Default to domain scoped authentication
Project: http://git-wip-us.apache.org/repos/asf/jclouds/repo Commit: http://git-wip-us.apache.org/repos/asf/jclouds/commit/851aae7b Tree: http://git-wip-us.apache.org/repos/asf/jclouds/tree/851aae7b Diff: http://git-wip-us.apache.org/repos/asf/jclouds/diff/851aae7b Branch: refs/heads/keystonev3 Commit: 851aae7bbae5da802fe66e00e5f5844710e17080 Parents: 3dbdbbf Author: Ignasi Barrera <[email protected]> Authored: Wed Jan 10 15:27:40 2018 +0100 Committer: Ignasi Barrera <[email protected]> Committed: Thu Jan 11 16:21:31 2018 +0100 ---------------------------------------------------------------------- .../keystone/auth/AuthenticationApi.java | 8 +-- .../auth/domain/TenantAndCredentials.java | 52 -------------------- .../domain/TenantOrDomainAndCredentials.java | 52 ++++++++++++++++++++ .../AuthenticateApiAccessKeyCredentials.java | 4 +- .../AuthenticatePasswordCredentials.java | 4 +- .../functions/AuthenticateTokenCredentials.java | 4 +- .../auth/functions/BaseAuthenticator.java | 8 +-- .../keystone/v2_0/auth/V2AuthenticationApi.java | 6 +-- .../v2_0/binders/BindAuthToJsonPayload.java | 18 +++---- .../keystone/v3/KeystoneApiMetadata.java | 2 +- .../keystone/v3/auth/V3AuthenticationApi.java | 6 +-- .../v3/binders/BindAuthToJsonPayload.java | 30 +++++++---- .../binders/BindPasswordAuthToJsonPayload.java | 7 ++- .../v3/binders/BindTokenAuthToJsonPayload.java | 5 +- .../openstack/keystone/v3/domain/Auth.java | 15 +++--- .../openstack/keystone/v3/domain/Endpoint.java | 11 ++--- .../v3/auth/V3AuthenticationApiLiveTest.java | 12 ++--- .../v3/auth/V3AuthenticationApiMockTest.java | 18 +++---- .../src/test/resources/v3/auth-password.json | 3 +- .../src/test/resources/v3/auth-token.json | 3 +- 20 files changed, 137 insertions(+), 131 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/AuthenticationApi.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/AuthenticationApi.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/AuthenticationApi.java index ea66e34..cc6053e 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/AuthenticationApi.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/AuthenticationApi.java @@ -18,7 +18,7 @@ package org.jclouds.openstack.keystone.auth; import org.jclouds.openstack.keystone.auth.domain.ApiAccessKeyCredentials; import org.jclouds.openstack.keystone.auth.domain.AuthInfo; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.auth.domain.PasswordCredentials; import org.jclouds.openstack.keystone.auth.domain.TokenCredentials; @@ -27,9 +27,9 @@ import org.jclouds.openstack.keystone.auth.domain.TokenCredentials; */ public interface AuthenticationApi { - AuthInfo authenticatePassword(TenantAndCredentials<PasswordCredentials> credentials); + AuthInfo authenticatePassword(TenantOrDomainAndCredentials<PasswordCredentials> credentials); - AuthInfo authenticateAccessKey(TenantAndCredentials<ApiAccessKeyCredentials> credentials); + AuthInfo authenticateAccessKey(TenantOrDomainAndCredentials<ApiAccessKeyCredentials> credentials); - AuthInfo authenticateToken(TenantAndCredentials<TokenCredentials> credentials); + AuthInfo authenticateToken(TenantOrDomainAndCredentials<TokenCredentials> credentials); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java deleted file mode 100644 index 2b5db82..0000000 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantAndCredentials.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.jclouds.openstack.keystone.auth.domain; - -import org.jclouds.javax.annotation.Nullable; - -import com.google.auto.value.AutoValue; - -/** - * Keystone credentials with tenant. Configure the tenant properties to the - * configured context credentials. - */ -@AutoValue -public abstract class TenantAndCredentials<T> { - - @Nullable public abstract String tenantId(); - @Nullable public abstract String tenantName(); - @Nullable public abstract String scope(); - public abstract T credentials(); - - TenantAndCredentials() { - - } - - public static <T> Builder<T> builder() { - return new AutoValue_TenantAndCredentials.Builder<T>(); - } - - @AutoValue.Builder - public abstract static class Builder<T> { - public abstract Builder<T> tenantId(String tenantId); - public abstract Builder<T> tenantName(String tenantName); - public abstract Builder<T> scope(String scope); - public abstract Builder<T> credentials(T credentials); - - public abstract TenantAndCredentials<T> build(); - } -} http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantOrDomainAndCredentials.