Class: OpenStack::AuthV30
Overview
Implement the Identity Version 3.x API developer.openstack.org/api-ref-identity-v3.html This is still experimental, so don’t use in production.
Instance Attribute Summary collapse
-
#uri ⇒ Object
readonly
Returns the value of attribute uri.
-
#version ⇒ Object
readonly
Returns the value of attribute version.
Instance Method Summary collapse
-
#initialize(connection) ⇒ AuthV30
constructor
TODO: Parse the version for an endpoint.
Constructor Details
#initialize(connection) ⇒ AuthV30
TODO: Parse the version for an endpoint
511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 |
# File 'lib/openstack/connection.rb', line 511 def initialize(connection) tries = connection.retries time = 3 begin server = Net::HTTP::Proxy(connection.proxy_host, connection.proxy_port).new(connection.auth_host, connection.auth_port) if connection.auth_scheme == "https" server.use_ssl = true server.verify_mode = OpenSSL::SSL::VERIFY_NONE # use the ca_cert if were given one, and make sure we verify! unless connection.ca_cert.nil? server.ca_file = connection.ca_cert server.verify_mode = OpenSSL::SSL::VERIFY_PEER end # explicitly set the SSL version to use server.ssl_version = connection.ssl_version unless connection.ssl_version.nil? end server.start rescue puts "Can't connect to the server: #{tries} tries to reconnect" if connection.is_debug sleep time += 1 retry unless (tries -= 1) <= 0 raise OpenStack::Exception::Connection, "Unable to connect to #{server}" end # Build Auth JSON auth = { "auth" => { "identity" => {} } } case connection.auth_method.to_sym when :password auth["auth"]["identity"]["methods"] = ["password"] auth["auth"]["identity"]["password"] = { "user" => { "name" => connection.authuser, "password" => connection.authkey } } auth["auth"]["identity"]["password"]["user"]["domain"] = connection.user_domain ? { "name" => connection.user_domain } : { "id" => connection.user_domain_id } when :password_user_id auth["auth"]["identity"]["methods"] = ["password"] auth["auth"]["identity"]["password"] = { "user" => { "id" => connection.authuser, "password" => connection.authkey } } when :token auth["auth"]["identity"]["methods"] = ["token"] auth["auth"]["identity"]["token"] = { "id" => connection.authkey } else raise Exception::InvalidArgument, "Unrecognized auth method #{connection.auth_method}." end # handle project authentication scope if (connection.project_id || connection.project_name) && (connection.project_domain_name || connection.project_domain_id) auth["auth"]["scope"] = { "project" => { "domain" => {} } } auth["auth"]["scope"]["project"]["name"] = connection.project_name if connection.project_name auth["auth"]["scope"]["project"]["id"] = connection.project_id if connection.project_id auth["auth"]["scope"]["project"]["domain"]["name"] = connection.project_domain_name if connection.project_domain_name auth["auth"]["scope"]["project"]["domain"]["id"] = connection.project_domain_id if connection.project_domain_id end # handle domain authentication scope if connection.domain_name || connection.domain_id auth["auth"]["scope"] = { "domain" => {} } auth["auth"]["scope"]["domain"]["name"] = connection.domain_name if connection.domain_name auth["auth"]["scope"]["domain"]["id"] = connection.domain_id if connection.domain_id end response = server.post(connection.auth_path.chomp('/') + '/auth/tokens', JSON.generate(auth), {'Content-Type' => 'application/json'}) # debugging if connection.is_debug puts "REQUEST: POST => #{connection.auth_path.chomp('/') + '/auth/tokens'}" puts "RESPONSE: #{response.body}" puts '----------------------------------------' end if response.code =~ /^20./ connection.authtoken = response['X-Subject-Token'] resp_data=JSON.parse(response.body) catalog = resp_data["token"]["catalog"] unless catalog raise OpenStack::Exception::Authentication, "No service catalog returned. Maybe your auth request is unscoped. Please check if your selected user has a default project." end # Check if the used service is available implemented_services = resp_data["token"]["catalog"].map {|service| service['type']} raise OpenStack::Exception::NotImplemented.new("The requested service: \"#{connection.service_type}\" is not present " + "in the returned service catalogue.", 501, "#{resp_data["access"]["serviceCatalog"]}") unless implemented_services.include?(connection.service_type) catalog.each do |service| service["endpoints"].each do |endpoint| connection.regions_list[endpoint["region"]] ||= [] connection.regions_list[endpoint["region"]] << {:service=>service["type"], :versionId => endpoint["versionId"]} end # set use preset service name if set, otherwise ignore. if connection.service_name check_service_name = connection.service_name else check_service_name = service['name'] end if service['type'] == connection.service_type and service['name'] == check_service_name endpoints = service["endpoints"] # filter endpoints by interfacetype interface_type = connection.endpoint_type.gsub('URL','') endpoints = endpoints.select {|ep| ep['interface'] == interface_type} # Select endpoint based on region if connection.region endpoints.each do |ep| if ep["region"] and ep["region"].upcase == connection.region.upcase @uri = URI.parse(ep['url']) end end else @uri = URI.parse(endpoints[0]['url']) end if @uri == "" raise OpenStack::Exception::Authentication, "No API endpoint for region #{connection.region}" else connection.service_host = @uri.host connection.service_path = @uri.path connection.service_port = @uri.port connection.service_scheme = @uri.scheme connection.authok = true end end end else connection.authtoken = false raise OpenStack::Exception::Authentication, "Authentication failed with response code #{response.code}" end server.finish if server.started? end |
Instance Attribute Details
#uri ⇒ Object (readonly)
Returns the value of attribute uri.
508 509 510 |
# File 'lib/openstack/connection.rb', line 508 def uri @uri end |
#version ⇒ Object (readonly)
Returns the value of attribute version.
508 509 510 |
# File 'lib/openstack/connection.rb', line 508 def version @version end |