1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-23 17:33:56 +03:00

bug #847: OCCI Server update to new Auth framework

This commit is contained in:
Ruben S. Montero 2011-10-25 15:41:27 +02:00
parent 0e822f4035
commit bb4911a50c
7 changed files with 42 additions and 48 deletions

View File

@ -808,7 +808,7 @@ COMMON_CLOUD_LIB_FILES="src/cloud/common/CloudServer.rb \
COMMON_CLOUD_CLIENT_LIB_FILES="src/cloud/common/CloudClient.rb"
CLOUD_AUTH_LIB_FILES="src/cloud/common/CloudAuth/BasicCloudAuth.rb \
CLOUD_AUTH_LIB_FILES="src/cloud/common/CloudAuth/OCCICloudAuth.rb \
src/cloud/common/CloudAuth/SunstoneCloudAuth.rb \
src/cloud/common/CloudAuth/EC2CloudAuth.rb \
src/cloud/common/CloudAuth/X509CloudAuth.rb"
@ -860,6 +860,8 @@ OCCI_LIB_FILES="src/cloud/occi/lib/OCCIServer.rb \
src/cloud/occi/lib/VirtualMachinePoolOCCI.rb \
src/cloud/occi/lib/VirtualNetworkOCCI.rb \
src/cloud/occi/lib/VirtualNetworkPoolOCCI.rb \
src/cloud/occi/lib/UserOCCI.rb \
src/cloud/occi/lib/UserPoolOCCI.rb \
src/cloud/occi/lib/ImageOCCI.rb \
src/cloud/occi/lib/ImagePoolOCCI.rb"

View File

@ -14,12 +14,10 @@
# limitations under the License. #
#--------------------------------------------------------------------------- #
require 'server_cipher_auth'
class CloudAuth
# These are the authentication methods for the user requests
AUTH_MODULES = {
"basic" => 'BasicCloudAuth',
"occi" => 'OCCICloudAuth',
"sunstone" => 'SunstoneCloudAuth' ,
"ec2" => 'EC2CloudAuth',
"x509" => 'X509CloudAuth'

View File

@ -14,7 +14,7 @@
# limitations under the License. #
#--------------------------------------------------------------------------- #
module BasicCloudAuth
module OCCICloudAuth
def auth(env, params={})
auth = Rack::Auth::Basic::Request.new(env)
@ -23,15 +23,11 @@ module BasicCloudAuth
one_pass = get_password(username)
if one_pass && one_pass == Digest::SHA1.hexdigest(password)
@token = @server_auth.login_token(username)
@client = Client.new(@token, @conf[:one_xmlrpc])
return nil
else
return "Authentication failure"
if one_pass && one_pass == password
return username
end
else
return "Basic auth not provided"
end
end
end
return nil
end
end

View File

@ -15,7 +15,6 @@
#--------------------------------------------------------------------------- #
require 'OpenNebula'
require 'CloudAuth'
##############################################################################
# This class represents a generic Cloud Server using the OpenNebula Cloud
@ -49,17 +48,7 @@ class CloudServer
def initialize(config)
# --- Load the Cloud Server configuration file ---
@config = config
@cloud_auth = CloudAuth.new(@config)
end
def authenticate(env, params={})
@cloud_auth.auth(env, params)
end
def client
@cloud_auth.client
end
#
# Prints the configuration of the server
#

