Gitiles
Code Review Sign In
spfactory.storpool.com / tempest / 9a6e697619925dd666342db1d0ce7619a946ba28 / . / tempest / services / identity / v3 / json / identity_client.py
blob: 4b530f16123f2e62eaa025bed2746b0d9a6f81a7 [file] [log] [blame]
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]1# Copyright 2013 OpenStack Foundation
2# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
16import json
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]17
Haiwei Xuaad85db2014-03-05 05:17:39 +0900[diff] [blame]18from tempest.common import rest_client
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]19from tempest import config
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]20from tempest import exceptions
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]21
22CONF = config.CONF
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]23
24
Haiwei Xuaad85db2014-03-05 05:17:39 +0900[diff] [blame]25class IdentityV3ClientJSON(rest_client.RestClient):
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]26
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]27 def __init__(self, auth_provider):
28 super(IdentityV3ClientJSON, self).__init__(auth_provider)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]29 self.service = CONF.identity.catalog_type
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]30 self.endpoint_url = 'adminURL'
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]31 self.api_version = "v3"
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]32
33 def create_user(self, user_name, **kwargs):
34 """Creates a user."""
35 password = kwargs.get('password', None)
36 email = kwargs.get('email', None)
37 en = kwargs.get('enabled', True)
38 project_id = kwargs.get('project_id', None)
39 description = kwargs.get('description', None)
40 domain_id = kwargs.get('domain_id', 'default')
41 post_body = {
42 'project_id': project_id,
43 'description': description,
44 'domain_id': domain_id,
45 'email': email,
46 'enabled': en,
47 'name': user_name,
48 'password': password
49 }
50 post_body = json.dumps({'user': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]51 resp, body = self.post('users', post_body)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]52 body = json.loads(body)
53 return resp, body['user']
54
55 def update_user(self, user_id, name, **kwargs):
56 """Updates a user."""
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]57 resp, body = self.get_user(user_id)
58 email = kwargs.get('email', body['email'])
59 en = kwargs.get('enabled', body['enabled'])
60 project_id = kwargs.get('project_id', body['project_id'])
61 description = kwargs.get('description', body['description'])
62 domain_id = kwargs.get('domain_id', body['domain_id'])
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]63 post_body = {
64 'name': name,
65 'email': email,
66 'enabled': en,
67 'project_id': project_id,
68 'id': user_id,
69 'domain_id': domain_id,
70 'description': description
71 }
72 post_body = json.dumps({'user': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]73 resp, body = self.patch('users/%s' % user_id, post_body)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]74 body = json.loads(body)
75 return resp, body['user']
76
77 def list_user_projects(self, user_id):
78 """Lists the projects on which a user has roles assigned."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]79 resp, body = self.get('users/%s/projects' % user_id)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]80 body = json.loads(body)
81 return resp, body['projects']
82
83 def get_users(self):
84 """Get the list of users."""
85 resp, body = self.get("users")
86 body = json.loads(body)
87 return resp, body['users']
88
89 def get_user(self, user_id):
90 """GET a user."""
91 resp, body = self.get("users/%s" % user_id)
92 body = json.loads(body)
93 return resp, body['user']
94
95 def delete_user(self, user_id):
96 """Deletes a User."""
97 resp, body = self.delete("users/%s" % user_id)
98 return resp, body
99
100 def create_project(self, name, **kwargs):
101 """Creates a project."""