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantOrDomainAndCredentials.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantOrDomainAndCredentials.java new file mode 100644 index 0000000..b30f3fc --- /dev/null +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/domain/TenantOrDomainAndCredentials.java @@ -0,0 +1,52 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.jclouds.openstack.keystone.auth.domain; + +import org.jclouds.javax.annotation.Nullable; + +import com.google.auto.value.AutoValue; + +/** + * Keystone credentials with tenant. Configure the tenant properties to the + * configured context credentials. + */ +@AutoValue +public abstract class TenantOrDomainAndCredentials<T> { + + @Nullable public abstract String tenantOrDomainId(); + @Nullable public abstract String tenantOrDomainName(); + @Nullable public abstract String scope(); + public abstract T credentials(); + + TenantOrDomainAndCredentials() { + + } + + public static <T> Builder<T> builder() { + return new AutoValue_TenantOrDomainAndCredentials.Builder<T>(); + } + + @AutoValue.Builder + public abstract static class Builder<T> { + public abstract Builder<T> tenantOrDomainId(String tenantId); + public abstract Builder<T> tenantOrDomainName(String tenantName); + public abstract Builder<T> scope(String scope); + public abstract Builder<T> credentials(T credentials); + + public abstract TenantOrDomainAndCredentials<T> build(); + } +} http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateApiAccessKeyCredentials.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateApiAccessKeyCredentials.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateApiAccessKeyCredentials.java index ead326e..47c2fcc 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateApiAccessKeyCredentials.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateApiAccessKeyCredentials.java @@ -25,7 +25,7 @@ import org.jclouds.openstack.keystone.auth.AuthenticationApi; import org.jclouds.openstack.keystone.auth.config.CredentialType; import org.jclouds.openstack.keystone.auth.domain.ApiAccessKeyCredentials; import org.jclouds.openstack.keystone.auth.domain.AuthInfo; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; @CredentialType(API_ACCESS_KEY_CREDENTIALS) @Singleton @@ -44,7 +44,7 @@ public class AuthenticateApiAccessKeyCredentials extends BaseAuthenticator<ApiAc } @Override - public AuthInfo authenticate(TenantAndCredentials<ApiAccessKeyCredentials> credentials) { + public AuthInfo authenticate(TenantOrDomainAndCredentials<ApiAccessKeyCredentials> credentials) { return auth.authenticateAccessKey(credentials); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticatePasswordCredentials.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticatePasswordCredentials.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticatePasswordCredentials.java index dc31b75..2513bd2 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticatePasswordCredentials.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticatePasswordCredentials.java @@ -24,7 +24,7 @@ import javax.inject.Singleton; import org.jclouds.openstack.keystone.auth.AuthenticationApi; import org.jclouds.openstack.keystone.auth.config.CredentialType; import org.jclouds.openstack.keystone.auth.domain.AuthInfo; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.auth.domain.PasswordCredentials; @CredentialType(PASSWORD_CREDENTIALS) @@ -44,7 +44,7 @@ public class AuthenticatePasswordCredentials extends BaseAuthenticator<PasswordC } @Override - public AuthInfo authenticate(TenantAndCredentials<PasswordCredentials> credentials) { + public AuthInfo authenticate(TenantOrDomainAndCredentials<PasswordCredentials> credentials) { return auth.authenticatePassword(credentials); } } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateTokenCredentials.