You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jclouds.apache.org by na...@apache.org on 2017/12/20 15:48:43 UTC
jclouds git commit: Support domain and project scopes
Repository: jclouds
Updated Branches:
refs/heads/keystonev3 a33665685 -> 1a71e3cbf
Support domain and project scopes
Project: http://git-wip-us.apache.org/repos/asf/jclouds/repo
Commit: http://git-wip-us.apache.org/repos/asf/jclouds/commit/1a71e3cb
Tree: http://git-wip-us.apache.org/repos/asf/jclouds/tree/1a71e3cb
Diff: http://git-wip-us.apache.org/repos/asf/jclouds/diff/1a71e3cb
Branch: refs/heads/keystonev3
Commit: 1a71e3cbfd62929ad972709c396d496523ceb13a
Parents: a336656
Author: Ignasi Barrera <na...@apache.org>
Authored: Wed Dec 20 16:48:34 2017 +0100
Committer: Ignasi Barrera <na...@apache.org>
Committed: Wed Dec 20 16:48:34 2017 +0100
----------------------------------------------------------------------
.../auth/domain/TenantAndCredentials.java | 4 +-
.../auth/functions/BaseAuthenticator.java | 8 +--
.../keystone/config/KeystoneProperties.java | 20 ++++----
.../v3/binders/BindAuthToJsonPayload.java | 18 ++++++-
.../openstack/keystone/v3/domain/Auth.java | 51 +++++++++++++++-----
5 files changed, 70 insertions(+), 31 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/jclouds/blob/1a71e3cb/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java
----------------------------------------------------------------------
diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java
index caac935..2b5db82 100644
--- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java
+++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java
@@ -29,7 +29,7 @@ public abstract class TenantAndCredentials<T> {
@Nullable public abstract String tenantId();
@Nullable public abstract String tenantName();
- @Nullable public abstract String projectId();
+ @Nullable public abstract String scope();
public abstract T credentials();
TenantAndCredentials() {
@@ -44,7 +44,7 @@ public abstract class TenantAndCredentials<T> {
public abstract static class Builder<T> {
public abstract Builder<T> tenantId(String tenantId);
public abstract Builder<T> tenantName(String tenantName);
- public abstract Builder<T> projectId(String projectId);
+ public abstract Builder<T> scope(String scope);
public abstract Builder<T> credentials(T credentials);
public abstract TenantAndCredentials<T> build();
http://git-wip-us.apache.org/repos/asf/jclouds/blob/1a71e3cb/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java
----------------------------------------------------------------------
diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java
index 7d07da4..3e53cc0 100644
--- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java
+++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java
@@ -17,8 +17,8 @@
package org.jclouds.openstack.keystone.auth.functions;
import static com.google.common.base.Preconditions.checkState;
-import static org.jclouds.openstack.keystone.config.KeystoneProperties.PROJECT_ID;
import static org.jclouds.openstack.keystone.config.KeystoneProperties.REQUIRES_TENANT;
+import static org.jclouds.openstack.keystone.config.KeystoneProperties.SCOPE;
import static org.jclouds.openstack.keystone.config.KeystoneProperties.TENANT_ID;
import static org.jclouds.openstack.keystone.config.KeystoneProperties.TENANT_NAME;
@@ -52,8 +52,8 @@ public abstract class BaseAuthenticator<C> implements Function<Credentials, Auth
protected boolean requiresTenant;
@Inject(optional = true)
- @Named(PROJECT_ID)
- protected String projectId;
+ @Named(SCOPE)
+ protected String scope;
@PostConstruct
public void checkPropertiesAreCompatible() {
@@ -81,7 +81,7 @@ public abstract class BaseAuthenticator<C> implements Function<Credentials, Auth
C creds = createCredentials(usernameOrAccessKey, passwordOrSecretKeyOrToken);
TenantAndCredentials<C> credsWithTenant = TenantAndCredentials.<C> builder().tenantId(defaultTenantId)
- .tenantName(tenantName).projectId(projectId).credentials(creds).build();
+ .tenantName(tenantName).scope(scope).credentials(creds).build();
return authenticate(credsWithTenant);
}
http://git-wip-us.apache.org/repos/asf/jclouds/blob/1a71e3cb/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/config/KeystoneProperties.java
----------------------------------------------------------------------
diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/config/KeystoneProperties.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/config/KeystoneProperties.java
index 177bd92..bab41a4 100644
--- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/config/KeystoneProperties.java
+++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/config/KeystoneProperties.java
@@ -67,20 +67,18 @@ public final class KeystoneProperties {
public static final String REQUIRES_TENANT = "jclouds.keystone.requires-tenant";
/**
- * set this property to specify the authentication must be scoped to the project.
- *
- * @see <a href="http://wiki.openstack.org/CLIAuth">openstack docs</a>
- */
- @SinceApiVersion("3")
- public static final String SCOPED_AUTH = "jclouds.keystone.scoped-auth";
-
- /**
- * set this property to specify project id to sue for scoped authentication.
+ * set this property to specify for scoped authentication.
