Beispiel #1
0
func createAuthenticatedClient(t *testing.T) *gophercloud.ServiceClient {
	// Obtain credentials from the environment.
	ao, err := openstack.AuthOptionsFromEnv()
	th.AssertNoErr(t, err)

	// Trim out unused fields.
	ao.Username, ao.TenantID, ao.TenantName = "", "", ""

	if ao.UserID == "" {
		t.Logf("Skipping identity v3 tests because no OS_USERID is present.")
		return nil
	}

	// Create a client and manually authenticate against v3.
	providerClient, err := openstack.NewClient(ao.IdentityEndpoint)
	if err != nil {
		t.Fatalf("Unable to instantiate client: %v", err)
	}

	err = openstack.AuthenticateV3(providerClient, ao)
	if err != nil {
		t.Fatalf("Unable to authenticate against identity v3: %v", err)
	}

	// Create a service client.
	return openstack.NewIdentityV3(providerClient)
}
Beispiel #2
0
func newClient(t *testing.T) *gophercloud.ServiceClient {

	authURL := os.Getenv("OS_AUTH_URL")
	username := os.Getenv("OS_USERNAME")
	password := os.Getenv("OS_PASSWORD")
	tenantName := os.Getenv("OS_TENANT_NAME")
	tenantID := os.Getenv("OS_TENANT_ID")
	domainName := os.Getenv("OS_DOMAIN_NAME")
	regionName := os.Getenv("OS_REGION_NAME")

	t.Logf("Credentials used: OS_AUTH_URL='%s' OS_USERNAME='******' OS_PASSWORD='******' OS_TENANT_NAME='%s' OS_TENANT_NAME='%s' OS_REGION_NAME='%s' OS_TENANT_ID='%s' \n",
		authURL, username, tenantName, domainName, regionName, tenantID)

	client, err := openstack.NewClient(authURL)
	th.AssertNoErr(t, err)

	ao := gophercloud.AuthOptions{
		Username:   username,
		Password:   password,
		TenantName: tenantName,
		TenantID:   tenantID,
		DomainName: domainName,
	}

	err = openstack.AuthenticateV3(client, ao)
	th.AssertNoErr(t, err)
	t.Logf("Token is %v", client.TokenID)

	c, err := openstack.NewImageServiceV2(client, gophercloud.EndpointOpts{
		Region: regionName,
	})
	th.AssertNoErr(t, err)
	return c
}
// NewKeystoneClient initilizes a keystone client with the provided configuration.
func NewKeystoneClient(config Config) (KeystoneClient, error) {
	opts := config.AuthOptions
	provider, err := openstack.AuthenticatedClient(opts)
	if err != nil {
		return nil, err
	}
	client := openstack.NewIdentityV3(provider)
	// build a closure for ksClient reauthentication
	client.ReauthFunc = func() error {
		return openstack.AuthenticateV3(client.ProviderClient, opts)
	}
	return &KeystoneClientImpl{client: client, opts: opts, token: nil, monascaURL: nil}, nil
}
Beispiel #4
0
// AuthenticatePassword approves any login attempt which is successfully validated with Keystone
func (a keystonePasswordAuthenticator) AuthenticatePassword(username, password string) (user.Info, bool, error) {
	defer func() {
		if e := recover(); e != nil {
			utilruntime.HandleError(fmt.Errorf("Recovered panic: %v, %s", e, debug.Stack()))
		}
	}()

	// if password is missing, fail authentication immediately
	if len(password) == 0 {
		return nil, false, nil
	}

	opts := gophercloud.AuthOptions{
		IdentityEndpoint: a.url,
		Username:         username,
		Password:         password,
		DomainName:       a.domainName,
	}

	// Calling NewClient/Authenticate manually rather than simply calling AuthenticatedClient
	// in order to pass in a transport object that supports SSL
	client, err := openstack.NewClient(opts.IdentityEndpoint)
	if err != nil {
		glog.Warningf("Failed: Initializing openstack authentication client: %v", err)
		return nil, false, err
	}

	client.HTTPClient = *a.client
	err = openstack.AuthenticateV3(client, opts)
	if err != nil {
		if responseErr, ok := err.(*gophercloud.UnexpectedResponseCodeError); ok {
			if responseErr.Actual == 401 {
				return nil, false, nil
			}
		}
		glog.Warningf("Failed: Calling openstack AuthenticateV3: %v", err)
		return nil, false, err
	}

	identity := authapi.NewDefaultUserIdentityInfo(a.providerName, username)
	user, err := a.identityMapper.UserFor(identity)
	if err != nil {
		glog.V(4).Infof("Error creating or updating mapping for: %#v due to %v", identity, err)
		return nil, false, err
	}
	glog.V(4).Infof("Got userIdentityMapping: %#v", user)

	return user, true, nil
}
func TestKeystoneClientReauthenticate(t *testing.T) {
	// setup
	opts := testConfig.AuthOptions
	provider, err := openstack.AuthenticatedClient(opts)
	assert.NoError(t, err)
	client := openstack.NewIdentityV3(provider)
	client.TokenID = "someinvalidtoken"
	client.ReauthFunc = func() error { return openstack.AuthenticateV3(client.ProviderClient, opts) }
	ksClient := &KeystoneClientImpl{client: client, opts: opts, token: validToken, monascaURL: nil}

	// do
	token, err := ksClient.GetToken()

	// assert
	assert.NoError(t, err)
	assert.Equal(t, token, testToken)
}