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateTokenCredentials.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateTokenCredentials.java index 70d6381..fac0289 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateTokenCredentials.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/AuthenticateTokenCredentials.java @@ -24,7 +24,7 @@ import javax.inject.Singleton; import org.jclouds.openstack.keystone.auth.AuthenticationApi; import org.jclouds.openstack.keystone.auth.config.CredentialType; import org.jclouds.openstack.keystone.auth.domain.AuthInfo; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.auth.domain.TokenCredentials; @CredentialType(TOKEN_CREDENTIALS) @@ -44,7 +44,7 @@ public class AuthenticateTokenCredentials extends BaseAuthenticator<TokenCredent } @Override - public AuthInfo authenticate(TenantAndCredentials<TokenCredentials> credentials) { + public AuthInfo authenticate(TenantOrDomainAndCredentials<TokenCredentials> credentials) { return auth.authenticateToken(credentials); } } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java index 3e53cc0..a9158fb 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/auth/functions/BaseAuthenticator.java @@ -28,7 +28,7 @@ import javax.annotation.Resource; import org.jclouds.domain.Credentials; import org.jclouds.logging.Logger; import org.jclouds.openstack.keystone.auth.domain.AuthInfo; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import com.google.common.base.Function; import com.google.inject.Inject; @@ -80,14 +80,14 @@ public abstract class BaseAuthenticator<C> implements Function<Credentials, Auth } C creds = createCredentials(usernameOrAccessKey, passwordOrSecretKeyOrToken); - TenantAndCredentials<C> credsWithTenant = TenantAndCredentials.<C> builder().tenantId(defaultTenantId) - .tenantName(tenantName).scope(scope).credentials(creds).build(); + TenantOrDomainAndCredentials<C> credsWithTenant = TenantOrDomainAndCredentials.<C> builder().tenantOrDomainId(defaultTenantId) + .tenantOrDomainName(tenantName).scope(scope).credentials(creds).build(); return authenticate(credsWithTenant); } public abstract C createCredentials(String identity, String credential); - public abstract AuthInfo authenticate(TenantAndCredentials<C> credentials); + public abstract AuthInfo authenticate(TenantOrDomainAndCredentials<C> credentials); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/auth/V2AuthenticationApi.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/auth/V2AuthenticationApi.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/auth/V2AuthenticationApi.java index 3efe4f8..a5c2220 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/auth/V2AuthenticationApi.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/auth/V2AuthenticationApi.java @@ -26,7 +26,7 @@ import javax.ws.rs.core.MediaType; import org.jclouds.openstack.keystone.auth.AuthenticationApi; import org.jclouds.openstack.keystone.auth.domain.ApiAccessKeyCredentials; import org.jclouds.openstack.keystone.auth.domain.PasswordCredentials; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.v2_0.binders.BindAuthToJsonPayload; import org.jclouds.openstack.keystone.v2_0.domain.Access; import org.jclouds.rest.annotations.MapBinder; @@ -51,7 +51,7 @@ public interface V2AuthenticationApi extends AuthenticationApi, Closeable { @SelectJson("access") @MapBinder(BindAuthToJsonPayload.class) @Override - Access authenticatePassword(TenantAndCredentials<PasswordCredentials> credentials); + Access authenticatePassword(TenantOrDomainAndCredentials<PasswordCredentials> credentials); /** * Authenticate to generate a token. @@ -63,6 +63,6 @@ public interface V2AuthenticationApi extends AuthenticationApi, Closeable { @SelectJson("access") @MapBinder(BindAuthToJsonPayload.class) @Override - Access authenticateAccessKey(TenantAndCredentials<ApiAccessKeyCredentials> credentials); + Access authenticateAccessKey(TenantOrDomainAndCredentials<ApiAccessKeyCredentials> credentials); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/binders/BindAuthToJsonPayload.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/binders/BindAuthToJsonPayload.