delta/openstack/python-openstackclient.git/openstackclient/api/auth.py, branch 1.0.3 opendev.org: openstack/python-openstackclient Move OSC auth plugins so they can be found 2015-03-10T03:16:12+00:00 Dean Troyer dtroyer@gmail.com 2015-03-04T02:29:38+00:00 749920bc65d4859eeaf44d16ae94f842d88af178 The plugin detection at the top of openstackclient.api.auth did not detect the plugins at the bottom of that file because, surprise, they had not been declared yet so the entry points were ignored. Move both plugin subclasses into openstackclient.api.auth_plugin. Fix a problem with the password callback that was otherwise made worse with this change. Closes-Bug: 1428912 Change-Id: Idc3b72534071e0013c8922884a8bc14137509a0f 
The plugin detection at the top of openstackclient.api.auth did not
detect the plugins at the bottom of that file because, surprise,
they had not been declared yet so the entry points were ignored.

Move both plugin subclasses into openstackclient.api.auth_plugin.

Fix a problem with the password callback that was otherwise made
worse with this change.

Closes-Bug: 1428912
Change-Id: Idc3b72534071e0013c8922884a8bc14137509a0f
Merge "Fix auth-required for help command" 2015-03-02T16:19:20+00:00 Jenkins jenkins@review.openstack.org 2015-03-02T16:19:20+00:00 b972937c826f4dfdab0fb7f3a6b1f90e3d90f575 






Fix auth-required for help command
2015-02-27T23:27:17+00:00

Dean Troyer
dtroyer@gmail.com

2015-02-27T15:19:12+00:00

505fa14cd68e13d066a5770a229ba0d7fa88d2a9

When we got picky with the auth arguments we broke using help without
any auth config supplied.  This rearranges things a bit to do the argument
checking when the deferred auth request to Identity occurs so commands
that do not need auth have a chance to live short but useful lives.

Closes-Bug: #1399588
Change-Id: I8ceac491cf65e25eddb62ab2713f471fe686756d





When we got picky with the auth arguments we broke using help without
any auth config supplied.  This rearranges things a bit to do the argument
checking when the deferred auth request to Identity occurs so commands
that do not need auth have a chance to live short but useful lives.

Closes-Bug: #1399588
Change-Id: I8ceac491cf65e25eddb62ab2713f471fe686756d







change oslo namespace to avoid warning
2015-02-25T17:38:34+00:00

Terry Howe
terrylhowe@gmail.com

2015-01-28T12:25:24+00:00

1186cb4c9f1a35a9f82e3e68612b31759a47a152

Change-Id: Ieff86f841623e1ce34b79c66bc5e8b1b239fa3e9





Change-Id: Ieff86f841623e1ce34b79c66bc5e8b1b239fa3e9







Merge "Add version url config workaround"
2015-01-19T18:08:53+00:00

Jenkins
jenkins@review.openstack.org

2015-01-19T18:08:53+00:00

c9c28dc31d09f34e341f504fea4e719a740fdf7c












Add helpful messages when authN'ing with password
2015-01-16T07:41:24+00:00

Steve Martinelli
stevemar@ca.ibm.com

2015-01-16T07:20:52+00:00

fff4a1cd23057160af13f157a6fde2c172fae7a9

Setting up auth options can be complicated, and we currently don't
do any checking before we build all our auth parameters to send off
to keystoneclient. We should do some basic checking to guide new
users.

Change-Id: I9c88f1c9637b3870c151952ecc797aaf65be271a
Closes-Bug: #1400531





Setting up auth options can be complicated, and we currently don't
do any checking before we build all our auth parameters to send off
to keystoneclient. We should do some basic checking to guide new
users.

Change-Id: I9c88f1c9637b3870c151952ecc797aaf65be271a
Closes-Bug: #1400531







Add version url config workaround
2015-01-15T19:51:31+00:00

Dean Troyer
dtroyer@gmail.com

2015-01-08T04:01:21+00:00

d3b87d7795356d3c4e4b6f578a1f426a74f9afbd

This subclasses KSC's generic Password plugin to allow version discovery with
default Keystone configurations that leave admin_endpoint and public_endpoint
at the default values (http://localhost:xxxx).  This patch copies the scheme
and netloc from the original auth_url into the URL returned from version
discovery if the returned netloc begins with 'localhost'.

Due to the specific nature of this review, the Keystone team is not
inclned to include it in keystoneclient so it is addressed here.

