Remove keystone middlewares.

author: Vishvananda Ishaya <vishvananda@gmail.com> 2011-09-21 10:47:07 +0000
committer: Tarmac <> 2011-09-21 10:47:07 +0000
commit: 4e985b4c71df3ae87c2027f4d6ca9d82e8266dfd (patch)
tree: 00c330c04ea2a62a14336f2ba4c06a2d6641d7e5 /nova/api
parent: 67420a537ba6bdf19aaada3ca25be30559965742 (diff)
parent: 7e7880ea2c088c330a4e27c70ef23915c5b81d4a (diff)
download: nova-4e985b4c71df3ae87c2027f4d6ca9d82e8266dfd.tar.gz
nova-4e985b4c71df3ae87c2027f4d6ca9d82e8266dfd.tar.xz
nova-4e985b4c71df3ae87c2027f4d6ca9d82e8266dfd.zip
2 files changed, 0 insertions, 83 deletions
diff --git a/nova/api/auth.py b/nova/api/auth.py
index f73cae01e..a94f28739 100644
--- a/nova/api/auth.py
+++ b/nova/api/auth.py
@@ -43,35 +43,3 @@ class InjectContext(wsgi.Middleware):
     def __call__(self, req):
         req.environ['nova.context'] = self.context
         return self.application
-
-
-class KeystoneContext(wsgi.Middleware):
-    """Make a request context from keystone headers"""
-
-    @webob.dec.wsgify(RequestClass=wsgi.Request)
-    def __call__(self, req):
-        try:
-            user_id = req.headers['X_USER']
-        except KeyError:
-            return webob.exc.HTTPUnauthorized()
-        # get the roles
-        roles = [r.strip() for r in req.headers.get('X_ROLE', '').split(',')]
-        project_id = req.headers['X_TENANT']
-        # Get the auth token
-        auth_token = req.headers.get('X_AUTH_TOKEN',
-                                     req.headers.get('X_STORAGE_TOKEN'))
-
-        # Build a context, including the auth_token...
-        remote_address = getattr(req, 'remote_address', '127.0.0.1')
-        remote_address = req.remote_addr
-        if FLAGS.use_forwarded_for:
-            remote_address = req.headers.get('X-Forwarded-For', remote_address)
-        ctx = context.RequestContext(user_id,
-                                     project_id,
-                                     roles=roles,
-                                     auth_token=auth_token,
-                                     strategy='keystone',
-                                     remote_address=remote_address)
-
-        req.environ['nova.context'] = ctx
-        return self.application
diff --git a/nova/api/ec2/__init__.py b/nova/api/ec2/__init__.py
index 3b217e62e..14bf8676a 100644
--- a/nova/api/ec2/__init__.py
+++ b/nova/api/ec2/__init__.py
@@ -46,9 +46,6 @@ flags.DEFINE_integer('lockout_minutes', 15,
                      'Number of minutes to lockout if triggered.')
 flags.DEFINE_integer('lockout_window', 15,
                      'Number of minutes for lockout window.')
-flags.DEFINE_string('keystone_ec2_url',
-                    'http://localhost:5000/v2.0/ec2tokens',
-                    'URL to get token from ec2 request.')
 flags.DECLARE('use_forwarded_for', 'nova.api.auth')
 
 
@@ -142,54 +139,6 @@ class Lockout(wsgi.Middleware):
         return res
 
 
-class ToToken(wsgi.Middleware):
-    """Authenticate an EC2 request with keystone and convert to token."""
-
-    @webob.dec.wsgify(RequestClass=wsgi.Request)
-    def __call__(self, req):
-        # Read request signature and access id.
-        try:
-            signature = req.params['Signature']
-            access = req.params['AWSAccessKeyId']
-        except KeyError:
-            raise webob.exc.HTTPBadRequest()
-
-        # Make a copy of args for authentication and signature verification.
-        auth_params = dict(req.params)
-        # Not part of authentication args
-        auth_params.pop('Signature')
-
-        # Authenticate the request.
-        creds = {'ec2Credentials': {'access': access,
-                                    'signature': signature,
-                                    'host': req.host,
-                                    'verb': req.method,
-                                    'path': req.path,
-                                    'params': auth_params,
-                                   }}
-        creds_json = utils.dumps(creds)
-        headers = {'Content-Type': 'application/json'}
-        o = urlparse(FLAGS.keystone_ec2_url)
-        if o.scheme == "http":
-            conn = httplib.HTTPConnection(o.netloc)
-        else:
-            conn = httplib.HTTPSConnection(o.netloc)
-        conn.request('POST', o.path, body=creds_json, headers=headers)
-        response = conn.getresponse().read()
-        conn.close()
-
-        # NOTE(vish): We could save a call to keystone by
-        #             having keystone return token, tenant,
-        #             user, and roles from this call.
-        result = utils.loads(response)
-        # TODO(vish): check for errors
-
-        token_id = result['auth']['token']['id']
-        # Authenticated!
-        req.headers['X-Auth-Token'] = token_id
-        return self.application
-
-
 class NoAuth(wsgi.Middleware):
     """Add user:project as 'nova.context' to WSGI environ."""
author	Vishvananda Ishaya <vishvananda@gmail.com>	2011-09-21 10:47:07 +0000
committer	Tarmac <>	2011-09-21 10:47:07 +0000
commit	4e985b4c71df3ae87c2027f4d6ca9d82e8266dfd (patch)
tree	00c330c04ea2a62a14336f2ba4c06a2d6641d7e5 /nova/api
parent	67420a537ba6bdf19aaada3ca25be30559965742 (diff)
parent	7e7880ea2c088c330a4e27c70ef23915c5b81d4a (diff)
download	nova-4e985b4c71df3ae87c2027f4d6ca9d82e8266dfd.tar.gz nova-4e985b4c71df3ae87c2027f4d6ca9d82e8266dfd.tar.xz nova-4e985b4c71df3ae87c2027f4d6ca9d82e8266dfd.zip