diff options
-rw-r--r-- | keystoneclient/auth/identity/v3/__init__.py | 26 | ||||
-rw-r--r-- | keystoneclient/auth/identity/v3/base.py (renamed from keystoneclient/auth/identity/v3.py) | 119 | ||||
-rw-r--r-- | keystoneclient/auth/identity/v3/password.py | 88 | ||||
-rw-r--r-- | keystoneclient/auth/identity/v3/token.py | 65 | ||||
-rw-r--r-- | keystoneclient/tests/unit/auth/test_identity_v3.py | 6 | ||||
-rw-r--r-- | keystoneclient/tests/unit/auth/test_password.py | 5 | ||||
-rw-r--r-- | keystoneclient/tests/unit/auth/test_token.py | 5 |
7 files changed, 197 insertions, 117 deletions
diff --git a/keystoneclient/auth/identity/v3/__init__.py b/keystoneclient/auth/identity/v3/__init__.py new file mode 100644 index 0000000..61e38c3 --- /dev/null +++ b/keystoneclient/auth/identity/v3/__init__.py @@ -0,0 +1,26 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from keystoneclient.auth.identity.v3.base import * # noqa +from keystoneclient.auth.identity.v3.password import * # noqa +from keystoneclient.auth.identity.v3.token import * # noqa + + +__all__ = ['Auth', + 'AuthConstructor', + 'AuthMethod', + + 'Password', + 'PasswordMethod', + + 'Token', + 'TokenMethod'] diff --git a/keystoneclient/auth/identity/v3.py b/keystoneclient/auth/identity/v3/base.py index 16ecba1..d5bd51e 100644 --- a/keystoneclient/auth/identity/v3.py +++ b/keystoneclient/auth/identity/v3/base.py @@ -24,6 +24,8 @@ from keystoneclient import utils _logger = logging.getLogger(__name__) +__all__ = ['Auth', 'AuthMethod', 'AuthConstructor'] + class Auth(base.BaseIdentityPlugin): """Identity V3 Authentication Plugin. @@ -213,120 +215,3 @@ class AuthConstructor(Auth): method_kwargs = self._auth_method_class._extract_kwargs(kwargs) method = self._auth_method_class(*args, **method_kwargs) super(AuthConstructor, self).__init__(auth_url, [method], **kwargs) - - -class PasswordMethod(AuthMethod): - """Construct a User/Password based authentication method. - - :param string password: Password for authentication. - :param string username: Username for authentication. - :param string user_id: User ID for authentication. - :param string user_domain_id: User's domain ID for authentication. - :param string user_domain_name: User's domain name for authentication. - """ - - _method_parameters = ['user_id', - 'username', - 'user_domain_id', - 'user_domain_name', - 'password'] - - def get_auth_data(self, session, auth, headers, **kwargs): - user = {'password': self.password} - - if self.user_id: - user['id'] = self.user_id - elif self.username: - user['name'] = self.username - - if self.user_domain_id: - user['domain'] = {'id': self.user_domain_id} - elif self.user_domain_name: - user['domain'] = {'name': self.user_domain_name} - - return 'password', {'user': user} - - -class Password(AuthConstructor): - """A plugin for authenticating with a username and password. - - :param string auth_url: Identity service endpoint for authentication. - :param string password: Password for authentication. - :param string username: Username for authentication. - :param string user_id: User ID for authentication. - :param string user_domain_id: User's domain ID for authentication. - :param string user_domain_name: User's domain name for authentication. - :param string trust_id: Trust ID for trust scoping. - :param string domain_id: Domain ID for domain scoping. - :param string domain_name: Domain name for domain scoping. - :param string project_id: Project ID for project scoping. - :param string project_name: Project name for project scoping. - :param string project_domain_id: Project's domain ID for project. - :param string project_domain_name: Project's domain name for project. - :param bool reauthenticate: Allow fetching a new token if the current one - is going to expire. (optional) default True - """ - - _auth_method_class = PasswordMethod - - @classmethod - def get_options(cls): - options = super(Password, cls).get_options() - - options.extend([ - cfg.StrOpt('user-id', help='User ID'), - cfg.StrOpt('user-name', dest='username', help='Username', - deprecated_name='username'), - cfg.StrOpt('user-domain-id', help="User's domain id"), - cfg.StrOpt('user-domain-name', help="User's domain name"), - cfg.StrOpt('password', secret=True, help="User's password"), - ]) - - return options - - -class TokenMethod(AuthMethod): - """Construct