Repository: libcloud Updated Branches: refs/heads/trunk 9b6110e35 -> 3f8fc51e9
Allow user to use perform authentication against Keystone API v3 without specifying a scope. Note: Depending on the OpenStack policies configuratiion, unscoped tokens are usually of a limited use. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/3f8fc51e Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/3f8fc51e Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/3f8fc51e Branch: refs/heads/trunk Commit: 3f8fc51e99a88e9d96895cfb68d92e2a97c152e3 Parents: 9b6110e Author: Tomaz Muraus <[email protected]> Authored: Fri Aug 15 15:05:47 2014 +0200 Committer: Tomaz Muraus <[email protected]> Committed: Fri Aug 15 15:05:47 2014 +0200 ---------------------------------------------------------------------- libcloud/common/openstack_identity.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/libcloud/blob/3f8fc51e/libcloud/common/openstack_identity.py ---------------------------------------------------------------------- diff --git a/libcloud/common/openstack_identity.py b/libcloud/common/openstack_identity.py index d13975e..a3492f1 100644 --- a/libcloud/common/openstack_identity.py +++ b/libcloud/common/openstack_identity.py @@ -89,6 +89,7 @@ class OpenStackIdentityTokenScope(object): """ PROJECT = 'project' DOMAIN = 'domain' + UNSCOPED = 'unscoped' class OpenStackIdentityVersion(object): @@ -889,7 +890,8 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): VALID_TOKEN_SCOPES = [ OpenStackIdentityTokenScope.PROJECT, - OpenStackIdentityTokenScope.DOMAIN + OpenStackIdentityTokenScope.DOMAIN, + OpenStackIdentityTokenScope.UNSCOPED ] def __init__(self, auth_url, user_id, key, tenant_name=None, @@ -976,6 +978,8 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): 'name': self.domain_name } } + elif self.token_scope == OpenStackIdentityTokenScope.UNSCOPED: + pass else: raise ValueError('Token needs to be scoped either to project or ' 'a domain') @@ -1008,7 +1012,8 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): self.auth_token = headers['x-subject-token'] self.auth_token_expires = parse_date(expires) - self.urls = body['token']['catalog'] + # Note: catalog is not returned for unscoped tokens + self.urls = body['token'].get('catalog', None) self.auth_user_info = None self.auth_user_roles = roles except KeyError:
