public_endpoint & admin_endpoint configuration

Today we can use these configuration values to avoid having to guess
keystone's own endpoint URL from the service catalog backend, which may
contain more than one identity endpoint.

This is also the first step towards adding self-relational links to the v3 API.

Change-Id: I375ac0d1f9581592e437c67c17bf32022f652f66

3 files changed, 21 insertions, 18 deletions

diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample
index 13a78475..ad266399 100644
--- a/etc/keystone.conf.sample
+++ b/etc/keystone.conf.sample
@@ -11,6 +11,11 @@
 # The port number which the public admin listens on
 # admin_port = 35357
 
+# The base endpoint URLs for keystone that are advertised to clients
+# (NOTE: this does NOT affect how keystone listens for connections)
+# public_endpoint = http://localhost:%(public_port)d/
+# admin_endpoint = http://localhost:%(admin_port)d/
+
 # The port number which the OpenStack Compute service listens on
 # compute_port = 8774
 
diff --git a/keystone/config.py b/keystone/config.py
index c26a518c..b81b594b 100644
--- a/keystone/config.py
+++ b/keystone/config.py
@@ -133,6 +133,8 @@ register_str('bind_host', default='0.0.0.0')
 register_str('compute_port', default=8774)
 register_str('admin_port', default=35357)
 register_str('public_port', default=5000)
+register_str('public_endpoint', default='http://localhost:%(public_port)d/')
+register_str('admin_endpoint', default='http://localhost:%(admin_port)d/')
 register_str('onready')
 register_str('auth_admin_prefix', default='')
 register_str('policy_file', default='policy.json')
diff --git a/keystone/controllers.py b/keystone/controllers.py
index a1275c18..3aaa8f59 100644
--- a/keystone/controllers.py
+++ b/keystone/controllers.py
@@ -14,11 +14,16 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-from keystone import catalog
 from keystone.common import wsgi
+from keystone.common import logging
+from keystone import config
 from keystone import exception
 
 
+LOG = logging.getLogger(__name__)
+CONF = config.CONF
+
+
 class Extensions(wsgi.Application):
     """Base extensions controller to be extended by public and admin API's."""
 
@@ -70,28 +75,19 @@ class PublicExtensions(Extensions):
 
 class Version(wsgi.Application):
     def __init__(self, version_type):
-        self.catalog_api = catalog.Manager()
-        self.url_key = '%sURL' % version_type
+        self.endpoint_url_type = version_type
 
         super(Version, self).__init__()
 
-    def _get_identity_url(self, context):
-        catalog_ref = self.catalog_api.get_catalog(context=context,
-                                                   user_id=None,
-                                                   tenant_id=None)
-        for region, region_ref in catalog_ref.iteritems():
-            for service, service_ref in region_ref.iteritems():
-                if service == 'identity':
-                    return service_ref[self.url_key]
-
-        raise exception.NotImplemented()
+    def _get_identity_url(self, version='v2.0'):
+        """Returns a URL to keystone's own endpoint."""
+        url = CONF['%s_endpoint' % self.endpoint_url_type] % CONF
+        if url[-1] != '/':
+            url += '/'
+        return '%s%s/' % (url, version)
 
     def _get_versions_list(self, context):
         """The list of versions is dependent on the context."""
-        identity_url = self._get_identity_url(context)
-        if not identity_url.endswith('/'):
-            identity_url = identity_url + '/'
-
         versions = {}
         versions['v2.0'] = {
             'id': 'v2.0',
@@ -100,7 +96,7 @@ class Version(wsgi.Application):
             'links': [
                 {
                     'rel': 'self',
-                    'href': identity_url,
+                    'href': self._get_identity_url(version='v2.0'),
                 }, {
                     'rel': 'describedby',
                     'type': 'text/html',