog/fog.git synced 2022-11-09 13:51:43 -05:00
Code Releases Activity

[openstack|identity] Fix Authentication Implementation

Browse source
This commit is contained in:
Nelvin Driz 2012-02-22 14:46:56 +08:00
parent 7cf6031c81
commit 3e43a571e0
18 changed files with 118 additions and 110 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
.fog
View file

@ -1,53 +0,0 @@
:default:
:aws_access_key_id:
:aws_secret_access_key:
:bluebox_api_key:
:bluebox_customer_id:
:brightbox_client_id:
:brightbox_secret:
:clodo_api_key:
:clodo_username:
:go_grid_api_key:
:go_grid_shared_secret:
:google_storage_access_key_id:
:google_storage_secret_access_key:
:linode_api_key:
:local_root:
:new_servers_password:
:new_servers_username:
:public_key_path:
:private_key_path:
:openstack_api_key:
:openstack_username:
:openstack_auth_url:
:openstack_tenant:
:ovirt_username:
:ovirt_password:
:ovirt_url:
:rackspace_api_key:
:rackspace_username:
:rackspace_servicenet:
:rackspace_cdn_ssl:
:slicehost_password:
:stormondemand_username:
:stormondemand_password:
:terremark_username:
:terremark_password:
:voxel_api_key:
:voxel_api_secret:
:zerigo_email:
:zerigo_token:
:dnsimple_email:
:dnsimple_password:
:dnsmadeeasy_api_key:
:dnsmadeeasy_secret_key:
:cloudstack_host:
:cloudstack_api_key:
:cloudstack_secret_access_key:
:vsphere_server:
:vsphere_username:
:vsphere_password:
:libvirt_username:
:libvirt_password:
:libvirt_uri:
:libvirt_ip_command:

1
.gitignore vendored
View file

@ -9,6 +9,7 @@
bin/* bin/*
!bin/fog !bin/fog
!bin/rdoc !bin/rdoc
.fog
coverage coverage
doc/* doc/*
docs/_site/* docs/_site/*

43
.irbrc Normal file
View file

@ -0,0 +1,43 @@
require 'fog'
class ConnectionManager < Hash
def [](key)
$connection_manager_previous_key = key
super(key)
end
def []=(key, value)
$connection_manager_previous_key = key
super(key, value)
end
end
def connections
return @connections if @connections
@connections = ConnectionManager.new
end
def connection
connections[$connection_manager_previous_key]
end
def connect(username, password, tenant = nil, url = 'http://192.168.27.100:35357/')
parameters = {
:provider => 'openstack',
:openstack_api_key => password,
:openstack_username => username,
:openstack_auth_url => "#{url}v2.0/tokens"
}
parameters.merge!(:openstack_tenant => tenant) if tenant
identity = Fog::Identity.new(parameters)
compute = Fog::Compute.new(parameters)
image = Fog::Image.new(parameters)
connections[username.to_sym] = {
:identity => identity,
:compute => compute ,
:image => image
}
end

1
lib/fog.rb
View file

@ -13,6 +13,7 @@ require 'fog/providers'
require 'fog/terremark' require 'fog/terremark'
require 'fog/compute' require 'fog/compute'
require 'fog/identity'
require 'fog/cdn' require 'fog/cdn'
require 'fog/dns' require 'fog/dns'
require 'fog/storage' require 'fog/storage'

24
lib/fog/identity.rb Normal file
View file

@ -0,0 +1,24 @@
module Fog
module Identity
def self.[](provider)
self.new(:provider => provider)
end
def self.new(attributes)
attributes = attributes.dup # Prevent delete from having side effects
case provider = attributes.delete(:provider).to_s.downcase.to_sym
when :openstack
require 'fog/openstack/identity'
Fog::Identity::OpenStack.new(attributes)
else
raise ArgumentError.new("#{provider} has no identity service")
end
end
def self.providers
Fog.services[:idenity]
end
end
end

8
lib/fog/openstack.rb
View file

@ -41,7 +41,8 @@ module Fog
end end
end end
service(:compute, 'openstack/compute', 'Compute') service(:compute , 'openstack/compute' , 'Compute' )
service(:identity, 'openstack/identity', 'Identity')
# legacy v1.0 style auth # legacy v1.0 style auth
def self.authenticate_v1(options, connection_options = {}) def self.authenticate_v1(options, connection_options = {})
@ -87,7 +88,8 @@ module Fog
req_body['auth']['tenantName'] = @openstack_tenant if @openstack_tenant req_body['auth']['tenantName'] = @openstack_tenant if @openstack_tenant
body = retrieve_tokens_v2(connection, req_body, uri) body = retrieve_tokens_v2(connection, req_body, uri)
svc = body['access']['serviceCatalog'].detect{|x| x['name'] == @compute_service_name} svc = body['access']['serviceCatalog'].
detect{|x| @compute_service_name.include?(x['type']) }
unless svc unless svc
unless @openstack_tenant unless @openstack_tenant
@ -106,7 +108,7 @@ module Fog
body = retrieve_tokens_v2(connection, req_body, uri) body = retrieve_tokens_v2(connection, req_body, uri)
svc = body['access']['serviceCatalog']. svc = body['access']['serviceCatalog'].
detect {|x| x['endpoints'].detect{|y| y['publicURL'].match(/(1\.1|2\.0)/) } } detect{|x| @compute_service_name.include?(x['type']) }
end end
mgmt_url = svc['endpoints'].detect{|x| x['publicURL']}['publicURL'] mgmt_url = svc['endpoints'].detect{|x| x['publicURL']}['publicURL']

