diff options
| author | Jamie Lennox <jamielennox@redhat.com> | 2014-10-30 15:12:05 +0100 |
|---|---|---|
| committer | Jamie Lennox <jamielennox@redhat.com> | 2015-01-23 10:41:07 +1000 |
| commit | 496a0efc43c40fb030b62f3ed632ee50659a9b41 (patch) | |
| tree | 1d2fce86dc5fbb5fc3b36c9ce643be2f332a752b /keystoneclient/session.py | |
| parent | eaab62aca5f570bd119b4c602db7845a017c958e (diff) | |
| download | python-keystoneclient-496a0efc43c40fb030b62f3ed632ee50659a9b41.tar.gz | |
Surface the user_id and project_id beyond the plugin
Having the user_id and project_id exposed in the plugin is a good first
step however we don't really expect the user to be interacting with the
plugins directly often - particularly as you need to pass session to the
methods.
Exposing get_user_id and get_project_id on the session and the adapter
in this way is very similar to the way we expose get_token and
get_endpoint on the session and adapter for use higher up.
Related-Bug: #1364724
Change-Id: If2f868c3ddc19133f18446e74f8e1b560a4798fa
Diffstat (limited to 'keystoneclient/session.py')
| -rw-r--r-- | keystoneclient/session.py | 65 |
1 files changed, 46 insertions, 19 deletions
diff --git a/keystoneclient/session.py b/keystoneclient/session.py index 1f606e4..0c3edbb 100644 --- a/keystoneclient/session.py +++ b/keystoneclient/session.py @@ -549,6 +549,16 @@ class Session(object): return cls(verify=verify, cert=cert, **kwargs) + def _auth_required(self, auth, msg): + if not auth: + auth = self.auth + + if not auth: + msg_fmt = _('An auth plugin is required to %s') + raise exceptions.MissingAuthPlugin(msg_fmt % msg) + + return auth + def get_token(self, auth=None): """Return a token as provided by the auth plugin. @@ -564,11 +574,7 @@ class Session(object): :returns: A valid token. :rtype: string """ - if not auth: - auth = self.auth - - if not auth: - raise exceptions.MissingAuthPlugin(_("Token Required")) + auth = self._auth_required(auth, 'fetch a token') try: return auth.get_token(self) @@ -589,14 +595,7 @@ class Session(object): :returns: An endpoint if available or None. :rtype: string """ - if not auth: - auth = self.auth - - if not auth: - raise exceptions.MissingAuthPlugin( - _('An auth plugin is required to determine the endpoint ' - 'URL.')) - + auth = self._auth_required(auth, 'determine endpoint URL') return auth.get_endpoint(self, **kwargs) def invalidate(self, auth=None): @@ -607,14 +606,42 @@ class Session(object): :type auth: :py:class:`keystoneclient.auth.base.BaseAuthPlugin` """ - if not auth: - auth = self.auth + auth = self._auth_required(auth, 'validate') + return auth.invalidate() - if not auth: - msg = _('Auth plugin not available to invalidate') - raise exceptions.MissingAuthPlugin(msg) + def get_user_id(self, auth=None): + """Return the authenticated user_id as provided by the auth plugin. - return auth.invalidate() + :param auth: The auth plugin to use for token. Overrides the plugin + on the session. (optional) + :type auth: keystoneclient.auth.base.BaseAuthPlugin + + :raises keystoneclient.exceptions.AuthorizationFailure: + if a new token fetch fails. + :raises keystoneclient.exceptions.MissingAuthPlugin: + if a plugin is not available. + + :returns string: Current user_id or None if not supported by plugin. + """ + auth = self._auth_required(auth, 'get user_id') + return auth.get_user_id(self) + + def get_project_id(self, auth=None): + """Return the authenticated project_id as provided by the auth plugin. + + :param auth: The auth plugin to use for token. Overrides the plugin + on the session. (optional) + :type auth: keystoneclient.auth.base.BaseAuthPlugin + + :raises keystoneclient.exceptions.AuthorizationFailure: + if a new token fetch fails. + :raises keystoneclient.exceptions.MissingAuthPlugin: + if a plugin is not available. + + :returns string: Current project_id or None if not supported by plugin. + """ + auth = self._auth_required(auth, 'get project_id') + return auth.get_project_id(self) @utils.positional.classmethod() def get_conf_options(cls, deprecated_opts=None): |