Keystone Client

Registered by Ziad Sawalha on 2011-08-08

Create a client for Keystone. Proposing both an importable python client as well as a CLI interface that could aid with troubleshooting:

Example Python API

    >>> import keystoneclient as keystone
    >>> session = keystone.authenticate(**my_credential_kwargs)
    >>> print session.tenant
    None
    >>> print session.tenants()
    {'a1': {'id': 'a1', 'name': 'customer-x'}, 'b2': {'id': 'b2', 'name': 'project-y'}}
    >>> print session.token
    43598acc-fed0-4de5-8ca5-c5fe050d60d9
    >>> print keystone.validate(session.token).status
    True
    >>> session = session.scope(session.tenants['a1'])
    >>> print session.token
    278837cd-23c6-4049-95e7-a9711348786f
    >>> print keystone.validate(session.token).status
    True

    >>> session = keystone.authenticate(**my_credential_kwargs, tenant_id='a1')
    >>> print session.tenant
    {'id': 'a1', 'name': 'customer-x'}
    >>> print keystone.validate(session.token).status
    True

Keystone Example Client CLI

    $ python keystoneclient.py authenticate --username="admin" --password="secrete"
    { "access": {"token": {"id": "994c75b3-1678-4dce-9a36-c5a46bf3a9ef", [...]}, "serviceCatalog": [...], "user": {"id": "1", "roles": [...], "name": "admin"}}}

Blueprint information

Status:
Complete
Approver:
Ziad Sawalha
Priority:
High
Drafter:
Dolph Mathews
Direction:
Approved
Assignee:
Jesse Andrews
Definition:
New
Series goal:
Accepted for essex
Implementation:
Implemented
Milestone target:
milestone icon 2012.1
Started by
Ziad Sawalha on 2011-12-28
Completed by
Thierry Carrez on 2012-01-24

Related branches

Sprints

Whiteboard

ZNS 2011-10-21: Yes! This should also be coded into a library than can be imported into something like nova-client. We've had many requests for this and it would help teams implementing Keystone integration.

Gerrit topic: https://review.openstack.org/#q,topic:keystone-client,n,z

Addressed by: https://review.openstack.org/1063
    Adding the concept of creating a Keystone HTTP client in Python which can be used in Keystone and imported from Keystone to allow for easier Keystone integration.

Gabe Hurley has produced exactly this for the Dashboard (Horizon project) interactions with Keystone: https://github.com/4P/python-keystoneclient

Add the following use cases:
- specify URL for keystone when creating session
- querying API versions and extensions (code in novaclient already)
Consider:
- support providing URL to Nova and reacting to middleware response (ex 401 with www-authorization header)

Gerrit topic: https://review.openstack.org/#q,topic:credentials,n,z

Addressed by: https://review.openstack.org/3220
    Handle EC2 Credentials on /tokens

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.