summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--keystonemiddleware/audit/__init__.py5
-rw-r--r--keystonemiddleware/audit/_api.py19
-rw-r--r--keystonemiddleware/audit/_notifier.py10
-rw-r--r--keystonemiddleware/auth_token/__init__.py70
-rw-r--r--keystonemiddleware/auth_token/_auth.py18
-rw-r--r--keystonemiddleware/auth_token/_cache.py8
-rw-r--r--keystonemiddleware/auth_token/_identity.py18
-rw-r--r--keystonemiddleware/auth_token/_memcache_pool.py7
-rw-r--r--keystonemiddleware/auth_token/_signing_dir.py10
-rw-r--r--keystonemiddleware/i18n.py10
-rw-r--r--keystonemiddleware/s3_token.py9
-rw-r--r--test-requirements.txt2
12 files changed, 82 insertions, 104 deletions
diff --git a/keystonemiddleware/audit/__init__.py b/keystonemiddleware/audit/__init__.py
index cf7b568..8335cf6 100644
--- a/keystonemiddleware/audit/__init__.py
+++ b/keystonemiddleware/audit/__init__.py
@@ -36,7 +36,6 @@ import webob.dec
from keystonemiddleware._common import config
from keystonemiddleware.audit import _api
from keystonemiddleware.audit import _notifier
-from keystonemiddleware.i18n import _LE
_LOG = None
@@ -68,8 +67,8 @@ def _log_and_ignore_error(fn):
try:
return fn(*args, **kwargs)
except Exception as e:
- _LOG.exception(_LE('An exception occurred processing '
- 'the API call: %s '), e)
+ _LOG.exception('An exception occurred processing '
+ 'the API call: %s ', e)
return wrapper
diff --git a/keystonemiddleware/audit/_api.py b/keystonemiddleware/audit/_api.py
index 4e453f7..d05d732 100644
--- a/keystonemiddleware/audit/_api.py
+++ b/keystonemiddleware/audit/_api.py
@@ -28,9 +28,6 @@ import six
from six.moves import configparser
from six.moves.urllib import parse as urlparse
-from keystonemiddleware.i18n import _LW
-
-
# NOTE(blk-u): Compatibility for Python 2. SafeConfigParser and
# SafeConfigParser.readfp are deprecated in Python 3. Remove this when we drop
# support for Python 2.
@@ -253,14 +250,14 @@ class OpenStackAuditApi(object):
try:
catalog = jsonutils.loads(req.environ['HTTP_X_SERVICE_CATALOG'])
except KeyError:
- msg = _LW('Unable to discover target information because '
- 'service catalog is missing. Either the incoming '
- 'request does not contain an auth token or auth '
- 'token does not contain a service catalog. For '
- 'the latter, please make sure the '
- '"include_service_catalog" property in '
- 'auth_token middleware is set to "True"')
- self._log.warning(msg)
+ self._log.warning(
+ 'Unable to discover target information because '
+ 'service catalog is missing. Either the incoming '
+ 'request does not contain an auth token or auth '
+ 'token does not contain a service catalog. For '
+ 'the latter, please make sure the '
+ '"include_service_catalog" property in '
+ 'auth_token middleware is set to "True"')
default_endpoint = None
for endp in catalog:
diff --git a/keystonemiddleware/audit/_notifier.py b/keystonemiddleware/audit/_notifier.py
index 9d17c29..4bc97b8 100644
--- a/keystonemiddleware/audit/_notifier.py
+++ b/keystonemiddleware/audit/_notifier.py
@@ -18,8 +18,6 @@ try:
except ImportError:
oslo_messaging = None
-from keystonemiddleware.i18n import _LI
-
class _LogNotifier(object):
@@ -27,10 +25,10 @@ class _LogNotifier(object):
self._log = log
def notify(self, context, event_type, payload):
- self._log.info(_LI('Event type: %(event_type)s, Context: %(context)s, '
- 'Payload: %(payload)s'), {'context': context,
- 'event_type': event_type,
- 'payload': payload})
+ self._log.info('Event type: %(event_type)s, Context: %(context)s, '
+ 'Payload: %(payload)s', {'context': context,
+ 'event_type': event_type,
