neutron

Merge lp:~salvatore-orlando/neutron/bug838006 into lp:neutron/diablo

  1. bug838006
  2. Merge into diablo
Proposed by Salvatore Orlando
Status: Merged
Merged at revision: 68
Proposed branch: lp:~salvatore-orlando/neutron/bug838006
Merge into: lp:neutron/diablo
Prerequisite: lp:~salvatore-orlando/neutron/quantum-api-auth
Diff against target: 126 lines (+63/-2)
3 files modified
bin/cli (+4/-1)
etc/quantum.conf (+49/-0)
quantum/client.py (+10/-1)
To merge this branch: bzr merge lp:~salvatore-orlando/neutron/bug838006
Reviewer Review Type Date Requested Status
dan wendlandt Approve
Brad Hall (community) Approve
Review via email: mp+73696@code.launchpad.net

Description of the change

************************************************************
NOTE: There merge proposal has a prerequisite branch:
~salvatore-orlando/quantum/quantum-api-auth
Please review it after the above branch has been merged
************************************************************

This branch simply allows the client library to add the Auth token for keystone in the request. The auth token is specified in the constructor, and it is optional.

The cli has also been update. The auth token can be specified as a command line parameter (-t or --token)

To post a comment you must log in.
Revision history for this message
Somik Behera (somikbehera) wrote :

quantum.conf :

- We disable keystone integration by default, I think you missed this by mistake.

Otherwise, this change looks simple enough and adds optional auth component support to our client infrastructure.

I'll do another review and approve the merge-prop once we have merged the keystone integration branch.

Revision history for this message
Brad Hall (bgh) wrote :

Looks good to me

review: Approve
Revision history for this message
Salvatore Orlando (salvatore-orlando) wrote :

>
> quantum.conf :
>
> - We disable keystone integration by default, I think you missed this by
> mistake.
>
> Otherwise, this change looks simple enough and adds optional auth component
> support to our client infrastructure.
>
> I'll do another review and approve the merge-prop once we have merged the
> keystone integration branch.

Yeah, I forgot to revert it after testing. Will update soon.
Reverting to WIP for now.

Revision history for this message
Salvatore Orlando (salvatore-orlando) wrote :

The default pipeline in etc/quantum.conf has been restored

Revision history for this message
dan wendlandt (danwent) wrote :

This looks good, but to avoid confusion, I will wait to approve until the main keystone branch is merged.

Revision history for this message
Salvatore Orlando (salvatore-orlando) wrote :

> This looks good, but to avoid confusion, I will wait to approve until the main
> keystone branch is merged.

Definitely (the keystone branch is marked as prerequisite).
I've waited till now to merge the Keystone branch as I wasn't sure if you guys had more feedback. As your approvals are there anyway, I think it is now safe to merge.

Revision history for this message
dan wendlandt (danwent) wrote :

I'm curious why the diff shows etc/quantum.conf being added, but when I merge into trunk it does not. Merged branch looks simple enough and makes sense.