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/binders/BindAuthToJsonPayload.java index 5661947..9980830 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/binders/BindAuthToJsonPayload.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v2_0/binders/BindAuthToJsonPayload.java @@ -30,7 +30,7 @@ import javax.inject.Singleton; import org.jclouds.http.HttpRequest; import org.jclouds.json.Json; import org.jclouds.openstack.keystone.auth.config.CredentialType; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.rest.MapBinder; import org.jclouds.rest.binders.BindToJsonPayload; import org.jclouds.rest.internal.GeneratedHttpRequest; @@ -47,9 +47,9 @@ public class BindAuthToJsonPayload extends BindToJsonPayload implements MapBinde super(jsonBinder); } - protected TenantAndCredentials<?> findCredentialsInArgs(GeneratedHttpRequest gRequest) { - Optional<Object> credentials = tryFind(gRequest.getInvocation().getArgs(), instanceOf(TenantAndCredentials.class)); - return credentials.isPresent() ? (TenantAndCredentials<?>) credentials.get() : null; + protected TenantOrDomainAndCredentials<?> findCredentialsInArgs(GeneratedHttpRequest gRequest) { + Optional<Object> credentials = tryFind(gRequest.getInvocation().getArgs(), instanceOf(TenantOrDomainAndCredentials.class)); + return credentials.isPresent() ? (TenantOrDomainAndCredentials<?>) credentials.get() : null; } @Override @@ -59,7 +59,7 @@ public class BindAuthToJsonPayload extends BindToJsonPayload implements MapBinde GeneratedHttpRequest gRequest = (GeneratedHttpRequest) request; Builder<String, Object> builder = ImmutableMap.builder(); - TenantAndCredentials<?> credentials = findCredentialsInArgs(gRequest); + TenantOrDomainAndCredentials<?> credentials = findCredentialsInArgs(gRequest); if (credentials != null) { CredentialType credentialType = findCredentialType(credentials.credentials().getClass()); checkArgument(credentialType != null, "the given credentials must be annotated with @CredentialType"); @@ -69,10 +69,10 @@ public class BindAuthToJsonPayload extends BindToJsonPayload implements MapBinde // TODO: is tenantName permanent? or should we switch to tenantId at // some point. seems most tools still use tenantName if (credentials != null) { - if (!Strings.isNullOrEmpty(credentials.tenantId())) - builder.put("tenantId", credentials.tenantId()); - else if (!Strings.isNullOrEmpty(credentials.tenantName())) - builder.put("tenantName", credentials.tenantName()); + if (!Strings.isNullOrEmpty(credentials.tenantOrDomainId())) + builder.put("tenantId", credentials.tenantOrDomainId()); + else if (!Strings.isNullOrEmpty(credentials.tenantOrDomainName())) + builder.put("tenantName", credentials.tenantOrDomainName()); } } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/KeystoneApiMetadata.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/KeystoneApiMetadata.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/KeystoneApiMetadata.java index dc360d9..14fe19a 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/KeystoneApiMetadata.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/KeystoneApiMetadata.java @@ -67,7 +67,7 @@ public class KeystoneApiMetadata extends BaseHttpApiMetadata<KeystoneApi> { protected Builder() { id("openstack-keystone-3") .name("OpenStack Keystone 3.x API") - .identityName("${projectName}:${userName} or ${userName}, if your keystone supports a default project") + .identityName("${domain}:${userName} or ${userName}, if your keystone supports a default project") .credentialName("${password}") .endpointName("Keystone V3 base URL") .documentation(URI.create("http://api.openstack.org/";)) http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApi.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApi.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApi.java index 0d99b66..0902f65 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApi.