Add support to Keystone Auth for external user linking
Also adds Keystone V3 support
This commit is contained in:
Joseph Schorr
parent
fbb524e34e
commit
b3d1d7227c
5 changed files with 262 additions and 17 deletions
|
|
@ -21,7 +21,7 @@ from data.database import validate_database_url
|
|||
from data.users import LDAP_CERT_FILENAME
|
||||
from data.users.externaljwt import ExternalJWTAuthN
|
||||
from data.users.externalldap import LDAPConnection, LDAPUsers
|
||||
from data.users.keystone import KeystoneUsers
|
||||
from data.users.keystone import get_keystone_users
|
||||
from storage import get_storage_driver
|
||||
from util.config.oauth import GoogleOAuthConfig, GithubOAuthConfig, GitLabOAuthConfig
|
||||
from util.secscan.api import SecurityScannerAPI
|
||||
|
|
@ -422,6 +422,7 @@ def _validate_keystone(config, password):
|
|||
return
|
||||
|
||||
auth_url = config.get('KEYSTONE_AUTH_URL')
|
||||
auth_version = int(config.get('KEYSTONE_AUTH_VERSION', 2))
|
||||
admin_username = config.get('KEYSTONE_ADMIN_USERNAME')
|
||||
admin_password = config.get('KEYSTONE_ADMIN_PASSWORD')
|
||||
admin_tenant = config.get('KEYSTONE_ADMIN_TENANT')
|
||||
|
|
@ -438,7 +439,7 @@ def _validate_keystone(config, password):
|
|||
if not admin_tenant:
|
||||
raise Exception('Missing admin tenant')
|
||||
|
||||
users = KeystoneUsers(auth_url, admin_username, admin_password, admin_tenant)
|
||||
users = get_keystone_users(auth_version, auth_url, admin_username, admin_password, admin_tenant)
|
||||
|
||||
# Verify that the superuser exists. If not, raise an exception.
|
||||
username = get_authenticated_user().username
|
||||
|
|
|
|||
Reference in a new issue