← Back to branch summary

~ubuntu-branches/ubuntu/quantal/keystone/quantal-security

« back to all changes in this revision

Viewing changes to keystone/middleware/auth_token.py

  • Committer: Package Import Robot
  • Author(s): Chuck Short
  • Date: 2012-06-22 12:27:50 UTC
  • mto: (35.1.1 quantal-proposed)
  • mto: This revision was merged to the branch mainline in revision 28.
  • Revision ID: package-import@ubuntu.com-20120622122750-4urdq17en1990apn
Tags: upstream-2012.2~f2~20120622.2353
ImportĀ upstreamĀ versionĀ 2012.2~f2~20120622.2353

Show diffs side-by-side

added added

removed removed

Lines of Context:
keystone/middleware/auth_token.py
76
76
HTTP_X_ROLES
77
77
    Comma delimited list of case-sensitive Roles
78
78
 
 
79
HTTP_X_SERVICE_CATALOG
 
80
    json encoded keystone service catalog (optional).
 
81
 
79
82
HTTP_X_TENANT
80
83
    *Deprecated* in favor of HTTP_X_TENANT_ID and HTTP_X_TENANT_NAME
81
84
    Keystone-assigned unique identifier, deprecated
161
164
                LOG.info('Using memcache for caching token')
162
165
                self._cache = memcache.Client(memcache_servers.split(','))
163
166
                self._iso8601 = iso8601
164
 
            except NameError as e:
 
167
            except ImportError as e:
165
168
                LOG.warn('disabled caching due to missing libraries %s', e)
166
169
 
167
170
    def __call__(self, env, start_response):
213
216
            'X-Role',
214
217
        )
215
218
        LOG.debug('Removing headers from request environment: %s' %
216
 
                     ','.join(auth_headers))
 
219
                  ','.join(auth_headers))
217
220
        self._remove_headers(env, auth_headers)
218
221
 
219
222
    def _get_user_token_from_header(self, env):
260
263
        if self.auth_protocol == 'http':
261
264
            return self.http_client_class(self.auth_host, self.auth_port)
262
265
        else:
263
 
            return self.http_client_class(self.auth_host, self.auth_port,
264
 
                self.key_file, self.cert_file)
 
266
            return self.http_client_class(self.auth_host,
 
267
                                          self.auth_port,
 
268
                                          self.key_file,
 
269
                                          self.cert_file)
265
270
 
266
271
    def _json_request(self, method, path, body=None, additional_headers=None):
267
272
        """HTTP request helper used to make json requests.
372
377
            self.admin_token = None
373
378
        else:
374
379
            LOG.error('Bad response code while validating token: %s' %
375
 
                         response.status)
 
380
                      response.status)
376
381
        if retry:
377
382
            LOG.info('Retrying validation')
378
383
            return self._validate_user_token(user_token, False)
392
397
         * X_USER_ID: id of user
393
398
         * X_USER_NAME: name of user
394
399
         * X_ROLES: list of roles
 
400
         * X_SERVICE_CATALOG: service catalog
395
401
 
396
402
        Additional (deprecated) headers include:
397
403
         * X_USER: name of user
433
439
        user_id = user['id']
434
440
        user_name = user['name']
435
441
 
436
 
        return {
 
442
        rval = {
437
443
            'X-Identity-Status': 'Confirmed',
438
444
            'X-Tenant-Id': tenant_id,
439
445
            'X-Tenant-Name': tenant_name,
446
452
            'X-Role': roles,
447
453
        }
448
454
 
 
455
        try:
 
456
            catalog = token_info['access']['serviceCatalog']
 
457
            rval['X-Service-Catalog'] = json.dumps(catalog)
 
458
        except KeyError:
 
459
            pass
 
460
 
 
461
        return rval
 
462
 
449
463
    def _header_to_env_var(self, key):
450
464
        """Convert header to wsgi env variable.
451
465