- return auth_token
- except ClientException as e:
- self.logger.exception("Error during user authentication using keystone. Method: basic: {}".format(e))
- raise AuthException("Error during user authentication using Keystone: {}".format(e),
- http_code=HTTPStatus.UNAUTHORIZED)
-
- # def authenticate_with_token(self, token, project=None):
- # """
- # Authenticate a user using a token. Can be used to revalidate the token
- # or to get a scoped token.
- #
- # :param token: a valid token.
- # :param project: (optional) project for a scoped token.
- # :return: return a revalidated token, scoped if a project was passed or
- # the previous token was already scoped.
- # """
- # try:
- # token_info = self.keystone.tokens.validate(token=token)
- # projects = self.keystone.projects.list(user=token_info["user"]["id"])
- # project_names = [project.name for project in projects]
- #
- # new_token = self.keystone.get_raw_token_from_identity_service(
- # auth_url=self.auth_url,
- # token=token,
- # project_name=project,
- # project_id=None,
- # user_domain_name=self.user_domain_name,
- # project_domain_name=self.project_domain_name)
- #
- # return new_token["auth_token"], project_names
- # except ClientException as e:
- # self.logger.exception("Error during user authentication using keystone. Method: bearer: {}".format(e))
- # raise AuthException("Error during user authentication using Keystone: {}".format(e),
- # http_code=HTTPStatus.UNAUTHORIZED)
+ scoped_token = self.keystone.get_raw_token_from_identity_service(
+ auth_url=self.auth_url,
+ project_name=project_name,
+ project_id=project_id,
+ user_domain_name=user_domain_name,
+ project_domain_name=project_domain_name,
+ token=unscoped_token["auth_token"])
+
+ auth_token = {
+ "_id": scoped_token.auth_token,
+ "id": scoped_token.auth_token,
+ "user_id": scoped_token.user_id,
+ "username": scoped_token.username,
+ "project_id": scoped_token.project_id,
+ "project_name": scoped_token.project_name,
+ "project_domain_name": scoped_token.project_domain_name,
+ "user_domain_name": scoped_token.user_domain_name,
+ "expires": scoped_token.expires.timestamp(),
+ "issued_at": scoped_token.issued.timestamp()
+ }
+
+ return auth_token
+ except ClientException as e:
+ if index >= len(user_domain_name_list)-1 or index >= len(project_domain_name_list)-1:
+ # if last try, launch exception
+ # self.logger.exception("Error during user authentication using keystone: {}".format(e))
+ raise AuthException("Error during user authentication using Keystone: {}".format(e),
+ http_code=HTTPStatus.UNAUTHORIZED)