| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 1 | package gophercloud |
| 2 | |
| Ash Wilson | 730a506 | 2014-10-31 15:13:35 -0400 | [diff] [blame] | 3 | /* |
| 4 | AuthOptions stores information needed to authenticate to an OpenStack cluster. |
| 5 | You can populate one manually, or use a provider's AuthOptionsFromEnv() function |
| 6 | to read relevant information from the standard environment variables. Pass one |
| 7 | to a provider's AuthenticatedClient function to authenticate and obtain a |
| 8 | ProviderClient representing an active session on that provider. |
| 9 | |
| 10 | Its fields are the union of those recognized by each identity implementation and |
| 11 | provider. |
| 12 | */ |
| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 13 | type AuthOptions struct { |
| Jamie Hannaford | b280dea | 2014-10-24 15:14:06 +0200 | [diff] [blame] | 14 | // IdentityEndpoint specifies the HTTP endpoint that is required to work with |
| Ash Wilson | 730a506 | 2014-10-31 15:13:35 -0400 | [diff] [blame] | 15 | // the Identity API of the appropriate version. While it's ultimately needed by |
| 16 | // all of the identity services, it will often be populated by a provider-level |
| 17 | // function. |
| Jon Perritt | db0ae14 | 2016-03-13 00:33:41 -0600 | [diff] [blame] | 18 | IdentityEndpoint string `json:"-"` |
| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 19 | |
| Jamie Hannaford | b280dea | 2014-10-24 15:14:06 +0200 | [diff] [blame] | 20 | // Username is required if using Identity V2 API. Consult with your provider's |
| 21 | // control panel to discover your account's username. In Identity V3, either |
| Ash Wilson | 730a506 | 2014-10-31 15:13:35 -0400 | [diff] [blame] | 22 | // UserID or a combination of Username and DomainID or DomainName are needed. |
| Jon Perritt | db0ae14 | 2016-03-13 00:33:41 -0600 | [diff] [blame] | 23 | Username string `json:"username,omitempty"` |
| 24 | UserID string `json:"id,omitempty"` |
| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 25 | |
| Jon Perritt | db0ae14 | 2016-03-13 00:33:41 -0600 | [diff] [blame] | 26 | Password string `json:"password,omitempty"` |
| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 27 | |
| Jamie Hannaford | b280dea | 2014-10-24 15:14:06 +0200 | [diff] [blame] | 28 | // At most one of DomainID and DomainName must be provided if using Username |
| 29 | // with Identity V3. Otherwise, either are optional. |
| Jon Perritt | db0ae14 | 2016-03-13 00:33:41 -0600 | [diff] [blame] | 30 | DomainID string `json:"id,omitempty"` |
| 31 | DomainName string `json:"name,omitempty"` |
| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 32 | |
| 33 | // The TenantID and TenantName fields are optional for the Identity V2 API. |
| 34 | // Some providers allow you to specify a TenantName instead of the TenantId. |
| Ash Wilson | 730a506 | 2014-10-31 15:13:35 -0400 | [diff] [blame] | 35 | // Some require both. Your provider's authentication policies will determine |
| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 36 | // how these fields influence authentication. |
| Jon Perritt | db0ae14 | 2016-03-13 00:33:41 -0600 | [diff] [blame] | 37 | TenantID string `json:"tenantId,omitempty"` |
| 38 | TenantName string `json:"tenantName,omitempty"` |
| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 39 | |
| 40 | // AllowReauth should be set to true if you grant permission for Gophercloud to |
| 41 | // cache your credentials in memory, and to allow Gophercloud to attempt to |
| 42 | // re-authenticate automatically if/when your token expires. If you set it to |
| 43 | // false, it will not cache these settings, but re-authentication will not be |
| 44 | // possible. This setting defaults to false. |
| Jon Perritt | db0ae14 | 2016-03-13 00:33:41 -0600 | [diff] [blame] | 45 | AllowReauth bool `json:"-"` |
| jrperritt | 95b74c8 | 2015-07-28 20:39:27 -0600 | [diff] [blame] | 46 | |
| jrperritt | 1f218c8 | 2015-07-29 08:54:18 -0600 | [diff] [blame] | 47 | // TokenID allows users to authenticate (possibly as another user) with an |
| 48 | // authentication token ID. |
| 49 | TokenID string |
| Ash Wilson | 70dfe0c | 2014-08-28 13:57:09 -0400 | [diff] [blame] | 50 | } |
| jrperritt | 64d0ef0 | 2016-04-13 13:10:04 -0500 | [diff] [blame] | 51 | |
| 52 | // ToTokenV2CreateMap allows AuthOptions to satisfy the AuthOptionsBuilder |
| 53 | // interface in the v2 tokens package |
| 54 | func (opts AuthOptions) ToTokenV2CreateMap() (map[string]interface{}, error) { |
| 55 | // Populate the request map. |
| 56 | authMap := make(map[string]interface{}) |
| 57 | |
| 58 | if opts.Username != "" { |
| 59 | if opts.Password != "" { |
| 60 | authMap["passwordCredentials"] = map[string]interface{}{ |
| 61 | "username": opts.Username, |
| 62 | "password": opts.Password, |
| 63 | } |
| 64 | } else { |
| 65 | return nil, ErrMissingInput{Argument: "Password"} |
| 66 | } |
| 67 | } else if opts.TokenID != "" { |
| 68 | authMap["token"] = map[string]interface{}{ |
| 69 | "id": opts.TokenID, |
| 70 | } |
| 71 | } else { |
| 72 | return nil, ErrMissingInput{Argument: "Username"} |
| 73 | } |
| 74 | |
| 75 | if opts.TenantID != "" { |
| 76 | authMap["tenantId"] = opts.TenantID |
| 77 | } |
| 78 | if opts.TenantName != "" { |
| 79 | authMap["tenantName"] = opts.TenantName |
| 80 | } |
| 81 | |
| 82 | return map[string]interface{}{"auth": authMap}, nil |
| 83 | } |