View File

@ -41,7 +41,7 @@ class OCCIServer < CloudServer
# Server initializer
# config_file:: _String_ path of the config file
# template:: _String_ path to the location of the templates
def initialize(config)
def initialize(client, config)
super(config)
if config[:ssl_server]
@ -49,6 +49,8 @@ class OCCIServer < CloudServer
else
@base_url="http://#{config[:server]}:#{config[:port]}"
end
@client = client
end
# Prepare the OCCI XML Response
@ -75,7 +77,7 @@ class OCCIServer < CloudServer
user_flag = -1
vmpool = VirtualMachinePoolOCCI.new(
self.client,
@client,
user_flag)
# --- Prepare XML Response ---
@ -102,7 +104,7 @@ class OCCIServer < CloudServer
user_flag = -1
network_pool = VirtualNetworkPoolOCCI.new(
self.client,
@client,
user_flag)
# --- Prepare XML Response ---
@ -128,7 +130,7 @@ class OCCIServer < CloudServer
user_flag = -1
image_pool = ImagePoolOCCI.new(
self.client,
@client,
user_flag)
# --- Prepare XML Response ---
@ -151,7 +153,7 @@ class OCCIServer < CloudServer
# status code
def get_users(request)
# --- Get Users Pool ---
user_pool = UserPoolOCCI.new(self.client)
user_pool = UserPoolOCCI.new(@client)
# --- Prepare XML Response ---
rc = user_pool.info
@ -180,7 +182,7 @@ class OCCIServer < CloudServer
# --- Create the new Instance ---
vm = VirtualMachineOCCI.new(
VirtualMachine.build_xml,
self.client,
@client,
request.body.read,
@config[:instance_types],
@config[:template_location])
@ -205,7 +207,7 @@ class OCCIServer < CloudServer
# --- Get the VM ---
vm = VirtualMachineOCCI.new(
VirtualMachine.build_xml(params[:id]),
self.client)
@client)
# --- Prepare XML Response ---
rc = vm.info
@ -230,7 +232,7 @@ class OCCIServer < CloudServer
# --- Get the VM ---
vm = VirtualMachineOCCI.new(
VirtualMachine.build_xml(params[:id]),
self.client)
@client)
rc = vm.info
return rc, 404 if OpenNebula::is_error?(rc)
@ -250,7 +252,7 @@ class OCCIServer < CloudServer
# --- Get the VM ---
vm = VirtualMachineOCCI.new(
VirtualMachine.build_xml(params[:id]),
self.client)
@client)
rc = vm.info
if OpenNebula.is_error?(rc)
@ -278,7 +280,7 @@ class OCCIServer < CloudServer
# --- Create the new Instance ---
network = VirtualNetworkOCCI.new(
VirtualNetwork.build_xml,
self.client,
@client,
request.body,
@config[:bridge])
@ -301,7 +303,7 @@ class OCCIServer < CloudServer
def get_network(request, params)
network = VirtualNetworkOCCI.new(
VirtualNetwork.build_xml(params[:id]),
self.client)
@client)
# --- Prepare XML Response ---
rc = network.info
@ -324,7 +326,7 @@ class OCCIServer < CloudServer
def delete_network(request, params)
network = VirtualNetworkOCCI.new(
VirtualNetwork.build_xml(params[:id]),
self.client)
@client)
rc = network.info
return rc, 404 if OpenNebula::is_error?(rc)
@ -346,7 +348,7 @@ class OCCIServer < CloudServer
vnet = VirtualNetworkOCCI.new(
VirtualNetwork.build_xml(params[:id]),
self.client)
@client)
rc = vnet.info
return rc, 400 if OpenNebula.is_error?(rc)
@ -386,7 +388,7 @@ class OCCIServer < CloudServer
image = ImageOCCI.new(
Image.build_xml,
self.client,
@client,
occixml,
request.params['file'])
@ -410,7 +412,7 @@ class OCCIServer < CloudServer
# --- Get the Image ---
image = ImageOCCI.new(
Image.build_xml(params[:id]),
self.client)
@client)
rc = image.info
@ -434,7 +436,7 @@ class OCCIServer < CloudServer
# --- Get the Image ---
image = ImageOCCI.new(
Image.build_xml(params[:id]),
self.client)
@client)
rc = image.info
return rc, 404 if OpenNebula::is_error?(rc)
@ -456,7 +458,7 @@ class OCCIServer < CloudServer
image = ImageOCCI.new(
Image.build_xml(params[:id]),
self.client)
@client)
rc = image.info
return rc, 400 if OpenNebula.is_error?(rc)
@ -491,7 +493,7 @@ class OCCIServer < CloudServer
# --- Get the USER ---
user = UserOCCI.new(
User.build_xml(params[:id]),
self.client)
@client)
# --- Prepare XML Response ---
rc = user.info

View File

@ -46,6 +46,7 @@ require 'sinatra'
require 'yaml'
require 'OCCIServer'
require 'CloudAuth'
include OpenNebula
@ -77,20 +78,24 @@ end
set :host, settings.config[:server]
set :port, settings.config[:port]
set :cloud_auth, CloudAuth.new(settings.config)
##############################################################################
# Helpers
##############################################################################
before do
@occi_server = OCCIServer.new(settings.config)
begin
result = @occi_server.authenticate(request.env)
username = settings.cloud_auth.auth(request.env, params)
rescue Exception => e
error 500, e.message
end
if result
error 401, result
if username.nil?
return [401, ""]
else
client = settings.cloud_auth.client(username)
@occi_server = OCCIServer.new(client, settings.config)
end
end

View File

@ -6,6 +6,8 @@
:port: 9869
# Authentication driver for incomming requests
# sunstone, for OpenNebula's user-password scheme
# x509, for x509 certificates based authentication
:auth: sunstone
# Authentication driver to communicate with OpenNebula core