diff options
| author | Khaled Hussein <khaled.hussein@gmail.com> | 2011-04-25 23:51:30 +0000 |
|---|---|---|
| committer | Khaled Hussein <khaled.hussein@gmail.com> | 2011-04-25 23:51:30 +0000 |
| commit | 59b0ef0d8767aaaed7a7bedfa25dd5948e56515e (patch) | |
| tree | 082c9bbbaa0838d64cdddd4bb1c5837d701ff60f | |
| parent | c631f5f531f18684b9537e55232c25e4ae8f1050 (diff) | |
| download | keystone-59b0ef0d8767aaaed7a7bedfa25dd5948e56515e.tar.gz keystone-59b0ef0d8767aaaed7a7bedfa25dd5948e56515e.tar.xz keystone-59b0ef0d8767aaaed7a7bedfa25dd5948e56515e.zip | |
modifide middleware; echo_client works
| -rw-r--r-- | keystone/auth_protocol/auth_protocol_token.py | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/keystone/auth_protocol/auth_protocol_token.py b/keystone/auth_protocol/auth_protocol_token.py index b365a2c0..0ba3561c 100644 --- a/keystone/auth_protocol/auth_protocol_token.py +++ b/keystone/auth_protocol/auth_protocol_token.py @@ -43,6 +43,7 @@ HTTP_X_STORAGE_TOKEN: the client token being passed in (legacy Rackspace use) """ +import httplib import json from webob.exc import HTTPUnauthorized, Request @@ -73,6 +74,20 @@ class TokenAuth(object): self.delegated = int(conf.get('delegated', 0)) + def get_admin_auth_token(self, username, password, tenant): + headers = {"Content-type": "application/json", "Accept": "text/json"} + params = {"passwordCredentials": {"username": username, + "password": password, + "tenantId": "1"}} + conn = httplib.HTTPConnection("localhost:8080") + conn.request("POST", "/v1.0/token", json.dumps(params), \ + headers=headers) + response = conn.getresponse() + data = response.read() + ret = data + return ret + + def __call__(self, env, start_response): print "Handling a token-auth client call" def custom_start_response(status, headers): @@ -84,20 +99,23 @@ class TokenAuth(object): if token: # this request is claiming it has a valid token, let's check # with the auth service + auth = self.get_admin_auth_token("admin", "secrete", "1") + admin_token = json.loads(auth)["auth"]["token"]["id"] + headers = {"Content-type": "application/json", - "Accept": "text/json"} + "Accept": "text/json", + "X-Auth-Token": admin_token} conn = http_connect(self.auth_host, self.auth_port, 'GET', '/v1.0/token/%s' % token, headers=headers) resp = conn.getresponse() data = resp.read() conn.close() - #path = 'http://%s:%s/v1.0/token/%s' % \ - # (self.auth_host, self.auth_port, token) - #resp = Request.blank(path).get_response(self.app) - #data = resp.body if not str(resp.status).startswith('20'): if self.delegated: env['HTTP_X_IDENTITY_STATUS'] = "Invalid" + else: + # Unauthorized token + return HTTPUnauthorized()(env, custom_start_response) else: dict_response = json.loads(data) user = dict_response['auth']['user']['username'] |