"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/api/os_oauth1.py" between
keystone-16.0.1.tar.gz and keystone-17.0.0.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Ussuri" series (latest release).

os_oauth1.py  (keystone-16.0.1):os_oauth1.py  (keystone-17.0.0)
skipping to change at line 17 skipping to change at line 17
# Unless required by applicable law or agreed to in writing, software # Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
# This file handles all flask-restful resources for /v3/OS-OAUTH1/ # This file handles all flask-restful resources for /v3/OS-OAUTH1/
import flask import flask
import flask_restful import flask_restful
import http.client
from oslo_log import log from oslo_log import log
from oslo_utils import timeutils from oslo_utils import timeutils
from six.moves import http_client from urllib import parse as urlparse
from six.moves.urllib import parse as urlparse
from werkzeug import exceptions from werkzeug import exceptions
from keystone.api._shared import json_home_relations from keystone.api._shared import json_home_relations
from keystone.common import authorization from keystone.common import authorization
from keystone.common import context from keystone.common import context
from keystone.common import provider_api from keystone.common import provider_api
from keystone.common import rbac_enforcer from keystone.common import rbac_enforcer
from keystone.common import validation from keystone.common import validation
import keystone.conf import keystone.conf
from keystone import exception from keystone import exception
skipping to change at line 105 skipping to change at line 105
def post(self): def post(self):
ENFORCER.enforce_call(action='identity:create_consumer') ENFORCER.enforce_call(action='identity:create_consumer')
consumer = (flask.request.get_json(force=True, silent=True) or {}).get( consumer = (flask.request.get_json(force=True, silent=True) or {}).get(
'consumer', {}) 'consumer', {})
consumer = self._normalize_dict(consumer) consumer = self._normalize_dict(consumer)
validation.lazy_validate(schema.consumer_create, consumer) validation.lazy_validate(schema.consumer_create, consumer)
consumer = self._assign_unique_id(consumer) consumer = self._assign_unique_id(consumer)
ref = PROVIDERS.oauth_api.create_consumer( ref = PROVIDERS.oauth_api.create_consumer(
consumer, initiator=self.audit_initiator) consumer, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED return self.wrap_member(ref), http.client.CREATED
def delete(self, consumer_id): def delete(self, consumer_id):
ENFORCER.enforce_call(action='identity:delete_consumer') ENFORCER.enforce_call(action='identity:delete_consumer')
reason = ( reason = (
'Invalidating token cache because consumer %(consumer_id)s has ' 'Invalidating token cache because consumer %(consumer_id)s has '
'been deleted. Authorization for users with OAuth tokens will be ' 'been deleted. Authorization for users with OAuth tokens will be '
'recalculated and enforced accordingly the next time they ' 'recalculated and enforced accordingly the next time they '
'authenticate or validate a token.' % 'authenticate or validate a token.' %
{'consumer_id': consumer_id} {'consumer_id': consumer_id}
) )
notifications.invalidate_token_cache_notification(reason) notifications.invalidate_token_cache_notification(reason)
PROVIDERS.oauth_api.delete_consumer( PROVIDERS.oauth_api.delete_consumer(
consumer_id, initiator=self.audit_initiator) consumer_id, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT return None, http.client.NO_CONTENT
def patch(self, consumer_id): def patch(self, consumer_id):
ENFORCER.enforce_call(action='identity:update_consumer') ENFORCER.enforce_call(action='identity:update_consumer')
consumer = (flask.request.get_json(force=True, silent=True) or {}).get( consumer = (flask.request.get_json(force=True, silent=True) or {}).get(