5
lib/fog/openstack/compute.rb
View file

@ -7,7 +7,8 @@ module Fog
class OpenStack < Fog::Service class OpenStack < Fog::Service
requires :openstack_api_key, :openstack_username, :openstack_auth_url requires :openstack_api_key, :openstack_username, :openstack_auth_url
recognizes :openstack_auth_token, :openstack_management_url, :persistent, :openstack_compute_service_name, :openstack_tenant recognizes :openstack_auth_token, :openstack_management_url,
:persistent, :openstack_compute_service_name, :openstack_tenant
model_path 'fog/openstack/models/compute' model_path 'fog/openstack/models/compute'
model :address model :address
@ -148,7 +149,7 @@ module Fog
@openstack_auth_token = options[:openstack_auth_token] @openstack_auth_token = options[:openstack_auth_token]
@openstack_management_url = options[:openstack_management_url] @openstack_management_url = options[:openstack_management_url]
@openstack_must_reauthenticate = false @openstack_must_reauthenticate = false
@openstack_compute_service_name = options[:openstack_compute_service_name] || 'nova' @openstack_compute_service_name = options[:openstack_compute_service_name] || ['nova', 'compute']
@connection_options = options[:connection_options] || {} @connection_options = options[:connection_options] || {}

45
lib/fog/openstack/identity.rb
View file

@ -6,30 +6,30 @@ module Fog
class OpenStack < Fog::Service class OpenStack < Fog::Service
requires :openstack_api_key, :openstack_username, :openstack_auth_url requires :openstack_api_key, :openstack_username, :openstack_auth_url
recognizes :openstack_auth_token, :openstack_management_url, :persistent, :openstack_compute_service_name, :openstack_tenant recognizes :openstack_auth_token, :openstack_management_url, :persistent,
:openstack_compute_service_name, :openstack_tenant
# model_path 'fog/openstack/models/identity' model_path 'fog/openstack/models/identity'
# model :tenant # model :tenant
# collection :tenants # collection :tenants
# model :user # model :user
# collection :users # collection :users
request_path 'fog/openstack/requests/identity' request_path 'fog/openstack/requests/identity'
request :check_token request :check_token
request :validate_token
request :get_tenants request :get_tenants
request :get_tenants_by_id request :get_tenants_by_id
request :get_tenants_by_name request :get_tenants_by_name
request :get_user_by_id request :get_user_by_id
request :get_user_by_name request :get_user_by_name
request :list_endpoints_for_token request :list_endpoints_for_token
request :list_roles_for_user_on_tenant request :list_roles_for_user_on_tenant
request :list_user_global_roles request :list_user_global_roles
request :validate_tokens
class Mock class Mock
@ -41,16 +41,20 @@ module Fog
def initialize(options={}) def initialize(options={})
require 'multi_json' require 'multi_json'
@openstack_api_key = options[:openstack_api_key]
@openstack_api_key = options[:openstack_api_key]
@openstack_username = options[:openstack_username] @openstack_username = options[:openstack_username]
@openstack_tenant = options[:openstack_tenant] @openstack_tenant = options[:openstack_tenant]
@openstack_compute_service_name = options[:openstack_compute_service_name] || 'nova' @openstack_auth_uri = URI.parse(options[:openstack_auth_url])
@openstack_auth_url = options[:openstack_auth_url]
@openstack_auth_token = options[:openstack_auth_token] @openstack_auth_token = options[:openstack_auth_token]
@openstack_management_url = options[:openstack_management_url] @openstack_management_url = options[:openstack_management_url]
@openstack_must_reauthenticate = false @openstack_must_reauthenticate = false
@openstack_compute_service_name = options[:openstack_compute_service_name] || ['identity']
@connection_options = options[:connection_options] || {} @connection_options = options[:connection_options] || {}
authenticate authenticate
@persistent = options[:persistent] || false @persistent = options[:persistent] || false
@connection = Fog::Connection.new("#{@scheme}://#{@host}:#{@port}", @persistent, @connection_options) @connection = Fog::Connection.new("#{@scheme}://#{@host}:#{@port}", @persistent, @connection_options)
end end
@ -99,25 +103,28 @@ module Fog
options = { options = {
:openstack_api_key => @openstack_api_key, :openstack_api_key => @openstack_api_key,
:openstack_username => @openstack_username, :openstack_username => @openstack_username,
:openstack_auth_url => @openstack_auth_url, :openstack_auth_uri => @openstack_auth_uri,
:openstack_tenant => @openstack_tenant, :openstack_tenant => @openstack_tenant,
:openstack_compute_service_name => @openstack_compute_service_name
} }
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options) credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
@openstack_must_reauthenticate = false
@auth_token = credentials[:token] @auth_token = credentials[:token]
@openstack_management_url = credentials[:server_management_url]
url = @openstack_auth_url uri = URI.parse(@openstack_management_url)
uri = URI.parse(url)
else else
@auth_token = @openstack_auth_token @auth_token = @openstack_auth_token
uri = URI.parse(@openstack_management_url) uri = URI.parse(@openstack_management_url)
end end
@host = uri.host @host = uri.host
@path = uri.path @path = uri.path
@path.sub!(/\/$/, '') @path.sub!(/\/$/, '')
@port = uri.port @port = uri.port
@scheme = uri.scheme @scheme = uri.scheme
true
end end
end end

