9de84b3c5d
Includes AuthOpts struct and AuthRef interface, plus an Identity v2 password auth implementation. Note: the examples work, the objectstore_test is broken, will be fixed along with additional session and auth tests. Change-Id: I77b07c92586c37e855b466e18dea133a4a938aaa
100 lines
2.5 KiB
Go
100 lines
2.5 KiB
Go
// auth - Authentication interface
|
|
// Copyright 2015 Dean Troyer
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package openstack
|
|
|
|
import (
|
|
"encoding/json"
|
|
"errors"
|
|
"io/ioutil"
|
|
"strings"
|
|
"time"
|
|
)
|
|
|
|
// AuthRef is the returned authentication object, maybe v2 or v3
|
|
type AuthRef interface {
|
|
GetToken() string
|
|
GetExpiration() time.Time
|
|
GetEndpoint(string, string) (string, error)
|
|
}
|
|
|
|
// AuthOpts is the set of credentials used to authenticate to OpenStack
|
|
type AuthOpts struct {
|
|
// AuthUrl is always required
|
|
AuthUrl string
|
|
|
|
// Domain is ignored for v2 and required for v3 auth
|
|
Domain string
|
|
|
|
// Project is optional to get an unscoped token but required for
|
|
// a scoped token, which is required to do pretty much everything
|
|
// except list projects
|
|
Project string
|
|
|
|
// Username is required for password auth
|
|
Username string
|
|
|
|
// Password is required for password auth
|
|
Password string
|
|
|
|
// Token is required for Toekn auth
|
|
Token string
|
|
}
|
|
|
|
func (s *AuthOpts) GetAuthType() (string, error) {
|
|
var auth_type string
|
|
if s.AuthUrl != "" && s.Token != "" {
|
|
auth_type = "token"
|
|
} else if s.Username != "" {
|
|
auth_type = "password"
|
|
}
|
|
return auth_type, nil
|
|
}
|
|
|
|
// Basic auth call
|
|
// These args should be an interface??
|
|
func DoAuthRequest(authopts AuthOpts) (AuthRef, error) {
|
|
// url string, body []byte)
|
|
var auth = AuthToken{}
|
|
|
|
auth_mod, err := NewUserPassV2(authopts)
|
|
if err != nil {
|
|
err = errors.New("Failed to get auth options")
|
|
return nil, err
|
|
}
|
|
|
|
path := auth_mod.AuthUrl + "/tokens"
|
|
body := auth_mod.JSON()
|
|
resp, err := Post(path, nil, nil, &body)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
contentType := strings.ToLower(resp.Header.Get("Content-Type"))
|
|
if strings.Contains(contentType, "json") != true {
|
|
return nil, errors.New("err: header Content-Type is not JSON")
|
|
}
|
|
|
|
rbody, err := ioutil.ReadAll(resp.Body)
|
|
if err != nil {
|
|
return nil, errors.New("aaa")
|
|
}
|
|
if err = json.Unmarshal(rbody, &auth); err != nil {
|
|
return nil, errors.New("bbb")
|
|
}
|
|
|
|
return auth, nil
|
|
}
|