diff options
| author | Dean Troyer <dtroyer@gmail.com> | 2014-08-22 17:26:07 -0500 |
|---|---|---|
| committer | Dean Troyer <dtroyer@gmail.com> | 2014-09-08 00:06:52 -0500 |
| commit | ae957b176e5918f41024c00cbc39ea371a0c37c6 (patch) | |
| tree | f087abc03197bdbfbfe07ab46cefde083a487c56 /openstackclient/identity/client.py | |
| parent | 3317e0abf694c56cb3b24bdf2b2b10577ea47f6b (diff) | |
| download | python-openstackclient-ae957b176e5918f41024c00cbc39ea371a0c37c6.tar.gz | |
Use Keystone client session.Session
This replaces the restapi requests wrapper with the one from Keystone client so
we can take advantage of the auth plugins.
As a first step only the v2 and v3 token and password plugins are supported.
This maintainis no changes to the command options or environment variables.
The next steps will include reworking the other API client interfaces to
fully utilize the single auth session.
Blueprint: ksc-session-auth
Change-Id: I47ec63291e4c3cf36c8061299a4764f60b36ab89
Diffstat (limited to 'openstackclient/identity/client.py')
| -rw-r--r-- | openstackclient/identity/client.py | 36 |
1 files changed, 13 insertions, 23 deletions
diff --git a/openstackclient/identity/client.py b/openstackclient/identity/client.py index 820d08cb..a43b50e3 100644 --- a/openstackclient/identity/client.py +++ b/openstackclient/identity/client.py @@ -29,6 +29,12 @@ API_VERSIONS = { '3': 'keystoneclient.v3.client.Client', } +# Translate our API version to auth plugin version prefix +AUTH_VERSIONS = { + '2.0': 'v2', + '3': 'v3', +} + def make_client(instance): """Returns an identity service client.""" @@ -38,6 +44,8 @@ def make_client(instance): API_VERSIONS) LOG.debug('Instantiating identity client: %s', identity_client) + # TODO(dtroyer): Something doesn't like the session.auth when using + # token auth, chase that down. if instance._url: LOG.debug('Using token auth') client = identity_client( @@ -50,32 +58,14 @@ def make_client(instance): else: LOG.debug('Using password auth') client = identity_client( - username=instance._username, - password=instance._password, - user_domain_id=instance._user_domain_id, - user_domain_name=instance._user_domain_name, - project_domain_id=instance._project_domain_id, - project_domain_name=instance._project_domain_name, - domain_id=instance._domain_id, - domain_name=instance._domain_name, - tenant_name=instance._project_name, - tenant_id=instance._project_id, - auth_url=instance._auth_url, - region_name=instance._region_name, + session=instance.session, cacert=instance._cacert, - insecure=instance._insecure, - trust_id=instance._trust_id, ) - # TODO(dtroyer): the identity v2 role commands use this yet, fix that - # so we can remove it - instance.auth_ref = client.auth_ref - - # NOTE(dtroyer): this is hanging around until restapi is replace by - # ksc session - instance.session.set_auth( - client.auth_ref.auth_token, - ) + # TODO(dtroyer): the identity v2 role commands use this yet, fix that + # so we can remove it + if not instance._url: + instance.auth_ref = instance.auth.get_auth_ref(instance.session) return client |