102 description = kwargs.get('description', None)
103 en = kwargs.get('enabled', True)
104 domain_id = kwargs.get('domain_id', 'default')
105 post_body = {
106 'description': description,
107 'domain_id': domain_id,
108 'enabled': en,
109 'name': name
110 }
111 post_body = json.dumps({'project': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]112 resp, body = self.post('projects', post_body)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]113 body = json.loads(body)
114 return resp, body['project']
115
Nayna Patele6331362013-08-12 06:59:48 +0000[diff] [blame]116 def list_projects(self):
117 resp, body = self.get("projects")
118 body = json.loads(body)
119 return resp, body['projects']
120
121 def update_project(self, project_id, **kwargs):
122 resp, body = self.get_project(project_id)
123 name = kwargs.get('name', body['name'])
124 desc = kwargs.get('description', body['description'])
125 en = kwargs.get('enabled', body['enabled'])
126 domain_id = kwargs.get('domain_id', body['domain_id'])
127 post_body = {
128 'id': project_id,
129 'name': name,
130 'description': desc,
131 'enabled': en,
132 'domain_id': domain_id,
133 }
134 post_body = json.dumps({'project': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]135 resp, body = self.patch('projects/%s' % project_id, post_body)
Nayna Patele6331362013-08-12 06:59:48 +0000[diff] [blame]136 body = json.loads(body)
137 return resp, body['project']
138
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]139 def get_project(self, project_id):
140 """GET a Project."""
141 resp, body = self.get("projects/%s" % project_id)
142 body = json.loads(body)
143 return resp, body['project']
144
145 def delete_project(self, project_id):
146 """Delete a project."""
147 resp, body = self.delete('projects/%s' % str(project_id))
148 return resp, body
149
150 def create_role(self, name):
151 """Create a Role."""
152 post_body = {
153 'name': name
154 }
155 post_body = json.dumps({'role': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]156 resp, body = self.post('roles', post_body)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]157 body = json.loads(body)
158 return resp, body['role']
159
160 def get_role(self, role_id):
161 """GET a Role."""
162 resp, body = self.get('roles/%s' % str(role_id))
163 body = json.loads(body)
164 return resp, body['role']
165
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]166 def update_role(self, name, role_id):
167 """Create a Role."""
168 post_body = {
169 'name': name
170 }
171 post_body = json.dumps({'role': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]172 resp, body = self.patch('roles/%s' % str(role_id), post_body)
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]173 body = json.loads(body)
174 return resp, body['role']
175
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]176 def delete_role(self, role_id):
177 """Delete a role."""
178 resp, body = self.delete('roles/%s' % str(role_id))
179 return resp, body
180
181 def assign_user_role(self, project_id, user_id, role_id):
182 """Add roles to a user on a project."""
183 resp, body = self.put('projects/%s/users/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]184 (project_id, user_id, role_id), None)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]185 return resp, body
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]186
187 def create_domain(self, name, **kwargs):
188 """Creates a domain."""
189 description = kwargs.get('description', None)
190 en = kwargs.get('enabled', True)
191 post_body = {
192 'description': description,
193 'enabled': en,
194 'name': name
195 }
196 post_body = json.dumps({'domain': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]197 resp, body = self.post('domains', post_body)
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]198 body = json.loads(body)
199 return resp, body['domain']
200
201 def delete_domain(self, domain_id):
202 """Delete a domain."""
203 resp, body = self.delete('domains/%s' % str(domain_id))
204 return resp, body
205
206 def list_domains(self):
207 """List Domains."""
208 resp, body = self.get('domains')
209 body = json.loads(body)
210 return resp, body['domains']
211
212 def update_domain(self, domain_id, **kwargs):
213 """Updates a domain."""
214 resp, body = self.get_domain(domain_id)
215 description = kwargs.get('description', body['description'])
216 en = kwargs.get('enabled', body['enabled'])
217 name = kwargs.get('name', body['name'])
218 post_body = {
219 'description': description,
220 'enabled': en,
221 'name': name
222 }
223 post_body = json.dumps({'domain': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]224 resp, body = self.patch('domains/%s' % domain_id, post_body)
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]225 body = json.loads(body)
226 return resp, body['domain']
227
228 def get_domain(self, domain_id):
229 """Get Domain details."""
230 resp, body = self.get('domains/%s' % domain_id)
231 body = json.loads(body)
232 return resp, body['domain']
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]233
234 def get_token(self, resp_token):
235 """Get token details."""
236 headers = {'X-Subject-Token': resp_token}
237 resp, body = self.get("auth/tokens", headers=headers)
238 body = json.loads(body)
239 return resp, body['token']
240
241 def delete_token(self, resp_token):
242 """Deletes token."""