an Auth plugin to fetch a token from a token. - - :param string token: Token for authentication. - """ - - _method_parameters = ['token'] - - def get_auth_data(self, session, auth, headers, **kwargs): - headers['X-Auth-Token'] = self.token - return 'token', {'id': self.token} - - -class Token(AuthConstructor): - """A plugin for authenticating with an existing Token. - - :param string auth_url: Identity service endpoint for authentication. - :param string token: Token for authentication. - :param string trust_id: Trust ID for trust scoping. - :param string domain_id: Domain ID for domain scoping. - :param string domain_name: Domain name for domain scoping. - :param string project_id: Project ID for project scoping. - :param string project_name: Project name for project scoping. - :param string project_domain_id: Project's domain ID for project. - :param string project_domain_name: Project's domain name for project. - :param bool reauthenticate: Allow fetching a new token if the current one - is going to expire. (optional) default True - """ - - _auth_method_class = TokenMethod - - def __init__(self, auth_url, token, **kwargs): - super(Token, self).__init__(auth_url, token=token, **kwargs) - - @classmethod - def get_options(cls): - options = super(Token, cls).get_options() - - options.extend([ - cfg.StrOpt('token', - secret=True, - help='Token to authenticate with'), - ]) - - return options diff --git a/keystoneclient/auth/identity/v3/password.py b/keystoneclient/auth/identity/v3/password.py new file mode 100644 index 0000000..7e432fa --- /dev/null +++ b/keystoneclient/auth/identity/v3/password.py @@ -0,0 +1,88 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from oslo_config import cfg + +from keystoneclient.auth.identity.v3 import base + + +__all__ = ['PasswordMethod', 'Password'] + + +class PasswordMethod(base.AuthMethod): + """Construct a User/Password based authentication method. + + :param string password: Password for authentication. + :param string username: Username for authentication. + :param string user_id: User ID for authentication. + :param string user_domain_id: User's domain ID for authentication. + :param string user_domain_name: User's domain name for authentication. + """ + + _method_parameters = ['user_id', + 'username', + 'user_domain_id', + 'user_domain_name', + 'password'] + + def get_auth_data(self, session, auth, headers, **kwargs): + user = {'password': self.password} + + if self.user_id: + user['id'] = self.user_id + elif self.username: + user['name'] = self.username + + if self.user_domain_id: + user['domain'] = {'id': self.user_domain_id} + elif self.user_domain_name: + user['domain'] = {'name': self.user_domain_name} + + return 'password', {'user': user} + + +class Password(base.AuthConstructor): + """A plugin for authenticating with a username and password. + + :param string auth_url: Identity service endpoint for authentication. + :param string password: Password for authentication. + :param string username: Username for authentication. + :param string user_id: User ID for authentication. + :param string user_domain_id: User's domain ID for authentication. + :param string user_domain_name: User's domain name for authentication. + :param string trust_id: Trust ID for trust scoping. + :param string domain_id: Domain ID for domain scoping. + :param string domain_name: Domain name for domain scoping. + :param string project_id: Project ID for project scoping. + :param string project_name: Project name for project scoping. + :param string project_domain_id: Project's domain ID for project. + :param string project_domain_name: Project's domain name for project. + :param bool reauthenticate: Allow fetching a new token if the current one + is going to expire. (optional) default True + """ + + _auth_method_class = PasswordMethod + + @classmethod + def get_options(cls): + options = super(Password, cls).get_options() + + options.extend([ + cfg.StrOpt('user-id', help='User ID'), + cfg.StrOpt('user-name', dest='username', help='Username', + deprecated_name='username'), + cfg.StrOpt('user-domain-id', help="User's domain id"), + cfg.StrOpt('user-domain-name', help="User's domain name"), + cfg.StrOpt('password', secret=True, help="User's password"), + ]) + + return options diff --git a/keystoneclient/auth/identity/v3/token.py