Revision 25a04cdd
| b/astakosclient/astakosclient/__init__.py | ||
|---|---|---|
| 123 | 123 |
|
| 124 | 124 |
# ---------------------------------- |
| 125 | 125 |
@retry |
| 126 |
def _call_astakos(self, token, request_path, |
|
| 127 |
headers=None, body=None, method="GET"):
|
|
| 126 |
def _call_astakos(self, token, request_path, headers=None,
|
|
| 127 |
body=None, method="GET", log_body=True):
|
|
| 128 | 128 |
"""Make the actual call to Astakos Service""" |
| 129 | 129 |
if token is not None: |
| 130 | 130 |
hashed_token = hashlib.sha1() |
| ... | ... | |
| 134 | 134 |
using_token = "without using token" |
| 135 | 135 |
self.logger.debug( |
| 136 | 136 |
"Make a %s request to %s %s with headers %s and body %s" |
| 137 |
% (method, request_path, using_token, headers, body)) |
|
| 137 |
% (method, request_path, using_token, headers, |
|
| 138 |
body if log_body else "(not logged)")) |
|
| 138 | 139 |
|
| 139 | 140 |
# Check Input |
| 140 | 141 |
if headers is None: |
| ... | ... | |
| 362 | 363 |
WARNING: This api call encodes the user's token inside the url. |
| 363 | 364 |
It's thoughs security unsafe to use it (both astakosclient and |
| 364 | 365 |
nginx tend to log requested urls). |
| 365 |
Avoid the use of get_endpoints method and use *** instead. |
|
| 366 |
Avoid the use of get_endpoints method and use |
|
| 367 |
get_user_info_with_endpoints instead. |
|
| 366 | 368 |
|
| 367 | 369 |
""" |
| 368 | 370 |
params = {}
|
| ... | ... | |
| 377 | 379 |
return self._call_astakos(token, path) |
| 378 | 380 |
|
| 379 | 381 |
# ---------------------------------- |
| 382 |
# do a POST to ``API_TOKENS`` |
|
| 383 |
def get_user_info_with_endpoints(self, token, uuid=None): |
|
| 384 |
""" Fallback call for authenticate |
|
| 385 |
|
|
| 386 |
Keyword arguments: |
|
| 387 |
token -- user's token (string) |
|
| 388 |
uuid -- user's uniq id |
|
| 389 |
|
|
| 390 |
It returns back the token as well as information about the token |
|
| 391 |
holder and the services he/she can acess (in json format). |
|
| 392 |
In case of error raise an AstakosClientException. |
|
| 393 |
|
|
| 394 |
""" |
|
| 395 |
req_path = copy(API_TOKENS) |
|
| 396 |
req_headers = {'content-type': 'application/json'}
|
|
| 397 |
body = {'auth': {'token': {'id': token}}}
|
|
| 398 |
if uuid is not None: |
|
| 399 |
body['auth']['tenantName'] = uuid |
|
| 400 |
req_body = parse_request(body, self.logger) |
|
| 401 |
return self._call_astakos(token, req_path, req_headers, |
|
| 402 |
req_body, "POST", False) |
|
| 403 |
|
|
| 404 |
# ---------------------------------- |
|
| 380 | 405 |
# do a GET to ``API_QUOTAS`` |
| 381 | 406 |
def get_quotas(self, token): |
| 382 | 407 |
"""Get user's quotas |
| b/astakosclient/astakosclient/tests.py | ||
|---|---|---|
| 291 | 291 |
# Check input |
| 292 | 292 |
if conn.__class__.__name__ != "HTTPSConnection": |
| 293 | 293 |
return _request_status_302(conn, method, url, **kwargs) |
| 294 |
if method != "GET": |
|
| 295 |
return _request_status_400(conn, method, url, **kwargs) |
|
| 296 | 294 |
|
| 297 | 295 |
token_head = kwargs['headers'].get('X-Auth-Token')
|
| 298 |
url_split = url[len(astakosclient.API_TOKENS):].split('/')
|
|
| 299 |
token_url = url_split[1] |
|
| 300 |
if token_head != token_url: |
|
| 301 |
return _request_status_403(conn, method, url, **kwargs) |
|
| 302 |
if token_url != token_1: |
|
| 303 |
return _request_status_401(conn, method, url, **kwargs) |
|
| 296 |
if url == astakosclient.API_TOKENS: |
|
| 297 |
if method != "POST": |
|
| 298 |
return _request_status_400(conn, method, url, **kwargs) |
|
| 299 |
body = simplejson.loads(kwargs['body']) |
|
| 300 |
token = body['auth']['token']['id'] |
|
| 301 |
if token != token_1: |
|
| 302 |
return _request_status_401(conn, method, url, **kwargs) |
|
| 303 |
# Return |
|
| 304 |
return ("", simplejson.dumps(user_info_endpoints), 200)