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApi.java @@ -25,7 +25,7 @@ import javax.ws.rs.core.MediaType; import org.jclouds.openstack.keystone.auth.AuthenticationApi; import org.jclouds.openstack.keystone.auth.domain.PasswordCredentials; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.auth.domain.TokenCredentials; import org.jclouds.openstack.keystone.v3.binders.BindPasswordAuthToJsonPayload; import org.jclouds.openstack.keystone.v3.binders.BindTokenAuthToJsonPayload; @@ -48,13 +48,13 @@ public interface V3AuthenticationApi extends AuthenticationApi, Closeable { @ResponseParser(ParseTokenFromHttpResponse.class) @MapBinder(BindPasswordAuthToJsonPayload.class) @Override - Token authenticatePassword(TenantAndCredentials<PasswordCredentials> credentials); + Token authenticatePassword(TenantOrDomainAndCredentials<PasswordCredentials> credentials); @Named("token:create") @POST @ResponseParser(ParseTokenFromHttpResponse.class) @MapBinder(BindTokenAuthToJsonPayload.class) @Override - Token authenticateToken(TenantAndCredentials<TokenCredentials> credentials); + Token authenticateToken(TenantOrDomainAndCredentials<TokenCredentials> credentials); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java index a5d0367..9ecbad7 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindAuthToJsonPayload.java @@ -26,9 +26,8 @@ import static org.jclouds.openstack.keystone.v3.domain.Auth.Scope.PROJECT; import java.util.Map; import org.jclouds.http.HttpRequest; -import org.jclouds.javax.annotation.Nullable; import org.jclouds.json.Json; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.v3.domain.Auth; import org.jclouds.openstack.keystone.v3.domain.Auth.Domain; import org.jclouds.openstack.keystone.v3.domain.Auth.DomainScope; @@ -48,7 +47,7 @@ public abstract class BindAuthToJsonPayload<T> extends BindToJsonPayload impleme super(jsonBinder); } - protected abstract Auth buildAuth(TenantAndCredentials<T> credentials, Scope scope); + protected abstract Auth buildAuth(TenantOrDomainAndCredentials<T> credentials, Object scope); @Override public <R extends HttpRequest> R bindToRequest(R request, Map<String, Object> postParams) { @@ -57,12 +56,12 @@ public abstract class BindAuthToJsonPayload<T> extends BindToJsonPayload impleme GeneratedHttpRequest gRequest = (GeneratedHttpRequest) request; Optional<Object> authentication = tryFind(gRequest.getInvocation().getArgs(), - instanceOf(TenantAndCredentials.class)); + instanceOf(TenantOrDomainAndCredentials.class)); checkArgument(authentication.isPresent(), "no credentials found in the api call arguments"); @SuppressWarnings("unchecked") - TenantAndCredentials<T> credentials = (TenantAndCredentials<T>) authentication.get(); - Scope scope = parseScope(credentials.scope()); + TenantOrDomainAndCredentials<T> credentials = (TenantOrDomainAndCredentials<T>) authentication.get(); + Object scope = parseScope(credentials); Auth auth = buildAuth(credentials, scope); R authRequest = super.bindToRequest(request, ImmutableMap.of("auth", auth)); @@ -71,10 +70,21 @@ public abstract class BindAuthToJsonPayload<T> extends BindToJsonPayload impleme return authRequest; } - private Scope parseScope(@Nullable String input) { - if (input == null) return null; - String[] parts = input.split(":"); - checkArgument(parts.length == 2, "Invalid scope: %s", input); + private Object parseScope(TenantOrDomainAndCredentials<T> credentials) { + // If no scope has been explicitly configured, use a domain-scoped + // authentication, as we have everything we need. + String scope = credentials.scope(); + if (scope == null) { + return DomainScope.create(Domain.create(credentials.tenantOrDomainName())); + } + // If there is no prefix, assume an unscoped authentication + if (!scope.contains(":")) { + checkArgument(scope.equals(Scope.UNSCOPED), "Invalid scope: %s", scope); + return Scope.UNSCOPED; + } + // Otherwise, parse if it is a project or domain scope + String[] parts = scope.split(":"); + checkArgument(parts.length == 2, "Invalid scope: %s", scope); checkArgument(PROJECT.equals(parts[0]) || DOMAIN.equals(parts[0]), "Scope prefix should be '%s' or '%s'", PROJECT, DOMAIN); return PROJECT.equals(parts[0]) ? ProjectScope.create(Id.create(parts[1])) : DomainScope.create(Domain http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindPasswordAuthToJsonPayload.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindPasswordAuthToJsonPayload.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindPasswordAuthToJsonPayload.java index 5f779c3..40c94f8 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindPasswordAuthToJsonPayload.