osapi: added support for header X-Auth-Project-Id

1 files changed, 9 insertions, 7 deletions

diff --git a/nova/api/openstack/auth.py b/nova/api/openstack/auth.py
index 6c6ee22a2..e220ffcc2 100644
--- a/nova/api/openstack/auth.py
+++ b/nova/api/openstack/auth.py
@@ -50,19 +50,21 @@ class AuthMiddleware(wsgi.Middleware):
         if not self.has_authentication(req):
             return self.authenticate(req)
         user = self.get_user_by_authentication(req)
-        accounts = self.auth.get_projects(user=user)
         if not user:
             token = req.headers["X-Auth-Token"]
             msg = _("%(user)s could not be found with token '%(token)s'")
             LOG.warn(msg % locals())
             return faults.Fault(webob.exc.HTTPUnauthorized())
 
-        if accounts:
-            #we are punting on this til auth is settled,
-            #and possibly til api v1.1 (mdragon)
-            account = accounts[0]
-        else:
-            return faults.Fault(webob.exc.HTTPUnauthorized())
+        try:
+            account = req.headers["X-Auth-Project-Id"]
+        except KeyError:
+            # FIXME: It needed only for compatibility
+            accounts = self.auth.get_projects(user=user)
+            if accounts:
+                account = accounts[0]
+            else:
+                return faults.Fault(webob.exc.HTTPUnauthorized())
 
         if not self.auth.is_admin(user) and \
            not self.auth.is_project_member(user, account):