|
|
| 304 | 305 |
|
| 305 |
# Return |
|
| 306 |
return ("", simplejson.dumps(endpoints), 200)
|
|
| 306 |
else: |
|
| 307 |
if method != "GET": |
|
| 308 |
return _request_status_400(conn, method, url, **kwargs) |
|
| 309 |
url_split = url[len(astakosclient.API_TOKENS):].split('/')
|
|
| 310 |
token_url = url_split[1] |
|
| 311 |
if token_head != token_url: |
|
| 312 |
return _request_status_403(conn, method, url, **kwargs) |
|
| 313 |
if token_url != token_1: |
|
| 314 |
return _request_status_401(conn, method, url, **kwargs) |
|
| 315 |
# Return |
|
| 316 |
return ("", simplejson.dumps(endpoints), 200)
|
|
| 307 | 317 |
|
| 308 | 318 |
|
| 309 | 319 |
# ---------------------------- |
| ... | ... | |
| 419 | 429 |
{"href": "/astakos/api/tokens/0000/endpoints?marker=4&limit=10000",
|
| 420 | 430 |
"rel": "next"}]} |
| 421 | 431 |
|
| 432 |
user_info_endpoints = \ |
|
| 433 |
{'serviceCatalog': [
|
|
| 434 |
{'endpoints': [{
|
|
| 435 |
'SNF:uiURL': 'https://node1.example.com/ui/', |
|
| 436 |
'adminURL': 'https://node1.example.com/v1', |
|
| 437 |
'internalUrl': 'https://node1.example.com/v1', |
|
| 438 |
'publicURL': 'https://node1.example.com/v1', |
|
| 439 |
'region': 'cyclades'}], |
|
| 440 |
'name': 'cyclades', |
|
| 441 |
'type': 'compute'}, |
|
| 442 |
{'endpoints': [{
|
|
| 443 |
'SNF:uiURL': 'https://node2.example.com/ui/', |
|
| 444 |
'adminURL': 'https://node2.example.com/v1', |
|
| 445 |
'internalUrl': 'https://node2.example.com/v1', |
|
| 446 |
'publicURL': 'https://node2.example.com/v1', |
|
| 447 |
'region': 'pithos'}], |
|
| 448 |
'name': 'pithos', |
|
| 449 |
'type': 'storage'}], |
|
| 450 |
'token': {
|
|
| 451 |
'expires': '2013-06-19T15:23:59.975572+00:00', |
|
| 452 |
'id': token_1, |
|
| 453 |
'tenant': {
|
|
| 454 |
'id': user_1, |
|
| 455 |
'name': 'Firstname Lastname'}}, |
|
| 456 |
'user': {
|
|
| 457 |
'id': user_1, |
|
| 458 |
'name': 'Firstname Lastname', |
|
| 459 |
'roles': [{'id': 1, 'name': 'default'}],
|
|
| 460 |
'roles_links': []}} |
|
| 461 |
|
|
| 422 | 462 |
quotas = {
|
| 423 | 463 |
"system": {
|
| 424 | 464 |
"cyclades.ram": {
|
| ... | ... | |
| 1162 | 1202 |
else: |
| 1163 | 1203 |
self.fail("Should have raised Unauthorized Exception")
|
| 1164 | 1204 |
|
| 1205 |
# ---------------------------------- |
|
| 1206 |
def test_get_user_info_with_endpoints(self): |
|
| 1207 |
"""Test function call of get_user_info_with_endpoints""" |
|
| 1208 |
global token_1, user_info_endpoints |
|
| 1209 |
_mock_request([_request_ok]) |
|
| 1210 |
try: |
|
| 1211 |
client = AstakosClient("https://example.com")
|
|
| 1212 |
response = client.get_user_info_with_endpoints(token_1) |
|
| 1213 |
except Exception as err: |
|
| 1214 |
self.fail("Shouldn't raise Exception %s" % err)
|
|
| 1215 |
self.assertEqual(response, user_info_endpoints) |
|
| 1216 |
|
|
| 1165 | 1217 |
|
| 1166 | 1218 |
# ---------------------------- |
| 1167 | 1219 |
# Run tests |
| b/astakosclient/docs/index.rst | ||
|---|---|---|
| 140 | 140 |
|
| 141 | 141 |
.. warning:: *get_endpoints* api call encodes the user's token inside |
| 142 | 142 |
the url. It's security unsafe to use it (both astakosclient |
| 143 |
and nginx tend to log requested urls). |
|
| 143 |
and nginx tend to log requested urls). Use |
|
| 144 |
get_user_info_with_endpoints instead. |
|
| 145 |
|
|
| 146 |
**get_user_info_with_endpoints(**\ token, uuid=None\ **)** |
|
| 147 |
Fallback call which receives the user token or the user uuid/token |
|
| 148 |
and returns back the token as well as information about the token |
|
| 149 |
holder and the services he/seh can access. |
|
| 150 |
In case of error raise an AstakosClientException exception. |
|
| 144 | 151 |
|
| 145 | 152 |
**get_quotas(**\ token\ **)** |
| 146 | 153 |
Given a user's authentication token return user's |
Also available in: Unified diff