Closes-bug: #1410364
Change-Id: I877fe74d86aab3a63122a07b77d1302a007f5b30





This subclasses KSC's generic Password plugin to allow version discovery with
default Keystone configurations that leave admin_endpoint and public_endpoint
at the default values (http://localhost:xxxx).  This patch copies the scheme
and netloc from the original auth_url into the URL returned from version
discovery if the returned netloc begins with 'localhost'.

Due to the specific nature of this review, the Keystone team is not
inclned to include it in keystoneclient so it is addressed here.

Closes-bug: #1410364
Change-Id: I877fe74d86aab3a63122a07b77d1302a007f5b30







Add environment variable in the os-auth-type help
2014-11-17T09:50:12+00:00

Marek Denis
marek.denis@cern.ch

2014-11-17T09:27:50+00:00

c1b376dc333398903007f3f26ebd81378071bdcb

Help for option --os-auth-type doesn't specify what environment variable
configures it. This patch fixes that.

Change-Id: Id2e29e477d5ca56339bd777fb73b5af13788615b





Help for option --os-auth-type doesn't specify what environment variable
configures it. This patch fixes that.

Change-Id: Id2e29e477d5ca56339bd777fb73b5af13788615b







Change --os-auth-plugin to --os-auth-type
2014-10-23T20:37:44+00:00

Dean Troyer
dtroyer@gmail.com

2014-10-22T16:12:47+00:00

f079b5b9c4c030293b4ebfdf84d8b768b3aa3515

User's don't know what a plugin is.

* Internally, os_auth_type and/or auth_type represents what the
  user supplied.
* auth_plugin_name is the name of the selected plugin
* auth_plugin is the actual plugin object

Plugin selection process:
* if --os-auth-type is supplied:
  * if it matches against an available plugin, done
  * (if it can map to an availble plugin type, done; TODO in a followup)
* if --os-auth-type is not supplied:
  * if --os-url and --os-token are supplied, select 'token_endpoint'
  * if --os-username supplied, select identity_api_version + 'password'
  * if --os-token supplied, select identity_api_version + 'token'

Change-Id: Ice4535214e311ebf924087cf77f6d84d76f5f3ee





User's don't know what a plugin is.

* Internally, os_auth_type and/or auth_type represents what the
  user supplied.
* auth_plugin_name is the name of the selected plugin
* auth_plugin is the actual plugin object

Plugin selection process:
* if --os-auth-type is supplied:
  * if it matches against an available plugin, done
  * (if it can map to an availble plugin type, done; TODO in a followup)
* if --os-auth-type is not supplied:
  * if --os-url and --os-token are supplied, select 'token_endpoint'
  * if --os-username supplied, select identity_api_version + 'password'
  * if --os-token supplied, select identity_api_version + 'token'

Change-Id: Ice4535214e311ebf924087cf77f6d84d76f5f3ee







Clean up shell authentication
2014-10-22T04:16:16+00:00

Dean Troyer
dtroyer@gmail.com

2014-10-20T23:53:10+00:00

e063246b97a7f31a47aca0a5eb36d571f5df7236

* Remove the auth option checks as the auth plugins will validate
  their own options
* Move the initialization of client_manager to the end of
  initialize_app() so it is always called.  Note that no attempts
  to actually authenticate occur until the first use of one of the
  client attributes in client_manager.  This leaves
  initialize_clientmanager() (formerly uathenticate_user()) empty
  so remove it.
* Remove interact() as the client_manager has already been created
  And there is nothing left.
* prepare_to_run_command() is reduced to trigger an authentication
  attempt for the best_effort auth commands, currently the only
  one is 'complete'.
* Add prompt_for_password() to ask the user to enter a password
  when necessary.  Passed to ClientManager in a new kward pw_func.

Bug: 1355838
Change-Id: I9fdec9144c4c84f65aed1cf91ce41fe1895089b2





* Remove the auth option checks as the auth plugins will validate
  their own options
* Move the initialization of client_manager to the end of
  initialize_app() so it is always called.  Note that no attempts
  to actually authenticate occur until the first use of one of the
  client attributes in client_manager.  This leaves
  initialize_clientmanager() (formerly uathenticate_user()) empty
  so remove it.
* Remove interact() as the client_manager has already been created
  And there is nothing left.
* prepare_to_run_command() is reduced to trigger an authentication
  attempt for the best_effort auth commands, currently the only
  one is 'complete'.
* Add prompt_for_password() to ask the user to enter a password
  when necessary.  Passed to ClientManager in a new kward pw_func.

Bug: 1355838
Change-Id: I9fdec9144c4c84f65aed1cf91ce41fe1895089b2