| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Currently tox ignores D204, D205, and D207.
D204: 1 blank required after class docstring.
D205: Blank line required between one-line summary and description.
D207: Docstring is under-indented.
This change removes D204, D205, and D207 ignores in tox and fix violations.
Change-Id: Id20d216fbd7647d468859b960088aac61c582d9b
|
|
|
|
|
|
|
|
| |
Currently tox ignores D401.
401: First line should be in imperative mood.
This change removes it and make keystoneclient docstrings compliant with it.
Change-Id: If34ff12d18390b357342cf29f2d116dd3c86a44d
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To allow people to use a keystoneauth session with keystoneclient we
need to make it so that any exceptions that keystoneclient catch are the
same as what keystoneauth might throw.
The only practical way to do this is to map the keystoneclient
exceptions onto the keystoneauth equivalents. This is fairly easy as all
these exceptions were extracted from keystoneclient initially.
Closes-Bug: #1515048
Change-Id: I3b74b0ba1e1f9dda937a2d90e2d75ff0b7597a9b
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The mapping for ConnectionError to ConnectionRefused have been
remove in a recent cleanup to move all exception to
keystoneclient.exceptions
related commit: 26534dadb1d0be00b87b632a038839ab1c18cfe4
Adding the mapping back for backward compatability.
Change-Id: I6f4627b9cd68615b509d17910fe2c1605e89fc26
Closes-Bug: #1492600
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Applications are using exceptions out of
keystoneclient.openstack.common.apiclient.exceptions so it's part
of the public interface. But since it's from oslo-incubator it's
not considered stable. Since keystoneclient is all stable this
creates bad situation.
With this change, all the symbols out of apiclient.exceptions are
moved into keystoneclient.exceptions rather than the other way
around (keystoneclient.exceptions used to re-export all of
apiclient.exceptions). Now we're in control of the
apiclient.exceptions and keystoneclient.exceptions that
applications are using.
Closes-Bug: 1481806
Change-Id: Ib3afa86b9d276f6a45d1ecd6f9157ee02ec8570d
|
|
|
|
|
|
|
|
|
| |
To allow authentication plugins such as using client certificates or
doing kerberos authentication with every request we need a way for the
plugins to manipulate the send parameters.
Change-Id: Ib9e81773ab988ea05869bc27097d2b25e963e59c
Blueprint: generic-plugins
|
|
|
|
|
|
|
|
|
|
|
| |
This patch implements the new ways to get the project's hierarchy:
'subtree_as_ids': If True, returns projects IDs down the hierarchy
as a structured dictionay.
'parents_as_ids': If True, returns projects IDs up the hierarchy
as a structured dictionay.
Change-Id: Ia3afe994893dfca059cb8361f7ab1c14e28e1ad5
Implements: blueprint hierarchical-multitenancy-improvements
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you want to handle a NoMatchingPlugin exception rather than simply
exit then the name of the missing plugin is generally more useful than
the message.
The exception is specific enough that you can know what went wrong, but
you cannot determine the name of the missing plugin if you want to do
your own logging - only use the message that is generated.
We should keep the message but expose the plugin name as well.
Closes-Bug: #1410391
Change-Id: Ic93ec6583b8d7797529d36d63995ef0d8db754f1
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The argument to the :raises: directive is the class name. If the
class name is a valid reference it's rendered as a link to the
class. This change cleans up the :raises: directives to use the
reference correctly and use a valid class reference.
Change-Id: I84188b60de0ab4c6b5b2fb5a203c43bfde094707
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Keystoneclient didn't provide translated messages. With this
change, the messages are marked for translation.
DocImpact
Implements: blueprint keystoneclient-i18n
Change-Id: I85263a71671a1dffed524185266e6bb7ae559630
|
|/
|
|
|
|
|
| |
The use of "#flake8: noqa" disables hacking checks for the entire
file. Switched to use of "# noqa" and fixed hacking problems.
Change-Id: I18785fb18bdce88e61e2451960e55aed0863c285
|
|
|
|
|
|
| |
also did a bit of code cleanup for consistency
Change-Id: I48832c36e1a8b5a0029598dc74aaeaa3b3d2a66f
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds role assignments list support
to keystoneclient.
Created RoleAssignment resource and RoleAssignmentManager
classes. RoleAssignmentManager only implements the list()
method, the other inherited methods from base.CrudManager
raises a MethodNotImplemented error with customized messages.