243 headers = {'X-Subject-Token': resp_token}
244 resp, body = self.delete("auth/tokens", headers=headers)
245 return resp, body
246
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]247 def create_group(self, name, **kwargs):
248 """Creates a group."""
249 description = kwargs.get('description', None)
250 domain_id = kwargs.get('domain_id', 'default')
251 project_id = kwargs.get('project_id', None)
252 post_body = {
253 'description': description,
254 'domain_id': domain_id,
255 'project_id': project_id,
256 'name': name
257 }
258 post_body = json.dumps({'group': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]259 resp, body = self.post('groups', post_body)
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]260 body = json.loads(body)
261 return resp, body['group']
262
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]263 def get_group(self, group_id):
264 """Get group details."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]265 resp, body = self.get('groups/%s' % group_id)
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]266 body = json.loads(body)
267 return resp, body['group']
268
269 def update_group(self, group_id, **kwargs):
270 """Updates a group."""
271 resp, body = self.get_group(group_id)
272 name = kwargs.get('name', body['name'])
273 description = kwargs.get('description', body['description'])
274 post_body = {
275 'name': name,
276 'description': description
277 }
278 post_body = json.dumps({'group': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]279 resp, body = self.patch('groups/%s' % group_id, post_body)
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]280 body = json.loads(body)
281 return resp, body['group']
282
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]283 def delete_group(self, group_id):
284 """Delete a group."""
285 resp, body = self.delete('groups/%s' % str(group_id))
286 return resp, body
287
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]288 def add_group_user(self, group_id, user_id):
289 """Add user into group."""
290 resp, body = self.put('groups/%s/users/%s' % (group_id, user_id),
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]291 None)
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]292 return resp, body
293
294 def list_group_users(self, group_id):
295 """List users in group."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]296 resp, body = self.get('groups/%s/users' % group_id)
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]297 body = json.loads(body)
298 return resp, body['users']
299
wanglianmin29b0f4c2014-03-06 19:09:16 +0800[diff] [blame]300 def list_user_groups(self, user_id):
301 """Lists groups which a user belongs to."""
302 resp, body = self.get('users/%s/groups' % user_id)
303 body = json.loads(body)
304 return resp, body['groups']
305
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]306 def delete_group_user(self, group_id, user_id):
307 """Delete user in group."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]308 resp, body = self.delete('groups/%s/users/%s' % (group_id, user_id))
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]309 return resp, body
310
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]311 def assign_user_role_on_project(self, project_id, user_id, role_id):
312 """Add roles to a user on a project."""
313 resp, body = self.put('projects/%s/users/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]314 (project_id, user_id, role_id), None)
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]315 return resp, body
316
317 def assign_user_role_on_domain(self, domain_id, user_id, role_id):
318 """Add roles to a user on a domain."""
319 resp, body = self.put('domains/%s/users/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]320 (domain_id, user_id, role_id), None)
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]321 return resp, body
322
323 def list_user_roles_on_project(self, project_id, user_id):
324 """list roles of a user on a project."""
325 resp, body = self.get('projects/%s/users/%s/roles' %
326 (project_id, user_id))
327 body = json.loads(body)
328 return resp, body['roles']
329
330 def list_user_roles_on_domain(self, domain_id, user_id):
331 """list roles of a user on a domain."""
332 resp, body = self.get('domains/%s/users/%s/roles' %
333 (domain_id, user_id))
334 body = json.loads(body)
335 return resp, body['roles']
336
337 def revoke_role_from_user_on_project(self, project_id, user_id, role_id):
338 """Delete role of a user on a project."""
339 resp, body = self.delete('projects/%s/users/%s/roles/%s' %
340 (project_id, user_id, role_id))
341 return resp, body
342
343 def revoke_role_from_user_on_domain(self, domain_id, user_id, role_id):
344 """Delete role of a user on a domain."""
345 resp, body = self.delete('domains/%s/users/%s/roles/%s' %
346 (domain_id, user_id, role_id))
347 return resp, body
348
349 def assign_group_role_on_project(self, project_id, group_id, role_id):
350 """Add roles to a user on a project."""