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindPasswordAuthToJsonPayload.java @@ -23,13 +23,12 @@ import javax.inject.Singleton; import org.jclouds.json.Json; import org.jclouds.openstack.keystone.auth.domain.PasswordCredentials; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.v3.domain.Auth; import org.jclouds.openstack.keystone.v3.domain.Auth.Identity; import org.jclouds.openstack.keystone.v3.domain.Auth.Identity.PasswordAuth; import org.jclouds.openstack.keystone.v3.domain.Auth.Identity.PasswordAuth.UserAuth; import org.jclouds.openstack.keystone.v3.domain.Auth.Identity.PasswordAuth.UserAuth.DomainAuth; -import org.jclouds.openstack.keystone.v3.domain.Auth.Scope; @Singleton public class BindPasswordAuthToJsonPayload extends BindAuthToJsonPayload<PasswordCredentials> { @@ -40,9 +39,9 @@ public class BindPasswordAuthToJsonPayload extends BindAuthToJsonPayload<Passwor } @Override - protected Auth buildAuth(TenantAndCredentials<PasswordCredentials> credentials, Scope scope) { + protected Auth buildAuth(TenantOrDomainAndCredentials<PasswordCredentials> credentials, Object scope) { PasswordCredentials creds = credentials.credentials(); - DomainAuth domain = DomainAuth.create(credentials.tenantName()); + DomainAuth domain = DomainAuth.create(credentials.tenantOrDomainName()); UserAuth user = UserAuth.create(creds.username(), domain, creds.password()); return Auth.create(Identity.create(singletonList("password"), null, PasswordAuth.create(user)), scope); http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindTokenAuthToJsonPayload.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindTokenAuthToJsonPayload.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindTokenAuthToJsonPayload.java index 15dfb3d..439baa2 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindTokenAuthToJsonPayload.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/binders/BindTokenAuthToJsonPayload.java @@ -22,12 +22,11 @@ import javax.inject.Inject; import javax.inject.Singleton; import org.jclouds.json.Json; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.auth.domain.TokenCredentials; import org.jclouds.openstack.keystone.v3.domain.Auth; import org.jclouds.openstack.keystone.v3.domain.Auth.Id; import org.jclouds.openstack.keystone.v3.domain.Auth.Identity; -import org.jclouds.openstack.keystone.v3.domain.Auth.Scope; @Singleton public class BindTokenAuthToJsonPayload extends BindAuthToJsonPayload<TokenCredentials> { @@ -38,7 +37,7 @@ public class BindTokenAuthToJsonPayload extends BindAuthToJsonPayload<TokenCrede } @Override - protected Auth buildAuth(TenantAndCredentials<TokenCredentials> credentials, Scope scope) { + protected Auth buildAuth(TenantOrDomainAndCredentials<TokenCredentials> credentials, Object scope) { Id token = Id.create(credentials.credentials().id()); return Auth.create(Identity.create(singletonList("token"), token, null), scope); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java index c708836..9f2be4c 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Auth.java @@ -26,10 +26,10 @@ import com.google.auto.value.AutoValue; @AutoValue public abstract class Auth { public abstract Identity identity(); - @Nullable public abstract Scope scope(); + @Nullable public abstract Object scope(); @SerializedNames({ "identity", "scope" }) - public static Auth create(Identity identity, Scope scope) { + public static Auth create(Identity identity, Object scope) { return new AutoValue_Auth(identity, scope); } @@ -97,26 +97,27 @@ public abstract class Auth { } } - public abstract static class Scope { + public static class Scope { public static final String PROJECT = "project"; public static final String DOMAIN = "domain"; + public static final String UNSCOPED = "unscoped"; } @AutoValue - public abstract static class ProjectScope extends Scope { + public abstract static class ProjectScope { public abstract Id project(); - @SerializedNames({ PROJECT }) + @SerializedNames({ Scope.PROJECT }) public static ProjectScope create(Id id) { return new AutoValue_Auth_ProjectScope(id); } } @AutoValue - public abstract static class DomainScope extends Scope { + public abstract static class DomainScope { public abstract Domain domain(); - @SerializedNames({ DOMAIN }) + @SerializedNames({ Scope.DOMAIN }) public static DomainScope create(Domain domain) { return new AutoValue_Auth_DomainScope(domain); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Endpoint.