+ 'payload': payload})
class _MessagingNotifier(object):
diff --git a/keystonemiddleware/auth_token/__init__.py b/keystonemiddleware/auth_token/__init__.py
index 84c2830..0b61e2d 100644
--- a/keystonemiddleware/auth_token/__init__.py
+++ b/keystonemiddleware/auth_token/__init__.py
@@ -241,7 +241,7 @@ from keystonemiddleware.auth_token import _request
from keystonemiddleware.auth_token import _revocations
from keystonemiddleware.auth_token import _signing_dir
from keystonemiddleware.auth_token import _user_plugin
-from keystonemiddleware.i18n import _, _LC, _LE, _LI, _LW
+from keystonemiddleware.i18n import _
_LOG = logging.getLogger(__name__)
@@ -362,7 +362,7 @@ class BaseAuthProtocol(object):
self._validate_token(serv_auth_ref)
self._confirm_token_bind(serv_auth_ref, request)
except ksm_exceptions.InvalidToken:
- self.log.info(_LI('Invalid service token'))
+ self.log.info('Invalid service token')
request.service_token_valid = False
else:
# FIXME(jamielennox): The new behaviour for service tokens is
@@ -383,12 +383,12 @@ class BaseAuthProtocol(object):
request.service_token_valid = role_check_passed
else:
if not self._service_token_warning_emitted:
- self.log.warning(_LW('A valid token was submitted as '
- 'a service token, but it was not '
- 'a valid service token. This is '
- 'incorrect but backwards '
- 'compatible behaviour. This will '
- 'be removed in future releases.'))
+ self.log.warning('A valid token was submitted as '
+ 'a service token, but it was not '
+ 'a valid service token. This is '
+ 'incorrect but backwards '
+ 'compatible behaviour. This will '
+ 'be removed in future releases.')
# prevent log spam on every single request
self._service_token_warning_emitted = True
@@ -408,7 +408,7 @@ class BaseAuthProtocol(object):
if not request.service_token:
self._confirm_token_bind(user_auth_ref, request)
except ksm_exceptions.InvalidToken:
- self.log.info(_LI('Invalid user token'))
+ self.log.info('Invalid user token')
request.user_token_valid = False
else:
request.user_token_valid = True
@@ -443,7 +443,7 @@ class BaseAuthProtocol(object):
try:
return data, access.create(body=data, auth_token=token)
except Exception:
- self.log.warning(_LW('Invalid token contents.'), exc_info=True)
+ self.log.warning('Invalid token contents.', exc_info=True)
raise ksm_exceptions.InvalidToken(_('Token authorization failed'))
def fetch_token(self, token, **kwargs):
@@ -496,7 +496,7 @@ class BaseAuthProtocol(object):
# no bind provided and none required
return
else:
- self.log.info(_LI('No bind information present in token.'))
+ self.log.info('No bind information present in token.')
self._invalid_user_token()
# get the named mode if bind_mode is not one of the predefined
@@ -506,20 +506,20 @@ class BaseAuthProtocol(object):
name = self._enforce_token_bind
if name and name not in auth_ref.bind:
- self.log.info(_LI('Named bind mode %s not in bind information'),
+ self.log.info('Named bind mode %s not in bind information',
name)
self._invalid_user_token()
for bind_type, identifier in six.iteritems(auth_ref.bind):
if bind_type == _BIND_MODE.KERBEROS:
if req.auth_type != 'negotiate':
- self.log.info(_LI('Kerberos credentials required and '
- 'not present.'))
+ self.log.info('Kerberos credentials required and '
+ 'not present.')
self._invalid_user_token()
if req.remote_user != identifier:
- self.log.info(_LI('Kerberos credentials do not match '
- 'those in bind.'))
+ self.log.info('Kerberos credentials do not match '
+ 'those in bind.')
self._invalid_user_token()
self.log.debug('Kerberos bind authentication successful.')
