Make preauth params work

If you specify a token and storage url when creating a Connection, regardless of the auth api version the first request will be made directly to swift. You can either provide a preauthurl and preauthtoken or fall back to os_options' object_storage_url and auth_token keys (exposed as --os-storage-url and --os-auth-token on the command line or OS_STORAGE_URL and OS_AUTH_TOKEN in the environment). If a _retry wrapped request on a Connection fails because of invalid authentication (401) the Connection's cached token and url will be invalidated. If the Connection's retries attribute is > 0 the subsequent attempt will call get_auth to refresh the token, but the pre-configured storage_url will always be re-used. This is consistent with current auth v2 behavior and less surprising for auth v1. The pre-existing, but previously undocumented behavior/interface of get_auth would override the storage_url returned by the auth service if the 'os_storage_url' option was provided in the os_options dict. To ensure that this behavior is consistent across auth v1 and v2 from the command line and when using the Connection class as a library - the preauthurl is stashed in the os_options dict when provided. Improved Connection.get_capabilities storage_url handling to better support the consistent behavior of a preauthurl/object_storage_url on the connection regardless of auth version. Fixed up some test infrastructure to enable setting up and testing multiple requests/responses. Change-Id: I6950fb73f3e28fdddb62760cae9320e2f4336776
author: Clay Gerrard <clay.gerrard@gmail.com> 2014-10-24 01:02:53 -0700
committer: paul luse <paul.e.luse@intel.com> 2014-12-17 05:53:56 -0700
commit: fbe558885f29e2c545e3260927a625b1027995ec (patch)
tree: b62ac1f265ade36710f70bdcc92c33347e364df7 /swiftclient/client.py
parent: d59af8cc8b3f5ddf846046dd11029b84db4828ea (diff)
download: python-swiftclient-fbe558885f29e2c545e3260927a625b1027995ec.tar.gz
1 files changed, 16 insertions, 9 deletions
diff --git a/swiftclient/client.py b/swiftclient/client.py
index 9a6fcd8..9851b1f 100644
--- a/swiftclient/client.py
+++ b/swiftclient/client.py
@@ -353,6 +353,15 @@ def get_auth(auth_url, user, key, **kwargs):
     """
     Get authentication/authorization credentials.
 
+    :kwarg auth_version: the api version of the supplied auth params
+    :kwarg os_options: a dict, the openstack idenity service options
+
+    :returns: a tuple, (storage_url, token)
+
+    N.B. if the optional os_options paramater includes an non-empty
+    'object_storage_url' key it will override the the default storage url
+    returned by the auth service.
+
     The snet parameter is used for Rackspace's ServiceNet internal network
     implementation. In this function, it simply adds *snet-* to the beginning
     of the host name for the returned storage URL. With Rackspace Cloud Files,
@@ -371,13 +380,6 @@ def get_auth(auth_url, user, key, **kwargs):
                                           kwargs.get('snet'),
                                           insecure=insecure)
     elif auth_version in AUTH_VERSIONS_V2 + AUTH_VERSIONS_V3:
-        # We are allowing to specify a token/storage-url to re-use
-        # without having to re-authenticate.
-        if (os_options.get('object_storage_url') and
-                os_options.get('auth_token')):
-            return (os_options.get('object_storage_url'),
-                    os_options.get('auth_token'))
-
         # We are handling a special use case here where the user argument
         # specifies both the user name and tenant name in the form tenant:user
         if user and not kwargs.get('tenant_name') and ':' in user:
@@ -1173,8 +1175,6 @@ class Connection(object):
         self.key = key
         self.retries = retries
         self.http_conn = None
-        self.url = preauthurl
-        self.token = preauthtoken
         self.attempts = 0
         self.snet = snet
         self.starting_backoff = starting_backoff
@@ -1183,6 +1183,10 @@ class Connection(object):
         self.os_options = os_options or {}
         if tenant_name:
             self.os_options['tenant_name'] = tenant_name
+        if preauthurl:
+            self.os_options['object_storage_url'] = preauthurl
+        self.url = preauthurl or self.os_options.get('object_storage_url')
+        self.token = preauthtoken or self.os_options.get('auth_token')
         self.cacert = cacert
         self.insecure = insecure
         self.ssl_compression = ssl_compression
@@ -1194,6 +1198,8 @@ class Connection(object):
                 and len(self.http_conn) > 1):
             conn = self.http_conn[1]
             if hasattr(conn, 'close') and callable(conn.close):
+                # XXX: Our HTTPConnection object has no close, should be
+                # trying to close the requests.Session here?
                 conn.close()
                 self.http_conn = None
 
@@ -1378,6 +1384,7 @@ class Connection(object):
                            response_dict=response_dict)
 
     def get_capabilities(self, url=None):
+        url = url or self.url
         if not url:
             url, _ = self.get_auth()
         scheme = urlparse(url).scheme
author	Clay Gerrard <clay.gerrard@gmail.com>	2014-10-24 01:02:53 -0700
committer	paul luse <paul.e.luse@intel.com>	2014-12-17 05:53:56 -0700
commit	fbe558885f29e2c545e3260927a625b1027995ec (patch)
tree	b62ac1f265ade36710f70bdcc92c33347e364df7 /swiftclient/client.py
parent	d59af8cc8b3f5ddf846046dd11029b84db4828ea (diff)
download	python-swiftclient-fbe558885f29e2c545e3260927a625b1027995ec.tar.gz