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Endpoint.java b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Endpoint.java index 5a06345..4e268d5 100644 --- a/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Endpoint.java +++ b/apis/openstack-keystone/src/main/java/org/jclouds/openstack/keystone/v3/domain/Endpoint.java @@ -17,14 +17,11 @@ package org.jclouds.openstack.keystone.v3.domain; import java.net.URI; -import java.util.List; import org.jclouds.javax.annotation.Nullable; import org.jclouds.json.SerializedNames; -import org.jclouds.openstack.v2_0.domain.Link; import com.google.auto.value.AutoValue; -import com.google.common.collect.ImmutableList; @AutoValue public abstract class Endpoint { @@ -35,14 +32,12 @@ public abstract class Endpoint { @Nullable public abstract String serviceId(); public abstract URI url(); @Nullable public abstract Boolean enabled(); - @Nullable public abstract List<Link> links(); public abstract String iface(); - @SerializedNames({ "id", "region", "region_id", "service_id", "url", "enabled", "links", "interface" }) + @SerializedNames({ "id", "region", "region_id", "service_id", "url", "enabled", "interface" }) public static Endpoint create(String id, String region, String regionId, String serviceId, URI url, Boolean enabled, - List<Link> links, String iface) { - return new AutoValue_Endpoint(id, region, regionId, serviceId, url, enabled, - links == null ? ImmutableList.<Link> of() : ImmutableList.copyOf(links), iface); + String iface) { + return new AutoValue_Endpoint(id, region, regionId, serviceId, url, enabled, iface); } Endpoint() { http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiLiveTest.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiLiveTest.java b/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiLiveTest.java index 605134d..af66284 100644 --- a/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiLiveTest.java +++ b/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiLiveTest.java @@ -21,7 +21,7 @@ import static org.testng.Assert.assertNotNull; import java.util.Properties; import org.jclouds.openstack.keystone.auth.domain.PasswordCredentials; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.auth.domain.TokenCredentials; import org.jclouds.openstack.keystone.v3.internal.BaseV3KeystoneApiLiveTest; import org.testng.annotations.Test; @@ -44,14 +44,14 @@ public class V3AuthenticationApiLiveTest extends BaseV3KeystoneApiLiveTest { } public void testAuthenticatePassword() { - assertNotNull(authenticationApi.authenticatePassword(TenantAndCredentials.<PasswordCredentials> builder() - .tenantName(tenant).credentials(PasswordCredentials.builder().username(user).password(credential).build()) - .build())); + assertNotNull(authenticationApi.authenticatePassword(TenantOrDomainAndCredentials.<PasswordCredentials> builder() + .tenantOrDomainName(tenant) + .credentials(PasswordCredentials.builder().username(user).password(credential).build()).build())); } public void testAuthenticateToken() { - assertNotNull(authenticationApi.authenticateToken(TenantAndCredentials.<TokenCredentials> builder() - .tenantName(tenant).credentials(TokenCredentials.builder().id(token.get()).build()).build())); + assertNotNull(authenticationApi.authenticateToken(TenantOrDomainAndCredentials.