* <p>
- * if not present, jclouds will automatically scope the authentication to the current user's project
+ * The format is one of the following:
+ * <ul>
+ * <li>project:<project-id></li>
+ * <li>domain:<domain-name></li>
+ * <li></li>
+ * </ul>
+ * For example: <code>project:457841231597451534</code>
*/
@SinceApiVersion("3")
- public static final String PROJECT_ID = "jclouds.keystone.project-id";
+ public static final String SCOPE = "jclouds.keystone.scope";
/**
* type of the keystone service. ex. {@code compute}
http://git-wip-us.apache.org/repos/asf/jclouds/blob/1a71e3cb/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java
----------------------------------------------------------------------
diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java
index 84f754f..a5d0367 100644
--- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java
+++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java
@@ -20,14 +20,20 @@ import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Predicates.instanceOf;
import static com.google.common.collect.Iterables.tryFind;
+import static org.jclouds.openstack.keystone.v3.domain.Auth.Scope.DOMAIN;
+import static org.jclouds.openstack.keystone.v3.domain.Auth.Scope.PROJECT;
import java.util.Map;
import org.jclouds.http.HttpRequest;
+import org.jclouds.javax.annotation.Nullable;
import org.jclouds.json.Json;
import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials;
import org.jclouds.openstack.keystone.v3.domain.Auth;
+import org.jclouds.openstack.keystone.v3.domain.Auth.Domain;
+import org.jclouds.openstack.keystone.v3.domain.Auth.DomainScope;
import org.jclouds.openstack.keystone.v3.domain.Auth.Id;
+import org.jclouds.openstack.keystone.v3.domain.Auth.ProjectScope;
import org.jclouds.openstack.keystone.v3.domain.Auth.Scope;
import org.jclouds.rest.MapBinder;
import org.jclouds.rest.binders.BindToJsonPayload;
@@ -56,7 +62,7 @@ public abstract class BindAuthToJsonPayload<T> extends BindToJsonPayload impleme
@SuppressWarnings("unchecked")
TenantAndCredentials<T> credentials = (TenantAndCredentials<T>) authentication.get();
- Scope scope = credentials.projectId() == null ? null : Scope.create(Id.create(credentials.projectId()));
+ Scope scope = parseScope(credentials.scope());
Auth auth = buildAuth(credentials, scope);
R authRequest = super.bindToRequest(request, ImmutableMap.of("auth", auth));
@@ -64,5 +70,15 @@ public abstract class BindAuthToJsonPayload<T> extends BindToJsonPayload impleme
return authRequest;
}
+
+ private Scope parseScope(@Nullable String input) {
+ if (input == null) return null;
+ String[] parts = input.split(":");
+ checkArgument(parts.length == 2, "Invalid scope: %s", input);
+ checkArgument(PROJECT.equals(parts[0]) || DOMAIN.equals(parts[0]), "Scope prefix should be '%s' or '%s'",
+ PROJECT, DOMAIN);
+ return PROJECT.equals(parts[0]) ? ProjectScope.create(Id.create(parts[1])) : DomainScope.create(Domain
+ .create(parts[1]));
+ }
}
http://git-wip-us.apache.org/repos/asf/jclouds/blob/1a71e3cb/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java
----------------------------------------------------------------------
diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java
index aece0aa..ef6b795 100644
--- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java
+++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java
@@ -34,16 +34,6 @@ public abstract class Auth {
}
@AutoValue
- public abstract static class Id {
- public abstract String id();
-
- @SerializedNames({ "id" })
- public static Id create(String id) {
- return new AutoValue_Auth_Id(id);
- }
- }
-
- @AutoValue
public abstract static class Identity {
public abstract List<String> methods();
@Nullable public abstract Id token();
@@ -86,14 +76,49 @@ public abstract class Auth {
}
}
}
+
+ @AutoValue
+ public abstract static class Id {
+ public abstract String id();
+
+ @SerializedNames({ "id" })
+ public static Id create(String id) {
+ return new AutoValue_Auth_Id(id);
+ }
+ }
+
+ @AutoValue
+ public abstract static class Domain {
+ @Nullable public abstract String name();
+
+ @SerializedNames({ "name" })
+ public static Domain create(String name) {
+ return new AutoValue_Auth_Domain(name);
+ }
+ }
+
+ public static interface Scope {
+ public static final String PROJECT = "project";
+ public static final String DOMAIN = "domain";
+ }
@AutoValue
- public abstract static class Scope {
+ public abstract static class ProjectScope implements Scope {
public abstract Id project();
@SerializedNames({ "project" })
- public static Scope create(Id id) {
- return new AutoValue_Auth_Scope(id);
+ public static ProjectScope create(Id id) {
+ return new AutoValue_Auth_ProjectScope(id);
+ }
+ }
+
+ @AutoValue
+ public abstract static class DomainScope implements Scope {
+ public abstract Domain domain();
+
+ @SerializedNames({ "domain" })
+ public static DomainScope create(Domain domain) {
+ return new AutoValue_Auth_DomainScope(domain);
}
}
}