| Dir : /proc/self/root/opt/saltstack/salt/extras-3.10/pyroute2/cli/auth/ |
| Server: Linux ngx353.inmotionhosting.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64 IP: 209.182.202.254 |
| Dir : //proc/self/root/opt/saltstack/salt/extras-3.10/pyroute2/cli/auth/auth_keystone.py |
import os
import time
from dateutil.parser import parse as isodate
from keystoneauth1 import session
from keystoneauth1.identity import v3
from keystoneclient.v3 import client as ksclient
from keystoneclient.v3.tokens import TokenManager
class OSAuthManager(object):
def __init__(self, headers):
# create a Keystone password object
auth = v3.Password(
auth_url=os.environ.get('OS_AUTH_URL'),
username=os.environ.get('OS_USERNAME'),
password=os.environ.get('OS_PASSWORD'),
user_domain_name=(os.environ.get('OS_USER_DOMAIN_NAME')),
project_id=os.environ.get('OS_PROJECT_ID'),
)
# create a session object
sess = session.Session(auth=auth)
# create a token manager
tmanager = TokenManager(ksclient.Client(session=sess))
# validate the token
keystone_response = tmanager.validate(headers['X-Auth-Token'])
# init attrs
self.expire = isodate(keystone_response['expires_at']).timestamp()
def check(self, obj, tag):
if time.time() > self.expire:
raise PermissionError('keystone token has been expired')
return True