<TokenCredentials> builder() + .tenantOrDomainName(tenant).credentials(TokenCredentials.builder().id(token.get()).build()).build())); } } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiMockTest.java ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiMockTest.java b/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiMockTest.java index c355e28..ce4be34 100644 --- a/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiMockTest.java +++ b/apis/openstack-keystone/src/test/java/org/jclouds/openstack/keystone/v3/auth/V3AuthenticationApiMockTest.java @@ -21,7 +21,7 @@ import static org.testng.Assert.assertTrue; import org.jclouds.openstack.keystone.auth.domain.AuthInfo; import org.jclouds.openstack.keystone.auth.domain.PasswordCredentials; -import org.jclouds.openstack.keystone.auth.domain.TenantAndCredentials; +import org.jclouds.openstack.keystone.auth.domain.TenantOrDomainAndCredentials; import org.jclouds.openstack.keystone.auth.domain.TokenCredentials; import org.jclouds.openstack.keystone.v3.domain.Token; import org.jclouds.openstack.keystone.v3.internal.BaseV3KeystoneApiMockTest; @@ -33,8 +33,8 @@ public class V3AuthenticationApiMockTest extends BaseV3KeystoneApiMockTest { public void testAuthenticatePassword() throws InterruptedException { server.enqueue(jsonResponse("/v3/token.json")); - TenantAndCredentials<PasswordCredentials> credentials = TenantAndCredentials.<PasswordCredentials> builder() - .tenantName("project") + TenantOrDomainAndCredentials<PasswordCredentials> credentials = TenantOrDomainAndCredentials.<PasswordCredentials> builder() + .tenantOrDomainName("project") .credentials(PasswordCredentials.builder().username("identity").password("credential").build()).build(); AuthInfo authInfo = authenticationApi.authenticatePassword(credentials); @@ -49,8 +49,8 @@ public class V3AuthenticationApiMockTest extends BaseV3KeystoneApiMockTest { public void testAuthenticatePasswordScoped() throws InterruptedException { server.enqueue(jsonResponse("/v3/token.json")); - TenantAndCredentials<PasswordCredentials> credentials = TenantAndCredentials.<PasswordCredentials> builder() - .tenantName("project") + TenantOrDomainAndCredentials<PasswordCredentials> credentials = TenantOrDomainAndCredentials.<PasswordCredentials> builder() + .tenantOrDomainName("project") .scope("project:1234567890") .credentials(PasswordCredentials.builder().username("identity").password("credential").build()).build(); @@ -66,8 +66,8 @@ public class V3AuthenticationApiMockTest extends BaseV3KeystoneApiMockTest { public void testAuthenticateToken() throws InterruptedException { server.enqueue(jsonResponse("/v3/token.json")); - TenantAndCredentials<TokenCredentials> credentials = TenantAndCredentials.<TokenCredentials> builder() - .tenantName("project") + TenantOrDomainAndCredentials<TokenCredentials> credentials = TenantOrDomainAndCredentials.<TokenCredentials> builder() + .tenantOrDomainName("project") .credentials(TokenCredentials.builder().id("token").build()).build(); AuthInfo authInfo = authenticationApi.authenticateToken(credentials); @@ -82,8 +82,8 @@ public class V3AuthenticationApiMockTest extends BaseV3KeystoneApiMockTest { public void testAuthenticateTokenScoped() throws InterruptedException { server.enqueue(jsonResponse("/v3/token.json")); - TenantAndCredentials<TokenCredentials> credentials = TenantAndCredentials.<TokenCredentials> builder() - .tenantName("project") + TenantOrDomainAndCredentials<TokenCredentials> credentials = TenantOrDomainAndCredentials.<TokenCredentials> builder() + .tenantOrDomainName("project") .scope("domain:mydomain") .credentials(TokenCredentials.builder().id("token").build()).build(); http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/test/resources/v3/auth-password.json ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/test/resources/v3/auth-password.json b/apis/openstack-keystone/src/test/resources/v3/auth-password.json index 6cb05a3..3335211 100644 --- a/apis/openstack-keystone/src/test/resources/v3/auth-password.json +++ b/apis/openstack-keystone/src/test/resources/v3/auth-password.json @@ -13,6 +13,7 @@ "password": "credential" } } - } + }, + "scope": "unscoped" } } http://git-wip-us.apache.org/repos/asf/jclouds/blob/851aae7b/apis/openstack-keystone/src/test/resources/v3/auth-token.json ---------------------------------------------------------------------- diff --git a/apis/openstack-keystone/src/test/resources/v3/auth-token.json b/apis/openstack-keystone/src/test/resources/v3/auth-token.json index 36096a2..9ddd70f 100644 --- a/apis/openstack-keystone/src/test/resources/v3/auth-token.json +++ b/apis/openstack-keystone/src/test/resources/v3/auth-token.json @@ -7,6 +7,7 @@ "token": { "id": "token" } - } + }, + "scope": "unscoped" } }