@@ -532,8 +532,8 @@ class BaseAuthProtocol(object):
else:
self.log.info(
- _LI('Couldn`t verify unknown bind: %(bind_type)s: '
- '%(identifier)s.'),
+ 'Couldn`t verify unknown bind: %(bind_type)s: '
+ '%(identifier)s.',
{'bind_type': bind_type, 'identifier': identifier})
self._invalid_user_token()
@@ -548,7 +548,7 @@ class AuthProtocol(BaseAuthProtocol):
def __init__(self, app, conf):
log = logging.getLogger(conf.get('log_name', __name__))
- log.info(_LI('Starting Keystone auth_token middleware'))
+ log.info('Starting Keystone auth_token middleware')
self._conf = config.Config('auth_token',
_base.AUTHTOKEN_GROUP,
@@ -558,10 +558,10 @@ class AuthProtocol(BaseAuthProtocol):
token_roles_required = self._conf.get('service_token_roles_required')
if not token_roles_required:
- log.warning(_LW('AuthToken middleware is set with '
- 'keystone_authtoken.service_token_roles_required '
- 'set to False. This is backwards compatible but '
- 'deprecated behaviour. Please set this to True.'))
+ log.warning('AuthToken middleware is set with '
+ 'keystone_authtoken.service_token_roles_required '
+ 'set to False. This is backwards compatible but '
+ 'deprecated behaviour. Please set this to True.')
super(AuthProtocol, self).__init__(
app,
@@ -584,9 +584,9 @@ class AuthProtocol(BaseAuthProtocol):
self._auth_uri = self._conf.get('auth_uri')
if not self._auth_uri:
self.log.warning(
- _LW('Configuring auth_uri to point to the public identity '
- 'endpoint is required; clients may not be able to '
- 'authenticate against an admin endpoint'))
+ 'Configuring auth_uri to point to the public identity '
+ 'endpoint is required; clients may not be able to '
+ 'authenticate against an admin endpoint')
# FIXME(dolph): drop support for this fallback behavior as
# documented in bug 1207517.
@@ -640,7 +640,7 @@ class AuthProtocol(BaseAuthProtocol):
if self._delay_auth_decision:
self.log.debug('Deferring reject downstream')
else:
- self.log.info(_LI('Rejecting request'))
+ self.log.info('Rejecting request')
message = _('The request you have made requires '
'authentication.')
body = {'error': {
@@ -767,14 +767,14 @@ class AuthProtocol(BaseAuthProtocol):
ksa_exceptions.RequestTimeout,
ksm_exceptions.RevocationListError,
ksm_exceptions.ServiceError) as e:
- self.log.critical(_LC('Unable to validate token: %s'), e)
+ self.log.critical('Unable to validate token: %s', e)
raise webob.exc.HTTPServiceUnavailable()
except ksm_exceptions.InvalidToken:
self.log.debug('Token validation failure.', exc_info=True)
if token_hashes:
self._token_cache.set(token_hashes[0],
_CACHE_INVALID_INDICATOR)
- self.log.warning(_LW('Authorization failed for token'))
+ self.log.warning('Authorization failed for token')
raise
return data
@@ -794,11 +794,11 @@ class AuthProtocol(BaseAuthProtocol):
self._revocations.check(token_hashes)
verified = self._cms_verify(token_data, inform)
except ksc_exceptions.CertificateConfigError:
- self.log.warning(_LW('Fetch certificate config failed, '
- 'fallback to online validation.'))
+ self.log.warning('Fetch certificate config failed, '
+ 'fallback to online validation.')
except ksm_exceptions.RevocationListError:
- self.log.warning(_LW('Fetch revocation list failed, '
- 'fallback to online validation.'))
+ self.log.warning('Fetch revocation list failed, '
+ 'fallback to online validation.')
