139
139
"""Returns True if this client provides a service catalog."""
140
140
return hasattr(self, 'service_catalog')
142
def authenticate(self, username=None, password=None, tenant_name=None,
143
tenant_id=None, auth_url=None, token=None):
142
def process_token(self):
143
""" Extract and process information from the new auth_ref.
145
And set the relevant authentication information.
147
# if we got a response without a service catalog, set the local
148
# list of tenants for introspection, and leave to client user
149
# to determine what to do. Otherwise, load up the service catalog
150
self.auth_token = self.auth_ref.auth_token
151
if self.auth_ref.scoped:
152
if self.management_url is None and self.auth_ref.management_url:
153
self.management_url = self.auth_ref.management_url[0]
154
self.tenant_name = self.auth_ref.tenant_name
155
self.tenant_id = self.auth_ref.tenant_id
156
self.user_id = self.auth_ref.user_id
157
self._extract_service_catalog(self.auth_url, self.auth_ref)
159
def get_raw_token_from_identity_service(self, auth_url, username=None,
160
password=None, tenant_name=None,
161
tenant_id=None, token=None):
144
162
""" Authenticate against the Keystone API.
146
Uses the data provided at instantiation to authenticate against
147
the Keystone server. This may use either a username and password
148
or token for authentication. If a tenant name or id was provided
149
then the resulting authenticated client will be scoped to that
150
tenant and contain a service catalog of available endpoints.
152
With the v2.0 API, if a tenant name or ID is not provided, the
153
authenication token returned will be 'unscoped' and limited in
154
capabilities until a fully-scoped token is acquired.
156
If successful, sets the self.auth_ref and self.auth_token with
157
the returned token. If not already set, will also set
158
self.management_url from the details provided in the token.
160
:returns: ``True`` if authentication was successful.
164
:returns: ``raw token`` if authentication was successful.
161
165
:raises: AuthorizationFailure if unable to authenticate or validate
162
166
the existing authorization token
163
167
:raises: ValueError if insufficient parameters are used.
165
auth_url = auth_url or self.auth_url
166
username = username or self.username
167
password = password or self.password
168
tenant_name = tenant_name or self.tenant_name
169
tenant_id = tenant_id or self.tenant_id
170
token = token or self.auth_token
173
raw_token = self._base_authN(auth_url,
176
tenant_name=tenant_name,
179
self.auth_ref = access.AccessInfo(**raw_token)
180
# if we got a response without a service catalog, set the local
181
# list of tenants for introspection, and leave to client user
182
# to determine what to do. Otherwise, load up the service catalog
183
self.auth_token = self.auth_ref.auth_token
184
if self.auth_ref.scoped:
185
if self.management_url is None:
186
self.management_url = self.auth_ref.management_url[0]
187
self.tenant_name = self.auth_ref.tenant_name
188
self.tenant_id = self.auth_ref.tenant_id
189
self.user_id = self.auth_ref.user_id
190
self._extract_service_catalog(self.auth_url, self.auth_ref)
171
return self._base_authN(auth_url,
174
tenant_name=tenant_name,
192
177
except (exceptions.AuthorizationFailure, exceptions.Unauthorized):
193
178
_logger.debug("Authorization Failed.")