b/keystoneclient/auth/identity/v3/token.py new file mode 100644 index 0000000..d92d3fc --- /dev/null +++ b/keystoneclient/auth/identity/v3/token.py @@ -0,0 +1,65 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from oslo_config import cfg + +from keystoneclient.auth.identity.v3 import base + + +__all__ = ['TokenMethod', 'Token'] + + +class TokenMethod(base.AuthMethod): + """Construct an Auth plugin to fetch a token from a token. + + :param string token: Token for authentication. + """ + + _method_parameters = ['token'] + + def get_auth_data(self, session, auth, headers, **kwargs): + headers['X-Auth-Token'] = self.token + return 'token', {'id': self.token} + + +class Token(base.AuthConstructor): + """A plugin for authenticating with an existing Token. + + :param string auth_url: Identity service endpoint for authentication. + :param string token: Token for authentication. + :param string trust_id: Trust ID for trust scoping. + :param string domain_id: Domain ID for domain scoping. + :param string domain_name: Domain name for domain scoping. + :param string project_id: Project ID for project scoping. + :param string project_name: Project name for project scoping. + :param string project_domain_id: Project's domain ID for project. + :param string project_domain_name: Project's domain name for project. + :param bool reauthenticate: Allow fetching a new token if the current one + is going to expire. (optional) default True + """ + + _auth_method_class = TokenMethod + + def __init__(self, auth_url, token, **kwargs): + super(Token, self).__init__(auth_url, token=token, **kwargs) + + @classmethod + def get_options(cls): + options = super(Token, cls).get_options() + + options.extend([ + cfg.StrOpt('token', + secret=True, + help='Token to authenticate with'), + ]) + + return options diff --git a/keystoneclient/tests/unit/auth/test_identity_v3.py b/keystoneclient/tests/unit/auth/test_identity_v3.py index 29cbb0e..e7eed40 100644 --- a/keystoneclient/tests/unit/auth/test_identity_v3.py +++ b/keystoneclient/tests/unit/auth/test_identity_v3.py @@ -15,6 +15,7 @@ import uuid from keystoneclient import access from keystoneclient.auth.identity import v3 +from keystoneclient.auth.identity.v3 import base as v3_base from keystoneclient import client from keystoneclient import exceptions from keystoneclient import fixture @@ -488,3 +489,8 @@ class V3IdentityPlugin(utils.TestCase): self.assertEqual(auth_url, a.token_url) self.assertEqual(auth_url + '?nocatalog', self.requests.last_request.url) + + def test_symbols(self): + self.assertIs(v3.AuthMethod, v3_base.AuthMethod) + self.assertIs(v3.AuthConstructor, v3_base.AuthConstructor) + self.assertIs(v3.Auth, v3_base.Auth) diff --git a/keystoneclient/tests/unit/auth/test_password.py b/keystoneclient/tests/unit/auth/test_password.py index c5067c0..2891d8f 100644 --- a/keystoneclient/tests/unit/auth/test_password.py +++ b/keystoneclient/tests/unit/auth/test_password.py @@ -15,6 +15,7 @@ import uuid from keystoneclient.auth.identity.generic import password from keystoneclient.auth.identity import v2 from keystoneclient.auth.identity import v3 +from keystoneclient.auth.identity.v3 import password as v3_password from keystoneclient.tests.unit.auth import utils @@ -61,3 +62,7 @@ class PasswordTests(utils.GenericPluginTestCase): self.assertEqual(set(allowed_opts), set(opts)) self.assertEqual(len(allowed_opts), len(opts)) + + def test_symbols(self): + self.assertIs(v3.Password, v3_password.Password) + self.assertIs(v3.PasswordMethod, v3_password.PasswordMethod) diff --git a/keystoneclient/tests/unit/auth/test_token.py b/keystoneclient/tests/unit/auth/test_token.py index 928e2b2..ce4c1cd 100644 --- a/keystoneclient/tests/unit/auth/test_token.py +++ b/keystoneclient/tests/unit/auth/test_token.py @@ -15,6 +15,7 @@ import uuid from keystoneclient.auth.identity.generic import token from keystoneclient.auth.identity import v2 from keystoneclient.auth.identity import v3 +from keystoneclient.auth.identity.v3 import token as v3_token from keystoneclient.tests.unit.auth import utils @@ -45,3 +46,7 @@ class TokenTests(utils.GenericPluginTestCase): self.assertEqual(set(allowed_opts), set(opts)) self.assertEqual(len(allowed_opts), len(opts)) + + def test_symbols(self): + self.assertIs(v3.Token, v3_token.Token) + self.assertIs(v3.TokenMethod, v3_token.TokenMethod) |