@webob.dec.wsgify(RequestClass=wsgi.Request)
def __call__(self, req):
# Read request signature and access id.
- # If we find KeyStoneCreds in the params we ignore a key error
+ # If we find X-Auth-User in the headers we ignore a key error
# here so that we can use both authentication methods.
# Returning here just means the user didn't supply AWS
# authentication and we'll let the app try native keystone next.
signature = req.params['Signature']
except KeyError:
logger.info("No AWS Signature found.")
- if 'KeyStoneCreds' in req.params:
+ if 'X-Auth-User' in req.headers:
return self.application
else:
raise exception.HeatIncompleteSignatureError()
access = req.params['AWSAccessKeyId']
except KeyError:
logger.info("No AWSAccessKeyId found.")
- if 'KeyStoneCreds' in req.params:
+ if 'X-Auth-User' in req.headers:
return self.application
else:
raise exception.HeatMissingAuthenticationTokenError()
params['Version'] = '2010-05-15'
params['SignatureVersion'] = '2'
params['SignatureMethod'] = 'HmacSHA256'
- params['KeyStoneCreds'] = json.dumps(self.creds)
def stack_request(self, action, method, **kwargs):
params = self._extract_params(kwargs, SUPPORTED_PARAMS)
self._insert_common_parameters(params)
params['Action'] = action
+ headers = {'X-Auth-User': self.creds['username'],
+ 'X-Auth-Key': self.creds['password']}
- res = self.do_request(method, "/", params=params)
+ res = self.do_request(method, "/", params=params, headers=headers)
doc = etree.fromstring(res.read())
return etree.tostring(doc, pretty_print=True)
SUPPORTED_PARAMS = ('StackName', 'TemplateBody', 'TemplateUrl',
'NotificationARNs', 'Parameters', 'Version',
'SignatureVersion', 'Timestamp', 'AWSAccessKeyId',
- 'Signature', 'KeyStoneCreds', 'TimeoutInMinutes',
+ 'Signature', 'TimeoutInMinutes',
'LogicalResourceId', 'PhysicalResourceId', 'NextToken',
)
aws_creds = None
aws_auth_uri = None
- if headers.get('X-Auth-EC2-Creds') is not None:
+ if headers.get('X-Auth-User') is not None:
+ username = headers.get('X-Auth-User')
+ password = headers.get('X-Auth-Key')
+ elif headers.get('X-Auth-EC2-Creds') is not None:
aws_creds = headers.get('X-Auth-EC2-Creds')
aws_auth_uri = headers.get('X-Auth-EC2-Url')
- else:
- if 'KeyStoneCreds' in req.params:
- creds = json.loads(req.params['KeyStoneCreds'])
- username = creds['username']
- password = creds['password']
token = headers.get('X-Auth-Token')
service_user = headers.get('X-Admin-User')
Code Review / openstack-build / heat-build.git / commitdiff