Add support to Keystone Auth for external user linking

Also adds Keystone V3 support
2016-10-27 15:35:52 -04:00 · 2016-10-27 15:35:52 -04:00 · b3d1d7227c
commit b3d1d7227c
parent fbb524e34e
5 changed files with 262 additions and 17 deletions
--- a/data/users/init.py
+++ b/data/users/init.py
@ -9,7 +9,7 @@ from data import model
 from data.users.database import DatabaseUsers
 from data.users.externalldap import LDAPUsers
 from data.users.externaljwt import ExternalJWTAuthN
-from data.users.keystone import KeystoneUsers
+from data.users.keystone import get_keystone_users
 from util.security.aes import AESCipher

 logger = logging.getLogger(__name__)
@ -63,12 +63,14 @@ def get_users_handler(config, config_provider, override_config_dir):

  if authentication_type == 'Keystone':
    auth_url = config.get('KEYSTONE_AUTH_URL')
+    auth_version = int(config.get('KEYSTONE_AUTH_VERSION', 2))
    timeout = config.get('KEYSTONE_AUTH_TIMEOUT')
    keystone_admin_username = config.get('KEYSTONE_ADMIN_USERNAME')
    keystone_admin_password = config.get('KEYSTONE_ADMIN_PASSWORD')
    keystone_admin_tenant = config.get('KEYSTONE_ADMIN_TENANT')
-    return KeystoneUsers(auth_url, keystone_admin_username, keystone_admin_password,
-                         keystone_admin_tenant, timeout)
+
+    return get_keystone_users(auth_version, auth_url, keystone_admin_username,
+                             keystone_admin_password, keystone_admin_tenant, timeout)

  raise RuntimeError('Unknown authentication type: %s' % authentication_type)