Basic testing to make sure cli file correctly parses and loads.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'bin/cli'
2--- bin/cli 2011-08-26 08:41:19 +0000
3+++ bin/cli 2011-09-02 07:12:21 +0000
4@@ -126,6 +126,8 @@
5 action="store_true", default=False, help="turn on verbose logging")
6 parser.add_option("-f", "--logfile", dest="logfile",
7 type="string", default="syslog", help="log file path")
8+ parser.add_option("-t", "--token", dest="token",
9+ type="string", default=None, help="authentication token")
10 options, args = parser.parse_args()
11
12 if options.verbose:
13@@ -158,7 +160,8 @@
14 LOG.info("Executing command \"%s\" with args: %s" % (cmd, args))
15
16 client = Client(options.host, options.port, options.ssl,
17- args[0], FORMAT)
18+ args[0], FORMAT,
19+ auth_token=options.token)
20 commands[cmd]["func"](client, *args)
21
22 LOG.info("Command execution completed")
23
24=== added file 'etc/quantum.conf'
25--- etc/quantum.conf 1970-01-01 00:00:00 +0000
26+++ etc/quantum.conf 2011-09-02 07:12:21 +0000
27@@ -0,0 +1,49 @@
28+[DEFAULT]
29+# Show more verbose log output (sets INFO log level output)
30+verbose = True
31+
32+# Show debugging output in logs (sets DEBUG log level output)
33+debug = True
34+
35+# Address to bind the API server
36+bind_host = 0.0.0.0
37+
38+# Port the bind the API server to
39+bind_port = 9696
40+
41+# Path to the extensions
42+api_extensions_path = extensions
43+
44+[composite:quantum]
45+use = egg:Paste#urlmap
46+/: quantumversions
47+/v1.0: quantumapi
48+
49+[pipeline:quantumapi]
50+# To enable keystone integration uncomment the following line and
51+# comment the next one
52+#pipeline = authN authZ extensions quantumapiapp
53+pipeline = extensions quantumapiapp
54+
55+
56+[filter:authN]
57+paste.filter_factory = quantum.common.authentication:filter_factory
58+auth_host = 127.0.0.1
59+auth_port = 5001
60+auth_protocol = http
61+auth_version = 2.0
62+#auth_admin_token = 9a82c95a-99e9-4c3a-b5ee-199f6ba7ff04
63+auth_admin_user = admin
64+auth_admin_password = secrete
65+
66+[filter:authZ]
67+paste.filter_factory = quantum.common.authorization:filter_factory
68+
69+[filter:extensions]
70+paste.filter_factory = quantum.common.extensions:plugin_aware_extension_middleware_factory
71+
72+[app:quantumversions]
73+paste.app_factory = quantum.api.versions:Versions.factory
74+
75+[app:quantumapiapp]
76+paste.app_factory = quantum.api:APIRouterV1.factory
77
78=== modified file 'quantum/client.py'
79--- quantum/client.py 2011-08-30 01:59:14 +0000
80+++ quantum/client.py 2011-09-02 07:12:21 +0000
81@@ -34,6 +34,7 @@
82 431: exceptions.StateInvalid,
83 432: exceptions.PortInUseClient,
84 440: exceptions.AlreadyAttachedClient}
85+AUTH_TOKEN_HEADER = "X-Auth-Token"
86
87
88 class ApiCall(object):
89@@ -83,7 +84,8 @@
90
91 def __init__(self, host="127.0.0.1", port=9696, use_ssl=False, tenant=None,
92 format="xml", testingStub=None, key_file=None, cert_file=None,
93- logger=None, action_prefix="/v1.0/tenants/{tenant_id}"):
94+ auth_token=None, logger=None,
95+ action_prefix="/v1.0/tenants/{tenant_id}"):
96 """
97 Creates a new client to some service.
98
99@@ -95,6 +97,9 @@
100 :param testingStub: A class that stubs basic server methods for tests
101 :param key_file: The SSL key file to use if use_ssl is true
102 :param cert_file: The SSL cert file to use if use_ssl is true
103+ :param auth_token: authentication token to be passed to server
104+ :param logger: Logger object for the client library
105+ :param action_prefix: prefix for request URIs
106 """
107 self.host = host
108 self.port = port
109@@ -106,6 +111,7 @@
110 self.key_file = key_file
111 self.cert_file = cert_file
112 self.logger = logger
113+ self.auth_token = auth_token
114 self.action_prefix = action_prefix
115
116 def get_connection_type(self):
117@@ -163,6 +169,9 @@
118 connection_type = self.get_connection_type()
119 headers = headers or {"Content-Type":
120 "application/%s" % self.format}
121+ # if available, add authentication token
122+ if self.auth_token:
123+ headers[AUTH_TOKEN_HEADER] = self.auth_token
124 # Open connection and send request, handling SSL certs
125 certs = {'key_file': self.key_file, 'cert_file': self.cert_file}
126 certs = dict((x, certs[x]) for x in certs if certs[x] != None)

Subscribers

People subscribed via source and target branches