From: tierno Date: Thu, 13 Feb 2020 17:30:28 +0000 (+0000) Subject: allow extra domain input for token authentication X-Git-Tag: v7.1.0rc1^2~21 X-Git-Url: https://osm.etsi.org/gitweb/?a=commitdiff_plain;h=c7393b88143880b33e7a46916159ed49049b58a2;p=osm%2Fosmclient.git allow extra domain input for token authentication Change-Id: I8ae7a930c19349d46a45800bd1d827939b29eff9 Signed-off-by: tierno --- diff --git a/osmclient/scripts/osm.py b/osmclient/scripts/osm.py index b2caff0..2e36e4b 100755 --- a/osmclient/scripts/osm.py +++ b/osmclient/scripts/osm.py @@ -98,11 +98,21 @@ def check_client_version(obj, what, version='sol005'): @click.option('-v', '--verbose', count=True, help='increase verbosity (-v INFO, -vv VERBOSE, -vvv DEBUG)') @click.option('--all-projects', - default=False, + default=None, is_flag=True, help='include all projects') @click.option('--public/--no-public', default=None, help='flag for public items (packages, instances, VIM accounts, etc.)') +@click.option('--project-domain-name', 'project_domain_name', + default=None, + envvar='OSM_PROJECT_DOMAIN_NAME', + help='project domain name for keystone authentication (default to None). ' + + 'Also can set OSM_PROJECT_DOMAIN_NAME in environment') +@click.option('--user-domain-name', 'user_domain_name', + default=None, + envvar='OSM_USER_DOMAIN_NAME', + help='user domain name for keystone authentication (default to None). ' + + 'Also can set OSM_USER_DOMAIN_NAME in environment') #@click.option('--so-port', # default=None, # envvar='OSM_SO_PORT', @@ -124,14 +134,16 @@ def check_client_version(obj, what, version='sol005'): # help='hostname of RO server. ' + # 'Also can set OSM_RO_PORT in environment') @click.pass_context -def cli_osm(ctx, hostname, user, password, project, verbose, all_projects, public): +def cli_osm(ctx, **kwargs): global logger + hostname = kwargs.pop("hostname", None) if hostname is None: print(( "either hostname option or OSM_HOSTNAME " + "environment variable needs to be specified")) exit(1) - kwargs = {'verbose': verbose} + # Remove None values + kwargs = {k: v for k, v in kwargs.items() if v is not None} # if so_port is not None: # kwargs['so_port']=so_port # if so_project is not None: @@ -141,16 +153,16 @@ def cli_osm(ctx, hostname, user, password, project, verbose, all_projects, publi # if ro_port is not None: # kwargs['ro_port']=ro_port sol005 = os.getenv('OSM_SOL005', True) - if user is not None: - kwargs['user']=user - if password is not None: - kwargs['password']=password - if project is not None: - kwargs['project']=project - if all_projects: - kwargs['all_projects']=all_projects - if public is not None: - kwargs['public']=public +# if user is not None: +# kwargs['user']=user +# if password is not None: +# kwargs['password']=password +# if project is not None: +# kwargs['project']=project +# if all_projects: +# kwargs['all_projects']=all_projects +# if public is not None: +# kwargs['public']=public ctx.obj = client.Client(host=hostname, sol005=sol005, **kwargs) logger = logging.getLogger('osmclient') @@ -2979,15 +2991,21 @@ def repo_show(ctx, name, literal): #@click.option('--description', # default='no description', # help='human readable description') +@click.option('--domain-name', 'domain_name', + default=None, + help='assign to a domain') @click.pass_context -def project_create(ctx, name): +def project_create(ctx, name, domain_name): """Creates a new project NAME: name of the project + DOMAIN_NAME: optional domain name for the project when keystone authentication is used """ logger.debug("") project = {} project['name'] = name + if domain_name: + project['domain_name'] = domain_name # try: check_client_version(ctx.obj, ctx.command.name) ctx.obj.project.create(name, project) @@ -3103,8 +3121,11 @@ def project_update(ctx, project, name): @click.option('--project-role-mappings', 'project_role_mappings', default=None, multiple=True, help='creating user project/role(s) mapping') +@click.option('--domain-name', 'domain_name', + default=None, + help='assign to a domain') @click.pass_context -def user_create(ctx, username, password, projects, project_role_mappings): +def user_create(ctx, username, password, projects, project_role_mappings, domain_name): """Creates a new user \b @@ -3112,6 +3133,7 @@ def user_create(ctx, username, password, projects, project_role_mappings): PASSWORD: password of the user PROJECTS: projects assigned to user (internal only) PROJECT_ROLE_MAPPING: roles in projects assigned to user (keystone) + DOMAIN_NAME: optional domain name for the user when keystone authentication is used """ logger.debug("") user = {} @@ -3119,7 +3141,9 @@ def user_create(ctx, username, password, projects, project_role_mappings): user['password'] = password user['projects'] = projects user['project_role_mappings'] = project_role_mappings - + if domain_name: + user['domain_name'] = domain_name + # try: check_client_version(ctx.obj, ctx.command.name) ctx.obj.user.create(username, user) diff --git a/osmclient/sol005/client.py b/osmclient/sol005/client.py index 515de4e..379951b 100644 --- a/osmclient/sol005/client.py +++ b/osmclient/sol005/client.py @@ -55,6 +55,8 @@ class Client(object): self._user = user self._password = password self._project = project + self._project_domain_name = kwargs.get("project_domain_name") + self._user_domain_name = kwargs.get("user_domain_name") self._logger = logging.getLogger('osmclient') self._auth_endpoint = '/admin/v1/tokens' self._headers = {} @@ -103,6 +105,10 @@ class Client(object): postfields_dict = {'username': self._user, 'password': self._password, 'project_id': self._project} + if self._project_domain_name: + postfields_dict["project_domain_name"] = self._project_domain_name + if self._user_domain_name: + postfields_dict["user_domain_name"] = self._user_domain_name http_code, resp = self._http_client.post_cmd(endpoint=self._auth_endpoint, postfields_dict=postfields_dict, skip_query_admin=True) diff --git a/osmclient/sol005/user.py b/osmclient/sol005/user.py index 190fd95..660c944 100644 --- a/osmclient/sol005/user.py +++ b/osmclient/sol005/user.py @@ -19,7 +19,6 @@ OSM user mgmt API """ -from osmclient.common import utils from osmclient.common.exceptions import ClientException from osmclient.common.exceptions import NotFound import json @@ -213,13 +212,12 @@ class User(object): """ self._logger.debug("") self._client.get_token() - if utils.validate_uuid4(name): - for user in self.list(): - if name == user['_id']: - return user - else: - for user in self.list(): - if name == user['username']: - return user + # keystone with external LDAP contains large ids, not uuid format + # utils.validate_uuid4(name) cannot be used + for user in self.list(): + if name == user['_id']: + return user + if name == user['username']: + return user raise NotFound("User {} not found".format(name))