351 resp, body = self.put('projects/%s/groups/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]352 (project_id, group_id, role_id), None)
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]353 return resp, body
354
355 def assign_group_role_on_domain(self, domain_id, group_id, role_id):
356 """Add roles to a user on a domain."""
357 resp, body = self.put('domains/%s/groups/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]358 (domain_id, group_id, role_id), None)
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]359 return resp, body
360
361 def list_group_roles_on_project(self, project_id, group_id):
362 """list roles of a user on a project."""
363 resp, body = self.get('projects/%s/groups/%s/roles' %
364 (project_id, group_id))
365 body = json.loads(body)
366 return resp, body['roles']
367
368 def list_group_roles_on_domain(self, domain_id, group_id):
369 """list roles of a user on a domain."""
370 resp, body = self.get('domains/%s/groups/%s/roles' %
371 (domain_id, group_id))
372 body = json.loads(body)
373 return resp, body['roles']
374
375 def revoke_role_from_group_on_project(self, project_id, group_id, role_id):
376 """Delete role of a user on a project."""
377 resp, body = self.delete('projects/%s/groups/%s/roles/%s' %
378 (project_id, group_id, role_id))
379 return resp, body
380
381 def revoke_role_from_group_on_domain(self, domain_id, group_id, role_id):
382 """Delete role of a user on a domain."""
383 resp, body = self.delete('domains/%s/groups/%s/roles/%s' %
384 (domain_id, group_id, role_id))
385 return resp, body
386
Steven Hardybf70c5c2013-10-30 21:55:16 +0000[diff] [blame]387 def create_trust(self, trustor_user_id, trustee_user_id, project_id,
388 role_names, impersonation, expires_at):
389 """Creates a trust."""
390 roles = [{'name': n} for n in role_names]
391 post_body = {
392 'trustor_user_id': trustor_user_id,
393 'trustee_user_id': trustee_user_id,
394 'project_id': project_id,
395 'impersonation': impersonation,
396 'roles': roles,
397 'expires_at': expires_at
398 }
399 post_body = json.dumps({'trust': post_body})
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]400 resp, body = self.post('OS-TRUST/trusts', post_body)
Steven Hardybf70c5c2013-10-30 21:55:16 +0000[diff] [blame]401 body = json.loads(body)
402 return resp, body['trust']
403
404 def delete_trust(self, trust_id):
405 """Deletes a trust."""
406 resp, body = self.delete("OS-TRUST/trusts/%s" % trust_id)
407 return resp, body
408
409 def get_trusts(self, trustor_user_id=None, trustee_user_id=None):
410 """GET trusts."""
411 if trustor_user_id:
412 resp, body = self.get("OS-TRUST/trusts?trustor_user_id=%s"
413 % trustor_user_id)
414 elif trustee_user_id:
415 resp, body = self.get("OS-TRUST/trusts?trustee_user_id=%s"
416 % trustee_user_id)
417 else:
418 resp, body = self.get("OS-TRUST/trusts")
419 body = json.loads(body)
420 return resp, body['trusts']
421
422 def get_trust(self, trust_id):
423 """GET trust."""
424 resp, body = self.get("OS-TRUST/trusts/%s" % trust_id)
425 body = json.loads(body)
426 return resp, body['trust']
427
428 def get_trust_roles(self, trust_id):
429 """GET roles delegated by a trust."""
430 resp, body = self.get("OS-TRUST/trusts/%s/roles" % trust_id)
431 body = json.loads(body)
432 return resp, body['roles']
433
434 def get_trust_role(self, trust_id, role_id):
435 """GET role delegated by a trust."""
436 resp, body = self.get("OS-TRUST/trusts/%s/roles/%s"
437 % (trust_id, role_id))
438 body = json.loads(body)
439 return resp, body['role']
440
441 def check_trust_role(self, trust_id, role_id):
442 """HEAD Check if role is delegated by a trust."""