else:
data = jsonutils.loads(verified)
@@ -839,7 +839,7 @@ class AuthProtocol(BaseAuthProtocol):
inform=inform).decode('utf-8')
except (ksc_exceptions.CMSError,
cms.subprocess.CalledProcessError) as err:
- self.log.warning(_LW('Verify error: %s'), err)
+ self.log.warning('Verify error: %s', err)
msg = _('Token authorization failed')
raise ksm_exceptions.InvalidToken(msg)
@@ -856,7 +856,7 @@ class AuthProtocol(BaseAuthProtocol):
except ksc_exceptions.CertificateConfigError as err:
# if this is still occurring, something else is wrong and we
# need err.output to identify the problem
- self.log.error(_LE('CMS Verify output: %s'), err.output)
+ self.log.error('CMS Verify output: %s', err.output)
raise
def _fetch_signing_cert(self):
diff --git a/keystonemiddleware/auth_token/_auth.py b/keystonemiddleware/auth_token/_auth.py
index 2be9a15..966c42e 100644
--- a/keystonemiddleware/auth_token/_auth.py
+++ b/keystonemiddleware/auth_token/_auth.py
@@ -17,7 +17,7 @@ from keystoneauth1 import token_endpoint
from oslo_config import cfg
from keystonemiddleware.auth_token import _base
-from keystonemiddleware.i18n import _, _LW
+from keystonemiddleware.i18n import _
class AuthTokenPlugin(plugin.BaseAuthPlugin):
@@ -26,22 +26,22 @@ class AuthTokenPlugin(plugin.BaseAuthPlugin):
admin_user, admin_password, admin_tenant_name, admin_token,
identity_uri, log):
- log.warning(_LW(
+ log.warning(
"Use of the auth_admin_prefix, auth_host, auth_port, "
"auth_protocol, identity_uri, admin_token, admin_user, "
"admin_password, and admin_tenant_name configuration options was "
"deprecated in the Mitaka release in favor of an auth_plugin and "
"its related options. This class may be removed in a future "
- "release."))
+ "release.")
# NOTE(jamielennox): it does appear here that our default arguments
# are backwards. We need to do it this way so that we can handle the
# same deprecation strategy for CONF and the conf variable.
if not identity_uri:
- log.warning(_LW('Configuring admin URI using auth fragments was '
- 'deprecated in the Kilo release, and will be '
- 'removed in the Newton release, '
- 'use \'identity_uri\ instead.'))
+ log.warning('Configuring admin URI using auth fragments was '
+ 'deprecated in the Kilo release, and will be '
+ 'removed in the Newton release, '
+ 'use \'identity_uri\ instead.')
if ':' in auth_host:
# Note(dzyu) it is an IPv6 address, so it needs to be wrapped
@@ -66,10 +66,10 @@ class AuthTokenPlugin(plugin.BaseAuthPlugin):
auth_url = '%s/v2.0' % self._identity_uri
if admin_token:
- log.warning(_LW(
+ log.warning(
"The admin_token option in auth_token middleware was "
"deprecated in the Kilo release, and will be removed in the "
- "Newton release, use admin_user and admin_password instead."))
+ "Newton release, use admin_user and admin_password instead.")
self._plugin = token_endpoint.Token(auth_url, admin_token)
else:
self._plugin = v2.Password(auth_url,
diff --git a/keystonemiddleware/auth_token/_cache.py b/keystonemiddleware/auth_token/_cache.py
index 5db5c64..43ce923 100644
--- a/keystonemiddleware/auth_token/_cache.py
+++ b/keystonemiddleware/auth_token/_cache.py
@@ -20,7 +20,7 @@ import six
from keystonemiddleware.auth_token import _exceptions as exc
from keystonemiddleware.auth_token import _memcache_crypt as memcache_crypt
from keystonemiddleware.auth_token import _memcache_pool as memcache_pool
-from keystonemiddleware.i18n import _, _LE, _LW
+from keystonemiddleware.i18n import _
def _hash_key(key):
@@ -57,7 +57,7 @@ class _CachePool(list):
def __init__(self, memcached_servers, log):
self._memcached_servers = memcached_servers
if not self._memcached_servers:
- log.warning(_LW(
+ log.warning(
"Using the in-process token cache is deprecated as of the "
"4.2.0 release and may be removed in the 5.0.0 release or "
"the 'O' development cycle. The in-process cache causes "
@@ -65,7 +65,7 @@ class _CachePool(list):
"is removed the auth_token middleware will not cache tokens "
"by default which may result in performance issues. It is "
"recommended to use memcache for the auth_token token cache "
- "by setting the memcached_servers option."))
+ "by setting the memcached_servers option.")
