Blame - tempest/common/cred_provider.py - packaging/sources/tempest

blob: 6be1b6b056c2ad5068bf81cb0a555e5f707644ae [file] [log] [blame]

Andrea Frittoli	8283b4e	2014-07-17 13:28:58 +0100	[diff] [blame]	1	# Copyright (c) 2014 Deutsche Telekom AG
				2	# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
Marc Koderer	d2690fe	2014-07-16 14:17:47 +0200	[diff] [blame]	3	# Licensed under the Apache License, Version 2.0 (the "License");
				4	# you may not use this file except in compliance with the License.
				5	# You may obtain a copy of the License at
				6	#
				7	# http://www.apache.org/licenses/LICENSE-2.0
				8	#
				9	# Unless required by applicable law or agreed to in writing, software
				10	# distributed under the License is distributed on an "AS IS" BASIS,
				11	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				12	# See the License for the specific language governing permissions and
				13	# limitations under the License.
				14
				15	import abc
Matthew Treinish	96e9e88	2014-06-09 18:37:19 -0400	[diff] [blame]	16
Doug Hellmann	583ce2c	2015-03-11 14:55:46 +0000	[diff] [blame]	17	from oslo_log import log as logging
Marc Koderer	d2690fe	2014-07-16 14:17:47 +0200	[diff] [blame]	18	import six
				19
Andrea Frittoli	9efbe95	2015-01-29 12:43:09 +0000	[diff] [blame]	20	from tempest import auth
Marc Koderer	d2690fe	2014-07-16 14:17:47 +0200	[diff] [blame]	21	from tempest import config
Andrea Frittoli	9efbe95	2015-01-29 12:43:09 +0000	[diff] [blame]	22	from tempest import exceptions
Marc Koderer	d2690fe	2014-07-16 14:17:47 +0200	[diff] [blame]	23
				24	CONF = config.CONF
				25	LOG = logging.getLogger(__name__)
				26
Andrea Frittoli	9efbe95	2015-01-29 12:43:09 +0000	[diff] [blame]	27	# Type of credentials available from configuration
				28	CREDENTIAL_TYPES = {
				29	'identity_admin': ('identity', 'admin'),
				30	'user': ('identity', None),
				31	'alt_user': ('identity', 'alt')
				32	}
				33
				34
				35	# Read credentials from configuration, builds a Credentials object
				36	# based on the specified or configured version
				37	def get_configured_credentials(credential_type, fill_in=True,
				38	identity_version=None):
				39	identity_version = identity_version or CONF.identity.auth_version
				40	if identity_version not in ('v2', 'v3'):
				41	raise exceptions.InvalidConfiguration(
				42	'Unsupported auth version: %s' % identity_version)
				43	if credential_type not in CREDENTIAL_TYPES:
				44	raise exceptions.InvalidCredentials()
				45	conf_attributes = ['username', 'password', 'tenant_name']
				46	if identity_version == 'v3':
				47	conf_attributes.append('domain_name')
				48	# Read the parts of credentials from config
				49	params = {}
				50	section, prefix = CREDENTIAL_TYPES[credential_type]
				51	for attr in conf_attributes:
				52	_section = getattr(CONF, section)
				53	if prefix is None:
				54	params[attr] = getattr(_section, attr)
				55	else:
				56	params[attr] = getattr(_section, prefix + "_" + attr)
				57	# Build and validate credentials. We are reading configured credentials,
				58	# so validate them even if fill_in is False
Andrea Frittoli	878d5ab	2015-01-30 13:22:50 +0000	[diff] [blame]	59	credentials = get_credentials(fill_in=fill_in, **params)
Andrea Frittoli	9efbe95	2015-01-29 12:43:09 +0000	[diff] [blame]	60	if not fill_in:
				61	if not credentials.is_valid():
				62	msg = ("The %s credentials are incorrectly set in the config file."
				63	" Double check that all required values are assigned" %
				64	credential_type)
				65	raise exceptions.InvalidConfiguration(msg)
				66	return credentials
				67
Marc Koderer	d2690fe	2014-07-16 14:17:47 +0200	[diff] [blame]	68
Andrea Frittoli	878d5ab	2015-01-30 13:22:50 +0000	[diff] [blame]	69	# Wrapper around auth.get_credentials to use the configured identity version
				70	# is none is specified
				71	def get_credentials(fill_in=True, identity_version=None, **kwargs):
				72	identity_version = identity_version or CONF.identity.auth_version
Andrea Frittoli	5c05d59	2015-01-30 13:42:32 +0000	[diff] [blame]	73	# In case of "v3" add the domain from config if not specified
				74	if identity_version == 'v3':
				75	domain_fields = set(x for x in auth.KeystoneV3Credentials.ATTRIBUTES
				76	if 'domain' in x)
				77	if not domain_fields.intersection(kwargs.keys()):
				78	kwargs['user_domain_name'] = CONF.identity.admin_domain_name
ghanshyam	5ff763f	2015-02-18 16:15:58 +0900	[diff] [blame]	79	auth_url = CONF.identity.uri_v3
				80	else:
				81	auth_url = CONF.identity.uri
				82	return auth.get_credentials(auth_url,
				83	fill_in=fill_in,
Andrea Frittoli	878d5ab	2015-01-30 13:22:50 +0000	[diff] [blame]	84	identity_version=identity_version,
				85	**kwargs)
				86
				87
Marc Koderer	d2690fe	2014-07-16 14:17:47 +0200	[diff] [blame]	88	@six.add_metaclass(abc.ABCMeta)
				89	class CredentialProvider(object):
Andrea Frittoli	c097835	2015-02-06 15:57:40 +0000	[diff] [blame]	90	def __init__(self, name, password='pass', network_resources=None):
Marc Koderer	d2690fe	2014-07-16 14:17:47 +0200	[diff] [blame]	91	self.name = name
				92
				93	@abc.abstractmethod
				94	def get_primary_creds(self):
				95	return
				96
				97	@abc.abstractmethod
				98	def get_admin_creds(self):
				99	return
				100
				101	@abc.abstractmethod
				102	def get_alt_creds(self):
				103	return
				104
				105	@abc.abstractmethod
				106	def clear_isolated_creds(self):
				107	return
Andrea Frittoli	8283b4e	2014-07-17 13:28:58 +0100	[diff] [blame]	108
				109	@abc.abstractmethod
				110	def is_multi_user(self):
				111	return
Yair Fried	76488d7	2014-10-21 10:13:19 +0300	[diff] [blame]	112
				113	@abc.abstractmethod
				114	def is_multi_tenant(self):
				115	return
Matthew Treinish	976e8df	2014-12-19 14:21:54 -0500	[diff] [blame]	116
				117	@abc.abstractmethod
				118	def get_creds_by_roles(self, roles, force_new=False):
				119	return
Matthew Treinish	4a59693	2015-03-06 20:37:01 -0500	[diff] [blame]	120
				121	@abc.abstractmethod
				122	def is_role_available(self, role):
				123	return