func authClient(ecfg *environConfig) (client.AuthenticatingClient, error) { identityClientVersion, err := identityClientVersion(ecfg.authURL()) if err != nil { return nil, errors.Annotate(err, "cannot create a client") } cred, authMode := newCredentials(ecfg) newClient := client.NewClient if ecfg.SSLHostnameVerification() == false { newClient = client.NewNonValidatingClient } client := newClient(&cred, authMode, nil) // before returning, lets make sure that we want to have AuthMode // AuthUserPass instead of its V3 counterpart. if authMode == identity.AuthUserPass && (identityClientVersion == -1 || identityClientVersion == 3) { options, err := client.IdentityAuthOptions() if err != nil { logger.Errorf("cannot determine available auth versions %v", err) } else { client = determineBestClient(options, client, cred, newClient) } } // By default, the client requires "compute" and // "object-store". Juju only requires "compute". client.SetRequiredServiceTypes([]string{"compute"}) return client, nil }
func authClient(ecfg *environConfig) client.AuthenticatingClient { cred := &identity.Credentials{ User: ecfg.username(), Secrets: ecfg.password(), Region: ecfg.region(), TenantName: ecfg.tenantName(), URL: ecfg.authURL(), } // authModeCfg has already been validated so we know it's one of the values below. var authMode identity.AuthMode switch AuthMode(ecfg.authMode()) { case AuthLegacy: authMode = identity.AuthLegacy case AuthUserPass: authMode = identity.AuthUserPass case AuthKeyPair: authMode = identity.AuthKeyPair cred.User = ecfg.accessKey() cred.Secrets = ecfg.secretKey() } newClient := client.NewClient if !ecfg.SSLHostnameVerification() { newClient = client.NewNonValidatingClient } client := newClient(cred, authMode, nil) // By default, the client requires "compute" and // "object-store". Juju only requires "compute". client.SetRequiredServiceTypes([]string{"compute"}) return client }