You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@libcloud.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2014/05/30 14:44:01 UTC

[jira] [Commented] (LIBCLOUD-568) Fixing cross service OAuth scopes for Google Compute Engine / DNS / Storage

    [ https://issues.apache.org/jira/browse/LIBCLOUD-568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14013602#comment-14013602 ] 

ASF GitHub Bot commented on LIBCLOUD-568:
-----------------------------------------

GitHub user erjohnso opened a pull request:

    https://github.com/apache/libcloud/pull/302

    [LIBCLOUD-568] Fixing cross service OAuth scopes for Google Compute Engine / DNS / Storage

    Prior to this fix, a user could call "get_driver()" for GCE but authorization was only allowed for the "compute" scope.  With the addition of the DNS module, users calling its "get_driver()" would only be authorized to the DNS service.
    
    This change allows scopes to be set as keyword params in get_driver() (or via secrets.py) that get propagated down to the authorization connection class.  The default behavior is to grant authorization via scopes to all supported google services (compute, storage, dns).
    
    It should be noted that the storage authorization via oauth scopes is bogus, but sets the stage for future enhancements we expect to contribute over the summer.
    
    @wrigri, @franckcuny - A review would be much appreciated!

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/erjohnso/libcloud LIBCLOUD-568_google_oauth

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/libcloud/pull/302.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #302
    
----
commit 23e86256770e389741196d59f00554e8b76ea2d5
Author: Eric Johnson <er...@google.com>
Date:   2014-05-30T12:33:47Z

    update to allow simultaneous authorization for all supported google services

----


> Fixing cross service OAuth scopes for Google Compute Engine / DNS / Storage
> ---------------------------------------------------------------------------
>
>                 Key: LIBCLOUD-568
>                 URL: https://issues.apache.org/jira/browse/LIBCLOUD-568
>             Project: Libcloud
>          Issue Type: Improvement
>          Components: Compute, DNS, Storage
>            Reporter: Eric Johnson
>
> Currently, a user cannot authenticate to both Google Compute Engine and Google Cloud DNS at the same time.  Each underlying call to "get_driver()" sets a specific OAuth scope that precludes authorization to the other service.
> Incoming fix propagates scopes set during create_driver() down to the connection class.  If no scopes are set (likely the main use-case), then full read/write scopes are set for Compute, Storage, and DNS.



--
This message was sent by Atlassian JIRA
(v6.2#6252)