diff options
| author | Steven Hardy <shardy@redhat.com> | 2013-11-20 13:22:44 +0000 |
|---|---|---|
| committer | Steven Hardy <shardy@redhat.com> | 2013-11-27 19:13:06 +0000 |
| commit | 2706b48159e8937b4ef266f194a158ba60e2f36d (patch) | |
| tree | f270133135a7c00fe4e8e5481bae330f52eb578a /heatclient | |
| parent | fc9bee3458ae86860d752d022d2e188246b9cfd9 (diff) | |
| download | python-heatclient-2706b48159e8937b4ef266f194a158ba60e2f36d.tar.gz | |
Make tokens work with --os-no-client-auth
Currently --os-no-client-auth assumes you'll only ever want to pass
a username and password to the standalone auth_password middleware,
but it's also valid to pass a token and endpoint, which can then
be used to either connect to a normal (non-standalone) Heat without
needing the client to connect to keystone, or pass a token to custom
auth middleware in standalone mode where tokens are accepted.
e.g:
heat --os-no-client-auth
--heat-url http://127.0.0.1:8004/v1/<tenant ID>
--os-auth-token <a token> stack-list
Change-Id: Ie22c85ba5b3b987505f4d6204b4dd6ff03e0d912
Closes-Bug: #1252248
Diffstat (limited to 'heatclient')
| -rw-r--r-- | heatclient/shell.py | 34 | ||||
| -rw-r--r-- | heatclient/tests/test_shell.py | 23 |
2 files changed, 42 insertions, 15 deletions
diff --git a/heatclient/shell.py b/heatclient/shell.py index b254964..7d7fb39 100644 --- a/heatclient/shell.py +++ b/heatclient/shell.py @@ -299,20 +299,26 @@ class HeatShell(object): " or a token via --os-auth-token or" " env[OS_AUTH_TOKEN]") - if not (args.os_tenant_id or args.os_tenant_name): - raise exc.CommandError("You must provide a tenant_id via" - " either --os-tenant-id or via" - " env[OS_TENANT_ID]") - - if not args.os_auth_url: - raise exc.CommandError("You must provide an auth url via" - " either --os-auth-url or via " - "env[OS_AUTH_URL]") - if args.os_no_client_auth and not args.heat_url: - raise exc.CommandError("If you specify --os-no-client-auth" - " you must also specify a Heat API URL " - "via either --heat-url or " - "env[HEAT_URL]") + if args.os_no_client_auth: + if not args.heat_url: + raise exc.CommandError("If you specify --os-no-client-auth" + " you must also specify a Heat API URL" + " via either --heat-url or" + " env[HEAT_URL]") + else: + # Tenant name or ID is needed to make keystoneclient retrieve a + # service catalog, it's not required if os_no_client_auth is + # specified, neither is the auth URL + if not (args.os_tenant_id or args.os_tenant_name): + raise exc.CommandError("You must provide a tenant_id via" + " either --os-tenant-id or via" + " env[OS_TENANT_ID]") + + if not args.os_auth_url: + raise exc.CommandError("You must provide an auth url via" + " either --os-auth-url or via" + " env[OS_AUTH_URL]") + kwargs = { 'username': args.os_username, 'password': args.os_password, diff --git a/heatclient/tests/test_shell.py b/heatclient/tests/test_shell.py index f51ab2d..6ad4934 100644 --- a/heatclient/tests/test_shell.py +++ b/heatclient/tests/test_shell.py @@ -50,7 +50,7 @@ class TestCase(testtools.TestCase): client_env = ('OS_USERNAME', 'OS_PASSWORD', 'OS_TENANT_ID', 'OS_TENANT_NAME', 'OS_AUTH_URL', 'OS_REGION_NAME', 'OS_AUTH_TOKEN', 'OS_NO_CLIENT_AUTH', 'OS_SERVICE_TYPE', - 'OS_ENDPOINT_TYPE') + 'OS_ENDPOINT_TYPE', 'HEAT_URL') for key in client_env: self.useFixture( @@ -709,6 +709,27 @@ class ShellTestToken(ShellTestUserPass): fakes.script_keystone_client(token=self.token) +class ShellTestStandaloneToken(ShellTestUserPass): + + # Rerun all ShellTestUserPass test in standalone mode, where we + # specify --os-no-client-auth, a token and Heat endpoint + def setUp(self): + self.token = 'a_token' + super(ShellTestStandaloneToken, self).setUp() + + def _set_fake_env(self): + fake_env = { + 'OS_AUTH_TOKEN': self.token, + 'OS_NO_CLIENT_AUTH': 'True', + 'HEAT_URL': 'http://no.where', + } + self.set_fake_env(fake_env) + + def _script_keystone_client(self): + # The StanaloneMode shouldn't need any keystoneclient stubbing + pass + + class ShellEnvironmentTest(TestCase): def setUp(self): |