This bp is complimented with the OSC part:
https://blueprints.launchpad.net/python-openstackclient/+spec/roles-assignment-list
Change-Id: I164b58b67ff42320238e943ddfa9d0a8aadd0a6d
Implements: blueprint roles-assignment-support
Closes-Bug: #1246310
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allows for a new form of document signature.
pkiz_sign will take data and encode it in a string that starts with
the substring "PKIZ_". This prefix indicates that the data has been:
1) Signed via PKI in Crypto Message Syntax (CMS) in binary (DER) format
2) Compressed using zlib (comparable to gzip)
3) urlsafe-base64 decoded
This process is reversed to validate the data.
middleware/auth_token.py will be capable of validating Keystone
tokens that are marshalled in the new format. The current existing
"PKI" tokens will continue to be identified with "MII", issued by
default, and validated as well. It will require corresponding changes
on the Keystone server to issue the new token format.
A separate script for generating the sample
data used in the unit tests,
examples/pki/gen_cmsz.py,
also serves as an example of how to
call the API from Python code.
Some of the sample data for the old tests had to be regenerated. A
stray comma in one of the JSON files made for non-parsing JSON.
Blueprint: compress-tokens
Closes-Bug: #1255321
Change-Id: Ia9a66ba3742da0bcd58c4c096b28cc8a66ad6569
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are a number of places where we expect a certain format of
response. If it's not found we often end up raising a KeyError when
accessing data.
Create a new Exception type that is raised when a HTTP response is not
appropriate for parsing and use it within authentication calls.
Closes-Bug: #1307306
Change-Id: I3cf2db07a8e76ee17702130e9efb0edf640d293a
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the move to the apiclient exceptions from oslo the basic HTTP error
class was renamed. This was not reflected in all places in the code.
It was also not picked up by the tests because the apiclient tests
weren't running due to a missing __init__.py file. Because this should
be backwards compatible it was added to the list in exceptions, the
check that this is available is in the (now running) apiclient tests.
Blueprint: common-client-library-2
Change-Id: I307c1083f29e3207cc86aa938043270e5c32b4bb
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The exception module in oslo common code and in keystoneclient are similar.
In case of unification openstack clients, we should use modules from Oslo.
Changes of this patch:
- imported exceptions from common code instead of `apiclient.exception`
- added aliases for exceptions which was renamed
(reason: backwards compatibility)
- moved exceptions `EmptyCatalog` from `apiclient.exception` to `exceptions`
- cleaned `apiclient.exception` from duplicated exceptions
- `apiclient.__init__` and `apiclient.exceptions` are kept and labeled as
'deprecated'(reason: backwards compatibility)
bp common-client-library-2
Change-Id: Iedf4e5d753d4278d81751ba0f55fdef3566b56de
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extract the authentication code from a v2 client and move it to a series
of auth plugins. Auth plugins each represent one method of
authenticating with a server and there is a factory method on the base
class to select the appropriate plugin from a group of arguments.
When a v2 client wants to do authentication it will create
a new v2 auth plugin, do the authentication and then take that result
for the client to use.
Change-Id: I4dd7474643ed5c2a3204ea2ec56029f926010c2c
blueprint: auth-plugins
|
|
|
|
|
|
|
|
| |
We don't need vim modelines in each source file, it can be set in
user's vimrc.
Change-Id: Ic7a61430a0a320ce6b0c4518d9f5d988e35f8aae
Closes-Bug: #1229324
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provides the framework for creating authentication plugins and using
them from a session object.
To allow this system to co-exist with the original client there is a bit
of a hack. The client object itself is now also an authentication
plugin, that supports the original client pattern. If a client is
created without a session object then that session object uses the
client as it's authentication plugin.
Change-Id: I682c8dcd3705148aaa804a91f4ed48a5b74bdc12
blueprint: auth-plugins
|
|
|
|
|
|
|
|
| |
Allow discovery of the API versions a server supports and create an
appropriate client based on this.
Implements: blueprint api-version-discovery
Change-Id: I63e6759889066a784dc47e35152c82e1ead7951d
|
|
|
|
|
|
|
|
|
|
|
|
| |
A wrapper around a number of connection variables. This will be extended
later with principals such as Kerberos authentication and http sessions.
The intent is that this session object will become the basis for all
other client library communications in OpenStack (as keystone wants to
control things like authentication for everybody).