@contextlib.contextmanager
def reserve(self):
@@ -274,7 +274,7 @@ class SecureTokenCache(TokenCache):
# unprotect_data will return None if raw_cached is None
return memcache_crypt.unprotect_data(context, data)
except Exception:
- msg = _LE('Failed to decrypt/verify cache data')
+ msg = 'Failed to decrypt/verify cache data'
self._LOG.exception(msg)
# this should have the same effect as data not
diff --git a/keystonemiddleware/auth_token/_identity.py b/keystonemiddleware/auth_token/_identity.py
index bb05538..88d7f62 100644
--- a/keystonemiddleware/auth_token/_identity.py
+++ b/keystonemiddleware/auth_token/_identity.py
@@ -22,7 +22,7 @@ from six.moves import urllib
from keystonemiddleware.auth_token import _auth
from keystonemiddleware.auth_token import _exceptions as ksm_exceptions
-from keystonemiddleware.i18n import _, _LE, _LI, _LW
+from keystonemiddleware.i18n import _
def _convert_fetch_cert_exception(fetch_cert):
@@ -193,7 +193,7 @@ class IdentityServer(object):
return klass
versions = ['v%d.%d' % s.AUTH_VERSION for s in _REQUEST_STRATEGIES]
- self._LOG.error(_LE('No attempted versions [%s] supported by server'),
+ self._LOG.error('No attempted versions [%s] supported by server',
', '.join(versions))
msg = _('No compatible apis supported by server')
@@ -218,23 +218,23 @@ class IdentityServer(object):
user_token,
allow_expired=allow_expired)
except ksa_exceptions.NotFound as e:
- self._LOG.warning(_LW('Authorization failed for token'))
- self._LOG.warning(_LW('Identity response: %s'), e.response.text)
+ self._LOG.warning('Authorization failed for token')
+ self._LOG.warning('Identity response: %s', e.response.text)
raise ksm_exceptions.InvalidToken(_('Token authorization failed'))
except ksa_exceptions.Unauthorized as e:
- self._LOG.info(_LI('Identity server rejected authorization'))
- self._LOG.warning(_LW('Identity response: %s'), e.response.text)
+ self._LOG.info('Identity server rejected authorization')
+ self._LOG.warning('Identity response: %s', e.response.text)
if retry:
- self._LOG.info(_LI('Retrying validation'))
+ self._LOG.info('Retrying validation')
return self.verify_token(user_token, False)
msg = _('Identity server rejected authorization necessary to '
'fetch token data')
raise ksm_exceptions.ServiceError(msg)
except ksa_exceptions.HttpError as e:
self._LOG.error(
- _LE('Bad response code while validating token: %s'),
+ 'Bad response code while validating token: %s',
e.http_status)
- self._LOG.warning(_LW('Identity response: %s'), e.response.text)
+ self._LOG.warning('Identity response: %s', e.response.text)
msg = _('Failed to fetch token data from identity server')
raise ksm_exceptions.ServiceError(msg)
else:
diff --git a/keystonemiddleware/auth_token/_memcache_pool.py b/keystonemiddleware/auth_token/_memcache_pool.py
index 360be39..2b3853a 100644
--- a/keystonemiddleware/auth_token/_memcache_pool.py
+++ b/keystonemiddleware/auth_token/_memcache_pool.py
@@ -26,9 +26,6 @@ import time
from oslo_log import log as logging
from six.moves import queue
-from keystonemiddleware.i18n import _LC
-
-
_PoolItem = collections.namedtuple('_PoolItem', ['ttl', 'connection'])
@@ -77,8 +74,8 @@ class ConnectionPool(queue.Queue):
try:
conn = self.get(timeout=self._connection_get_timeout)
except queue.Empty:
- self._LOG.critical(_LC('Unable to get a connection from pool id '
- '%(id)s after %(seconds)s seconds.'),
+ self._LOG.critical('Unable to get a connection from pool id '
+ '%(id)s after %(seconds)s seconds.',
{'id': id(self),
'seconds': self._connection_get_timeout})
raise ConnectionGetTimeoutException()
diff --git a/keystonemiddleware/auth_token/_signing_dir.py b/keystonemiddleware/auth_token/_signing_dir.py
index b843447..698e055 100644
--- a/keystonemiddleware/auth_token/_signing_dir.py
+++ b/keystonemiddleware/auth_token/_signing_dir.py