'consumer', {}) 'consumer', {})
validation.lazy_validate(schema.consumer_update, consumer) validation.lazy_validate(schema.consumer_update, consumer)
consumer = self._normalize_dict(consumer) consumer = self._normalize_dict(consumer)
self._require_matching_id(consumer) self._require_matching_id(consumer)
ref = PROVIDERS.oauth_api.update_consumer( ref = PROVIDERS.oauth_api.update_consumer(
consumer_id, consumer, initiator=self.audit_initiator) consumer_id, consumer, initiator=self.audit_initiator)
skipping to change at line 180 skipping to change at line 180
initiator=notifications.build_audit_initiator()) initiator=notifications.build_audit_initiator())
result = ('oauth_token=%(key)s&oauth_token_secret=%(secret)s' result = ('oauth_token=%(key)s&oauth_token_secret=%(secret)s'
% {'key': token_ref['id'], % {'key': token_ref['id'],
'secret': token_ref['request_secret']}) 'secret': token_ref['request_secret']})
if CONF.oauth1.request_token_duration > 0: if CONF.oauth1.request_token_duration > 0:
expiry_bit = '&oauth_expires_at=%s' % token_ref['expires_at'] expiry_bit = '&oauth_expires_at=%s' % token_ref['expires_at']
result += expiry_bit result += expiry_bit
resp = flask.make_response(result, http_client.CREATED) resp = flask.make_response(result, http.client.CREATED)
resp.headers['Content-Type'] = 'application/x-www-form-urlencoded' resp.headers['Content-Type'] = 'application/x-www-form-urlencoded'
return resp return resp
class AccessTokenResource(_OAuth1ResourceBase): class AccessTokenResource(_OAuth1ResourceBase):
@ks_flask.unenforced_api @ks_flask.unenforced_api
def post(self): def post(self):
oauth_headers = oauth1.get_oauth_headers(flask.request.headers) oauth_headers = oauth1.get_oauth_headers(flask.request.headers)
consumer_id = oauth_headers.get('oauth_consumer_key') consumer_id = oauth_headers.get('oauth_consumer_key')
request_token_id = oauth_headers.get('oauth_token') request_token_id = oauth_headers.get('oauth_token')
oauth_verifier = oauth_headers.get('oauth_verifier') oauth_verifier = oauth_headers.get('oauth_verifier')
skipping to change at line 271 skipping to change at line 271
initiator=notifications.build_audit_initiator()) initiator=notifications.build_audit_initiator())
result = ('oauth_token=%(key)s&oauth_token_secret=%(secret)s' result = ('oauth_token=%(key)s&oauth_token_secret=%(secret)s'
% {'key': token_ref['id'], % {'key': token_ref['id'],
'secret': token_ref['access_secret']}) 'secret': token_ref['access_secret']})
if CONF.oauth1.access_token_duration > 0: if CONF.oauth1.access_token_duration > 0:
expiry_bit = '&oauth_expires_at=%s' % (token_ref['expires_at']) expiry_bit = '&oauth_expires_at=%s' % (token_ref['expires_at'])
result += expiry_bit result += expiry_bit
resp = flask.make_response(result, http_client.CREATED) resp = flask.make_response(result, http.client.CREATED)
resp.headers['Content-Type'] = 'application/x-www-form-urlencoded' resp.headers['Content-Type'] = 'application/x-www-form-urlencoded'
return resp return resp
class AuthorizeResource(_OAuth1ResourceBase): class AuthorizeResource(_OAuth1ResourceBase):
def put(self, request_token_id): def put(self, request_token_id):
ENFORCER.enforce_call(action='identity:authorize_request_token') ENFORCER.enforce_call(action='identity:authorize_request_token')
roles = (flask.request.get_json(force=True, silent=True) or {}).get( roles = (flask.request.get_json(force=True, silent=True) or {}).get(
'roles', []) 'roles', [])
validation.lazy_validate(schema.request_token_authorize, roles) validation.lazy_validate(schema.request_token_authorize, roles)
ctx = flask.request.environ[context.REQUEST_CONTEXT_ENV] ctx = flask.request.environ[context.REQUEST_CONTEXT_ENV]
 End of changes. 6 change blocks. 
6 lines changed or deleted 6 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)