diff options
| author | Jenkins <jenkins@review.openstack.org> | 2015-01-28 20:04:39 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2015-01-28 20:04:39 +0000 |
| commit | e494e111c548ce34404c9bd375f90f4762986031 (patch) | |
| tree | 5282e5089e80695b570291ffa39321b0c1523c48 | |
| parent | 245ab0a700e609a2c7888a707dca24656a2e97b3 (diff) | |
| parent | ed2858add157b9536f157ca08f443a11dd5b1559 (diff) | |
| download | python-keystoneclient-e494e111c548ce34404c9bd375f90f4762986031.tar.gz | |
Merge "Allow v3 plugins to opt out of service catalog"
| -rw-r--r-- | keystoneclient/auth/identity/v3.py | 16 | ||||
| -rw-r--r-- | keystoneclient/tests/auth/test_identity_v3.py | 17 |
2 files changed, 30 insertions, 3 deletions
diff --git a/keystoneclient/auth/identity/v3.py b/keystoneclient/auth/identity/v3.py index cc3a62c..0375c48 100644 --- a/keystoneclient/auth/identity/v3.py +++ b/keystoneclient/auth/identity/v3.py @@ -39,6 +39,8 @@ class Auth(base.BaseIdentityPlugin): :param string project_domain_name: Project's domain name for project. :param bool reauthenticate: Allow fetching a new token if the current one is going to expire. (optional) default True + :param bool include_catalog: Include the service catalog in the returned + token. (optional) default True. """ @utils.positional() @@ -50,7 +52,8 @@ class Auth(base.BaseIdentityPlugin): project_name=None, project_domain_id=None, project_domain_name=None, - reauthenticate=True): + reauthenticate=True, + include_catalog=True): super(Auth, self).__init__(auth_url=auth_url, reauthenticate=reauthenticate) @@ -62,6 +65,7 @@ class Auth(base.BaseIdentityPlugin): self.project_name = project_name self.project_domain_id = project_domain_id self.project_domain_name = project_domain_name + self.include_catalog = include_catalog @property def token_url(self): @@ -112,8 +116,14 @@ class Auth(base.BaseIdentityPlugin): elif self.trust_id: body['auth']['scope'] = {'OS-TRUST:trust': {'id': self.trust_id}} - _logger.debug('Making authentication request to %s', self.token_url) - resp = session.post(self.token_url, json=body, headers=headers, + # NOTE(jamielennox): we add nocatalog here rather than in token_url + # directly as some federation plugins require the base token_url + token_url = self.token_url + if not self.include_catalog: + token_url += '?nocatalog' + + _logger.debug('Making authentication request to %s', token_url) + resp = session.post(token_url, json=body, headers=headers, authenticated=False, log=False, **rkwargs) try: diff --git a/keystoneclient/tests/auth/test_identity_v3.py b/keystoneclient/tests/auth/test_identity_v3.py index d869dba..c0d4a1a 100644 --- a/keystoneclient/tests/auth/test_identity_v3.py +++ b/keystoneclient/tests/auth/test_identity_v3.py @@ -451,3 +451,20 @@ class V3IdentityPlugin(utils.TestCase): self.assertEqual(self.TEST_TOKEN, s.get_token()) self.assertNotIn(password, self.logger.output) + + def test_sends_nocatalog(self): + del self.TEST_RESPONSE_DICT['token']['catalog'] + self.stub_auth(json=self.TEST_RESPONSE_DICT) + + a = v3.Password(self.TEST_URL, + username=self.TEST_USER, + password=self.TEST_PASS, + include_catalog=False) + s = session.Session(auth=a) + + s.get_token() + + auth_url = self.TEST_URL + '/auth/tokens' + self.assertEqual(auth_url, a.token_url) + self.assertEqual(auth_url + '?nocatalog', + self.requests.last_request.url) |