diff options
author | Jamie Lennox <jamielennox@redhat.com> | 2015-05-02 14:06:08 +1000 |
---|---|---|
committer | Jamie Lennox <jamielennox@redhat.com> | 2015-05-28 01:27:44 +0000 |
commit | a4d481076db7b0c65b6a5508374c1baae9d25732 (patch) | |
tree | 8e7427ddcae860359bfc43fdbbca811f1841fc9a /keystoneclient/auth | |
parent | d3b1f637e282398b7962e658d304a6e306075b26 (diff) | |
download | python-keystoneclient-a4d481076db7b0c65b6a5508374c1baae9d25732.tar.gz |
A Default CLI plugin
A plugin that can be used by default by any CLI application. This would
allow us to convert the other service CLIs to a consistent set of
options.
Closes-Bug: #1459478
Change-Id: I9ce6c439d530040e9375f7fd26a9ec2e0ba8b2a4
Diffstat (limited to 'keystoneclient/auth')
-rw-r--r-- | keystoneclient/auth/identity/generic/cli.py | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/keystoneclient/auth/identity/generic/cli.py b/keystoneclient/auth/identity/generic/cli.py new file mode 100644 index 0000000..c493850 --- /dev/null +++ b/keystoneclient/auth/identity/generic/cli.py @@ -0,0 +1,83 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from oslo_config import cfg + +from keystoneclient.auth.identity.generic import password +from keystoneclient import exceptions as exc +from keystoneclient.i18n import _ +from keystoneclient import utils + + +class DefaultCLI(password.Password): + """A Plugin that provides typical authentication options for CLIs. + + This plugin provides standard username and password authentication options + as well as allowing users to override with a custom token and endpoint. + """ + + @utils.positional() + def __init__(self, endpoint=None, token=None, **kwargs): + super(DefaultCLI, self).__init__(**kwargs) + + self._token = token + self._endpoint = endpoint + + @classmethod + def get_options(cls): + options = super(DefaultCLI, cls).get_options() + options.extend([cfg.StrOpt('endpoint', + help='A URL to use instead of a catalog'), + cfg.StrOpt('token', + help='Always use the specified token')]) + return options + + def get_token(self, *args, **kwargs): + if self._token: + return self._token + + return super(DefaultCLI, self).get_token(*args, **kwargs) + + def get_endpoint(self, *args, **kwargs): + if self._endpoint: + return self._endpoint + + return super(DefaultCLI, self).get_endpoint(*args, **kwargs) + + @classmethod + def load_from_argparse_arguments(cls, namespace, **kwargs): + token = kwargs.get('token') or namespace.os_token + endpoint = kwargs.get('endpoint') or namespace.os_endpoint + auth_url = kwargs.get('auth_url') or namespace.os_auth_url + + if token and not endpoint: + # if a user provides a token then they must also provide an + # endpoint because we aren't fetching a token to get a catalog from + msg = _('A service URL must be provided with a token') + raise exc.CommandError(msg) + elif (not token) and (not auth_url): + # if you don't provide a token you are going to provide at least an + # auth_url with which to authenticate. + raise exc.CommandError(_('Expecting an auth URL via either ' + '--os-auth-url or env[OS_AUTH_URL]')) + + plugin = super(DefaultCLI, cls).load_from_argparse_arguments(namespace, + **kwargs) + + if (not token) and (not plugin._password): + # we do this after the load so that the base plugin has an + # opportunity to prompt the user for a password + raise exc.CommandError(_('Expecting a password provided via ' + 'either --os-password, env[OS_PASSWORD], ' + 'or prompted response')) + + return plugin |