feature-967: Add OpenNebulaCloudAuth

2025-01-13 13:17:39 +03:00 · 2012-03-21 16:12:55 +01:00 · 2012-03-21 16:12:55 +01:00 · a8ce2e91e7
commit a8ce2e91e7
parent cb672e83d9
3 changed files with 45 additions and 4 deletions
--- a/src/cloud/common/CloudAuth.rb
+++ b/src/cloud/common/CloudAuth.rb
@ -17,10 +17,11 @@
 class CloudAuth
    # These are the authentication methods for the user requests
    AUTH_MODULES = {
-        "occi"     => 'OCCICloudAuth',
-        "sunstone" => 'SunstoneCloudAuth' ,
-        "ec2"      => 'EC2CloudAuth',
-        "x509"     => 'X509CloudAuth'
+        "occi"       => 'OCCICloudAuth',
+        "sunstone"   => 'SunstoneCloudAuth' ,
+        "ec2"        => 'EC2CloudAuth',
+        "x509"       => 'X509CloudAuth',
+        "opennebula" => 'OpenNebulaCloudAuth'
    }

    # These are the authentication modules for the OpenNebula requests
--- a/src/cloud/common/CloudAuth/OpenNebulaCloudAuth.rb
+++ b/src/cloud/common/CloudAuth/OpenNebulaCloudAuth.rb
@ -0,0 +1,39 @@
+# -------------------------------------------------------------------------- #
+# Copyright 2002-2012, OpenNebula Project Leads (OpenNebula.org)             #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
+# not use this file except in compliance with the License. You may obtain    #
+# a copy of the License at                                                   #
+#                                                                            #
+# http://www.apache.org/licenses/LICENSE-2.0                                 #
+#                                                                            #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#--------------------------------------------------------------------------- #
+
+module CoreCloudAuth
+    def do_auth(env, params={})
+        auth = Rack::Auth::Basic::Request.new(env)
+
+        if auth.provided? && auth.basic?
+            username, password = auth.credentials
+
+            client = OpenNebula::Client.new("#{username}:#{password}")
+            user   = OpenNebula::User.new_with_id(OpenNebula::User::SELF, client)
+
+            rc = user.info
+            if OpenNebula.is_error?(rc)
+                logger.error { "User #{username} could not be authenticated"}
+                logger.error { rc.message }
+                return nil 
+            end
+            
+            return username
+        end
+
+        return nil
+    end
+end
--- a/src/cloud/occi/etc/occi-server.conf
+++ b/src/cloud/occi/etc/occi-server.conf
@ -27,6 +27,7 @@
 # Authentication driver for incomming requests
 #   occi, for OpenNebula's user-password scheme
 #   x509, for x509 certificates based authentication
+#   opennebula, use the driver defined for the user in OpenNebula
 :auth: occi

 # Authentication driver to communicate with OpenNebula core