Change-Id: I8ee728c49d554659d7057ebf17d0f8ceea4d7d8e
Part of: blueprint auth-plugins
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add checking the openssl return code 2, related to following review
https://review.openstack.org/#/c/22716/
- Add support set subprocess to the cms, when we already know which
subprocess to use.
Closes-Bug: #1142574
Change-Id: I3f86e6ca8bb7738f57051ce7f0f5662b20e7a22b
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The new apiclient.exceptions hierarchy is more comprehensive
and it covers almost all HTTP error status codes. These
exceptions can be used in novaclient, keystoneclient,
glanceclient, and other client projects thus providing a
single inteface.
Users can have benefit from OpenStack clients raising exceptions
of known classes while now every client has its own classes making
difficult to catch, e.g., NotFound for every client.
Change-Id: Ia7b25880e0ffca3526525a0f0e77c7e77c4f0076
|
|/
|
|
|
|
|
|
| |
Add ASLv2 headers to files that were missing it.
fixes bug #1211587
Change-Id: Iede918e1ce84993cee4ecbb2d9c2606627fa412e
|
|
|
|
|
|
|
| |
Enable gating on the Hacking H404 check - docstring
should start with a summary.
Change-Id: I80612a15bd11f689e9e9f4dc2ff812138630ddbd
|
|
|
|
|
|
|
|
| |
Create a function out of the standard request call that handles common
headers like user agent and logging.
This makes future changes easier to digest.
Change-Id: Ia25f997df64efdce27c8fb815e544922940145c3
|
|
|
|
|
|
|
| |
Only a few occurrences of "multiline docstrings
should end on a new line."
Change-Id: I3fb4591259b1e7c8202365cbadc8967a1639254f
|
|
|
|
|
|
| |
Docstring summaries need punctuation.
Change-Id: I1b740c13d5fedf9a625ca0807c908f651ee08406
|
|
|
|
|
|
| |
Remove leading spaces from doc comments.
Change-Id: I75b055c0d64dda478c63839d44158e301900107f
|
|
|
|
|
|
|
|
|
|
|
| |
The Conflict Exception is added for HTTP error code 409.
However this exception is never raised as this class is not added to
the error_code map and always raises the ClientException whenever a
409 code is returned.
Fixes bug #1168826
Change-Id: I7045eae33533ff603f4aab61ea988264b46f0d09
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch adds name arguments to the following subcommands:
* role-delete
* role-get
* service-delete
* service-get
* tenant-delete
* tenant-get
* tenant-update
* user-delete
* user-get
* user-password-update
* user-role-add
* user-role-list
* user-role-remove
* user-update
Fixes bug 1100648
Change-Id: I73c08c0ba553a72ec57ff3a684a00be4ef1294a6
|
|/
|
|
|
|
| |
Fixes bug 1116559.
Change-Id: I4b12176599686f7e545b63c8e54cf9da6a1f963e
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Implement correct certificate verification
* Add requests to tools/pip-requires
* Fix OS_CACERT env var help text
* Add info to README
* Rework tests to use requests
Pinned requests module to < 1.0 as 1.0.2 is now current in pipi
as of 17Dec2012.
Change-Id: I120d2c12d6f20ebe2fd7182ec8988cc73f623b80
|
|\
| |
| |
| |
| |
| |
| | |
Conflicts:
tests/v2_0/test_tenants.py
Change-Id: I37037e60210edd574da86b1dc07aa73e6761e338
|
| |
| |
| |
| | |
Change-Id: Idbe0702b42603d6f9f133c9f1855ea9b4f222066
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cleans up the code around exception handling and logging
when first authenticating (which often returns an unscoped token).
There's no need to be logging an exception on an expected empty
catalog and moreover the except block was a bare "except" which
could mask other errors.
Fixes bug 1070493
Change-Id: I5e791e95ce3f9ab77723a7f4698cb11b169dacfb
|
|/
|
|
|
|
|
|
|
|
|
|
| |
Bug: 1028799
No traceback, if service is unavailable; error out gracefully.
* keystoneclient/exceptions.py
ServiceUnavailable: New class to handle 503 status code.
Add the new class to list of handled exceptions.
Change-Id: I39a8ac594ef922d682731a926be26c8b6f648f9d
|
|
|
|
| |
Change-Id: I8bc3582bb3f35a3d841bb1e8c03b62ba61ff92d7
|
| |
|
| |
|
|
|