8
lib/fog/openstack/requests/identity/check_token.rb
View file

@ -1,18 +1,14 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def check_token(token_id, tenant_id) def check_token(token_id, tenant_id)
request( request(
:expects => [200, 203], :expects => [200, 203],
:method => 'HEAD', :method => 'HEAD',
:path => "tokens/#{token_id}?belongsTo=#{tenant_id}" :path => "tokens/#{token_id}?belongsTo=#{tenant_id}"
) )
# TODO: Handle 404
end end
end end

3
lib/fog/openstack/requests/identity/get_tenants.rb
View file

@ -1,10 +1,9 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def get_tenants def get_tenants
request( request(
:expects => [200], :expects => [200],
:method => 'GET', :method => 'GET',

3
lib/fog/openstack/requests/identity/get_tenants_by_id.rb
View file

@ -1,10 +1,9 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def get_tenants_by_id(tenant_id) def get_tenants_by_id(tenant_id)
request( request(
:expects => [200], :expects => [200],
:method => 'GET', :method => 'GET',

3
lib/fog/openstack/requests/identity/get_tenants_by_name.rb
View file

@ -1,10 +1,9 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def get_tenants_by_name(name) def get_tenants_by_name(name)
request( request(
:expects => [200], :expects => [200],
:method => 'GET', :method => 'GET',

3
lib/fog/openstack/requests/identity/get_user_by_id.rb
View file

@ -1,10 +1,9 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def get_user_by_id(user_id) def get_user_by_id(user_id)
request( request(
:expects => [200, 203], :expects => [200, 203],
:method => 'GET', :method => 'GET',

3
lib/fog/openstack/requests/identity/get_user_by_name.rb
View file

@ -1,10 +1,9 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def get_user_by_name(name) def get_user_by_name(name)
request( request(
:expects => [200, 203], :expects => [200, 203],
:method => 'GET', :method => 'GET',

6
lib/fog/openstack/requests/identity/list_endpoints_for_token.rb
View file

@ -1,16 +1,14 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def list_endpoints_for_token(token_id) def list_endpoints_for_token(token_id)
request( request(
:expects => [200, 203], :expects => [200, 203],
:method => 'HEAD', :method => 'HEAD',
:path => "tokens/#{token_id}/endpoints" :path => "tokens/#{token_id}/endpoints"
) )
end end
end end

3
lib/fog/openstack/requests/identity/list_roles_for_user_on_tenant.rb
View file

@ -1,10 +1,9 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def list_roles_for_user_on_tenant(tenant_id, user_id) def list_roles_for_user_on_tenant(tenant_id, user_id)
request( request(
:expects => [200], :expects => [200],
:method => 'GET', :method => 'GET',

4
lib/fog/openstack/requests/identity/list_user_global_roles.rb
View file

@ -1,17 +1,15 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def list_user_global_roles(user_id) def list_user_global_roles(user_id)
request( request(
:expects => [200], :expects => [200],
:method => 'GET', :method => 'GET',
:path => "users/#{user_id}/roles" :path => "users/#{user_id}/roles"
) )
end end
end end
class Mock class Mock

8
lib/fog/openstack/requests/identity/validate_token.rb
View file

@ -1,18 +1,14 @@
module Fog module Fog
module Identity module Identity
class Openstack class OpenStack
class Real class Real
def validate_token(token_id, tenant_id) def validate_token(token_id, tenant_id)
request( request(
:expects => [200, 203], :expects => [200, 203],
:method => 'GET', :method => 'GET',
:path => "tokens/#{token_id}?belongsTo=#{tenant_id}" :path => "tokens/#{token_id}?belongsTo=#{tenant_id}"
) )
# TODO: Handle 404
end end
end end