@@ -18,7 +18,7 @@ from oslo_log import log as logging
import six
from keystonemiddleware.auth_token import _exceptions as exc
-from keystonemiddleware.i18n import _, _LI, _LW
+from keystonemiddleware.i18n import _
_LOG = logging.getLogger(__name__)
@@ -31,7 +31,7 @@ class SigningDirectory(object):
self._directory_name = directory_name
if self._directory_name:
self._log.info(
- _LI('Using %s as cache directory for signing certificate'),
+ 'Using %s as cache directory for signing certificate',
self._directory_name)
self._verify_signing_dir()
@@ -68,7 +68,7 @@ class SigningDirectory(object):
if self._directory_name is None:
self._directory_name = tempfile.mkdtemp(prefix='keystone-signing-')
self._log.info(
- _LI('Using %s as cache directory for signing certificate'),
+ 'Using %s as cache directory for signing certificate',
self._directory_name)
self._verify_signing_dir()
@@ -80,11 +80,11 @@ class SigningDirectory(object):
self._directory_name)
uid = os.getuid()
if os.stat(self._directory_name).st_uid != uid:
- self._log.warning(_LW('signing_dir is not owned by %s'), uid)
+ self._log.warning('signing_dir is not owned by %s', uid)
current_mode = stat.S_IMODE(os.stat(self._directory_name).st_mode)
if current_mode != stat.S_IRWXU:
self._log.warning(
- _LW('signing_dir mode is %(mode)s instead of %(need)s'),
+ 'signing_dir mode is %(mode)s instead of %(need)s',
{'mode': oct(current_mode), 'need': oct(stat.S_IRWXU)})
else:
os.makedirs(self._directory_name, stat.S_IRWXU)
diff --git a/keystonemiddleware/i18n.py b/keystonemiddleware/i18n.py
index b1c1416..c0f3afd 100644
--- a/keystonemiddleware/i18n.py
+++ b/keystonemiddleware/i18n.py
@@ -25,13 +25,3 @@ _translators = i18n.TranslatorFactory(domain='keystonemiddleware')
# The primary translation function using the well-known name "_"
_ = _translators.primary
-
-# Translators for log levels.
-#
-# The abbreviated names are meant to reflect the usual use of a short
-# name like '_'. The "L" is for "log" and the other letter comes from
-# the level.
-_LI = _translators.log_info
-_LW = _translators.log_warning
-_LE = _translators.log_error
-_LC = _translators.log_critical
diff --git a/keystonemiddleware/s3_token.py b/keystonemiddleware/s3_token.py
index c1f0ff7..be44473 100644
--- a/keystonemiddleware/s3_token.py
+++ b/keystonemiddleware/s3_token.py
@@ -39,9 +39,6 @@ from oslo_utils import strutils
import requests
import six
-from keystonemiddleware.i18n import _LI, _LW
-
-
PROTOCOL_NAME = 'S3 Token Authentication'
@@ -62,11 +59,11 @@ class S3Token(object):
self._request_uri = conf.get('auth_uri')
if not self._request_uri:
- self._logger.warning(_LW(
+ self._logger.warning(
"Use of the auth_host, auth_port, and auth_protocol "
"configuration options was deprecated in the Newton release "
"in favor of auth_uri. These options may be removed in a "
- "future release."))
+ "future release.")
auth_host = conf.get('auth_host')
auth_port = int(conf.get('auth_port', 35357))
auth_protocol = conf.get('auth_protocol', 'https')
@@ -111,7 +108,7 @@ class S3Token(object):
headers=headers, data=creds_json,
verify=self._verify)
except requests.exceptions.RequestException as e:
- self._logger.info(_LI('HTTP connection exception: %s'), e)
+ self._logger.info('HTTP connection exception: %s', e)
resp = self._deny_request('InvalidURI')
raise ServiceError(resp)
diff --git a/test-requirements.txt b/test-requirements.txt
index 0320253..8b580e5 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -14,7 +14,7 @@ oslosphinx>=4.7.0 # Apache-2.0
oslotest>=1.10.0 # Apache-2.0
reno>=1.8.0 # Apache-2.0
requests-mock>=1.1 # Apache-2.0
-sphinx>=1.5.1 # BSD
+sphinx!=1.6.1,>=1.5.1 # BSD
stevedore>=1.20.0 # Apache-2.0
testrepository>=0.0.18 # Apache-2.0/BSD
testresources>=0.2.4 # Apache-2.0/BSD
View Lorry Controller Status