a8c84cb2da
- 401(Unauthorized) is to be returned when user credentials are wrong where as 403(Forbidden) is to be returned when user credentials are correct but the user doesn't have the priveleges to carry out the operation. - Also error messages displayed when using swauth-* command line utilities have been updated. Change-Id: I485786896ad14d3263f4325d1857cacc93adab96 Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6336 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6447 Reviewed-by: Thiago Da Silva <thiago@redhat.com> Tested-by: Thiago Da Silva <thiago@redhat.com>
65 lines
2.5 KiB
Python
Executable File
65 lines
2.5 KiB
Python
Executable File
#!/usr/bin/env python
|
|
# Copyright (c) 2010-2011 OpenStack, LLC.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
import gettext
|
|
from optparse import OptionParser
|
|
from os.path import basename
|
|
from sys import argv, exit
|
|
|
|
from swift.common.bufferedhttp import http_connect_raw as http_connect
|
|
from swift.common.utils import urlparse
|
|
|
|
|
|
if __name__ == '__main__':
|
|
gettext.install('gswauth', unicode=1)
|
|
parser = OptionParser(usage='Usage: %prog [options]')
|
|
parser.add_option('-A', '--admin-url', dest='admin_url',
|
|
default='http://127.0.0.1:8080/auth/', help='The URL to the auth '
|
|
'subsystem (default: http://127.0.0.1:8080/auth/')
|
|
parser.add_option('-U', '--admin-user', dest='admin_user',
|
|
default='.super_admin', help='The user with admin rights to add users '
|
|
'(default: .super_admin).')
|
|
parser.add_option('-K', '--admin-key', dest='admin_key',
|
|
help='The key for the user with admin rights to add users.')
|
|
args = argv[1:]
|
|
if not args:
|
|
args.append('-h')
|
|
(options, args) = parser.parse_args(args)
|
|
if args:
|
|
parser.parse_args(['-h'])
|
|
parsed = urlparse(options.admin_url)
|
|
if parsed.scheme not in ('http', 'https'):
|
|
raise Exception('Cannot handle protocol scheme %s for url %s' %
|
|
(parsed.scheme, repr(options.admin_url)))
|
|
parsed_path = parsed.path
|
|
if not parsed_path:
|
|
parsed_path = '/'
|
|
elif parsed_path[-1] != '/':
|
|
parsed_path += '/'
|
|
path = '%sv2/.prep' % parsed_path
|
|
headers = {'X-Auth-Admin-User': options.admin_user,
|
|
'X-Auth-Admin-Key': options.admin_key}
|
|
conn = http_connect(parsed.hostname, parsed.port, 'POST', path, headers,
|
|
ssl=(parsed.scheme == 'https'))
|
|
resp = conn.getresponse()
|
|
if resp.status // 100 != 2:
|
|
if resp.status == 401:
|
|
exit('gswauth preparation failed: %s %s: Invalid user/key provided' %
|
|
(resp.status, resp.reason))
|
|
else:
|
|
exit('gswauth preparation failed: %s %s' %
|
|
(resp.status, resp.reason))
|