diff options
author | Jenkins <jenkins@review.openstack.org> | 2016-07-01 08:33:36 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2016-07-01 08:33:37 +0000 |
commit | 835017d8f77f3c04c968609c6b3c92c768dce8a4 (patch) | |
tree | cc1cff45d29c56536755ed9f27e98bd62052b78c /heat/common/context.py | |
parent | 4f012ab1e6ea555afdc53e65c1fd9b5fd576aa3e (diff) | |
parent | 491937c1a09daf3da976ed19ef645c02ab2fc2ff (diff) | |
download | heat-835017d8f77f3c04c968609c6b3c92c768dce8a4.tar.gz |
Merge "Add keystone_session property to context"
Diffstat (limited to 'heat/common/context.py')
-rw-r--r-- | heat/common/context.py | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/heat/common/context.py b/heat/common/context.py index c1571e218..6fbfa3bd4 100644 --- a/heat/common/context.py +++ b/heat/common/context.py @@ -15,6 +15,7 @@ from keystoneauth1 import access from keystoneauth1.identity import access as access_plugin from keystoneauth1.identity import generic from keystoneauth1 import loading as ks_loading +from keystoneauth1 import session from keystoneauth1 import token_endpoint from oslo_config import cfg from oslo_context import context @@ -24,6 +25,7 @@ from oslo_middleware import request_id as oslo_request_id from oslo_utils import importutils import six +from heat.common import config from heat.common import endpoint_utils from heat.common import exception from heat.common.i18n import _LE, _LW @@ -106,6 +108,8 @@ class RequestContext(context.RequestContext): self.auth_url = auth_url self._session = None self._clients = None + self._keystone_session = session.Session( + **config.get_ssl_options('keystone')) self.trust_id = trust_id self.trustor_user_id = trustor_user_id self.policy = policy.Enforcer() @@ -138,11 +142,25 @@ class RequestContext(context.RequestContext): return self._session @property + def keystone_session(self): + if self.auth_needs_refresh(): + self.reload_auth_plugin() + self.clients.invalidate_plugins() + self._keystone_session.auth = self.auth_plugin + return self._keystone_session + + @property def clients(self): if self._clients is None: self._clients = clients.Clients(self) return self._clients + def auth_needs_refresh(self): + auth_ref = self.auth_plugin.get_auth_ref(self._keystone_session) + return (cfg.CONF.reauthentication_auth_method == 'trusts' + and auth_ref.will_expire_soon( + cfg.CONF.stale_token_duration)) + def to_dict(self): user_idt = '{user} {tenant}'.format(user=self.user_id or '-', tenant=self.tenant_id or '-') |