443 resp, body = self.head("OS-TRUST/trusts/%s/roles/%s"
444 % (trust_id, role_id))
445 return resp, body
446
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]447
Haiwei Xuaad85db2014-03-05 05:17:39 +0900[diff] [blame]448class V3TokenClientJSON(rest_client.RestClient):
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]449
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]450 def __init__(self):
451 super(V3TokenClientJSON, self).__init__(None)
452 auth_url = CONF.identity.uri_v3
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]453 if not auth_url and CONF.identity_feature_enabled.api_v3:
454 raise exceptions.InvalidConfiguration('you must specify a v3 uri '
455 'if using the v3 identity '
456 'api')
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]457 if 'auth/tokens' not in auth_url:
458 auth_url = auth_url.rstrip('/') + '/auth/tokens'
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]459
460 self.auth_url = auth_url
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]461
Brant Knudsonc5553292014-03-15 11:06:05 -0500[diff] [blame]462 def auth(self, user=None, password=None, tenant=None, user_type='id',
463 domain=None, token=None):
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]464 """
465 :param user: user id or name, as specified in user_type
466 :param domain: the user and tenant domain
Brant Knudsonc5553292014-03-15 11:06:05 -0500[diff] [blame]467 :param token: a token to re-scope.
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]468
469 Accepts different combinations of credentials. Restrictions:
470 - tenant and domain are only name (no id)
471 - user domain and tenant domain are assumed identical
472 - domain scope is not supported here
473 Sample sample valid combinations:
Brant Knudsonc5553292014-03-15 11:06:05 -0500[diff] [blame]474 - token
475 - token, tenant, domain
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]476 - user_id, password
477 - username, password, domain
478 - username, password, tenant, domain
479 Validation is left to the server side.
480 """
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]481 creds = {
482 'auth': {
483 'identity': {
Brant Knudsonc5553292014-03-15 11:06:05 -0500[diff] [blame]484 'methods': [],
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]485 }
486 }
487 }
Brant Knudsonc5553292014-03-15 11:06:05 -0500[diff] [blame]488 id_obj = creds['auth']['identity']
489 if token:
490 id_obj['methods'].append('token')
491 id_obj['token'] = {
492 'id': token
493 }
494 if user and password:
495 id_obj['methods'].append('password')
496 id_obj['password'] = {
497 'user': {
498 'password': password,
499 }
500 }
501 if user_type == 'id':
502 id_obj['password']['user']['id'] = user
503 else:
504 id_obj['password']['user']['name'] = user
505 if domain is not None:
506 _domain = dict(name=domain)
507 id_obj['password']['user']['domain'] = _domain
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]508 if tenant is not None:
Brant Knudsonc5553292014-03-15 11:06:05 -0500[diff] [blame]509 _domain = dict(name=domain)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]510 project = dict(name=tenant, domain=_domain)
511 scope = dict(project=project)
512 creds['auth']['scope'] = scope
513
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]514 body = json.dumps(creds)
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]515 resp, body = self.post(self.auth_url, body=body)
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]516 return resp, body
517
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]518 def request(self, method, url, headers=None, body=None):
519 """A simple HTTP request interface."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]520 if headers is None:
521 # Always accept 'json', for xml token client too.
522 # Because XML response is not easily
523 # converted to the corresponding JSON one
524 headers = self.get_headers(accept_type="json")
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]525 resp, resp_body = self.http_obj.request(url, method,
526 headers=headers, body=body)
Sean Dague89a85912014-03-19 16:37:29 -0400[diff] [blame]527 self._log_request(method, url, resp)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]528
529 if resp.status in [401, 403]:
530 resp_body = json.loads(resp_body)
531 raise exceptions.Unauthorized(resp_body['error']['message'])
532 elif resp.status not in [200, 201, 204]:
533 raise exceptions.IdentityError(
534 'Unexpected status code {0}'.format(resp.status))
535
536 return resp, json.loads(resp_body)
537
538 def get_token(self, user, password, tenant, domain='Default',
539 auth_data=False):
540 """
541 :param user: username
542 Returns (token id, token data) for supplied credentials
543 """
544 resp, body = self.auth(user, password, tenant, user_type='name',
545 domain=domain)
546
547 token = resp.get('x-subject-token')
548 if auth_data:
549 return token, body['token']
550 else:
551 return token