Get a token from keystone v3.

domain.py

#!/usr/bin/env python
# -*- encoding: utf-8 -*-
__author__ = "Chmouel Boudjnah <[email protected]>"
import os
import sys
import optparse
import json
import socket
import pprint
import urlparse

import requests

DEFAULT_ADMIN_TOKEN = '7f00aa2752e42ff6eead'
DEFAULT_AUTH_URL = 'http://localhost:5000/v3'
DEFAULT_PORT = 5000

usage = 'usage: %prog [OPTIONS]'
parser = optparse.OptionParser(usage=usage)

parser.add_option(
    '-A', '--auth-url',
    dest='auth_url',
    default=DEFAULT_AUTH_URL,
    help='A Keystone URL with a v3 endpoint.')

parser.add_option(
    '-a', '--admin-token',
    dest='admin_token',
    default=DEFAULT_ADMIN_TOKEN,
    help='A Keystone admin token.')

parser.add_option(
    '-P', '--port',
    dest='port',
    default=DEFAULT_PORT,
    type=int,
    help='A port where to connect')

options, args = parser.parse_args()

if options.auth_url == DEFAULT_AUTH_URL and 'KS_KEYSTONE_DEV' in os.environ:
    options.auth_url = os.environ['KS_KEYSTONE_DEV']

if not options.auth_url.startswith('http'):
    options.auth_url = 'http://%s:%d/v3' % (options.auth_url,
                                            options.port)
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
furl = urlparse.urlparse(options.auth_url)
host, port = furl.netloc.split(':')

try:
    sock.connect((host, int(port)))
except(socket.error), e:
    print 'Cannot connect to: %s' % (options.auth_url)
    sys.exit(1)

HEADERS = {'content-type': 'application/json',
           'x-auth-token': options.admin_token}


def list_domains():
    ret = {}
    r = requests.get(options.auth_url + '/domains',
                     headers=HEADERS)

    try:
        r.raise_for_status()
    except(requests.exceptions.HTTPError), e:
        print e.message
        sys.exit(1)

    blob = r.json()
    for domain in blob['domains']:
        if domain['enabled']:
            ret[domain['name']] = domain['id']
    return ret


def create_domain(name):
    DATA = {
        'domain': {'name': name},
    }
    print "json sent to /v3/domains: %s" % (json.dumps(DATA))

    r = requests.post(options.auth_url + '/domains',
                      data=json.dumps(DATA),
                      headers=HEADERS)
    try:
        r.raise_for_status()
    except(requests.exceptions.HTTPError), e:
        print e.message
        sys.exit(1)

    pprint.pprint(r.json())


# NOT-WORKING
def delete_domain(domain_id):
    r = requests.delete(options.auth_url + '/domains/' + domain_id,
                        headers=HEADERS)
    try:
        r.raise_for_status()
    except(requests.exceptions.HTTPError), e:
        print e.message
        sys.exit(1)

    print r.status
    pprint.pprint(r.json())

all_domains = list_domains()
create_domain("foo")

ks3.py

#!/usr/bin/env python
import json
import optparse
import os
import pprint
import socket
import sys
import urlparse

import requests

DEFAULT_DOMAIN_NAME = 'Default'
DEFAULT_USER_NAME = 'admin'
DEFAULT_PROJECT_NAME = 'admin'
DEFAULT_PASSWORD = 'ADMIN'
DEFAULT_AUTH_URL = 'http://localhost:5000/v3'
DEFAULT_ENDPOINT_TYPE = 'object-store'
DEFAULT_ENDPOINT_REGION = 'RegionOne'
DEFAULT_ENDPOINT_INTERFACE = 'public'
DEFAULT_PORT = 5000

usage = 'usage: %prog [OPTIONS]'
parser = optparse.OptionParser(usage=usage)
parser.add_option(
    '-d', '--domain-name',
    dest='domain_name',
    default=DEFAULT_DOMAIN_NAME,
    help='A domain name')

parser.add_option(
    '-D', '--domain-id',
    dest='domain_id',
    help='A domain id')

parser.add_option(
    '-u', '--user-name',
    dest='user',
    default=DEFAULT_USER_NAME,
    help='A user name')

parser.add_option(
    '-t', '--project-name',
    dest='project_name',
    default=DEFAULT_PROJECT_NAME,
    help='A project name')

parser.add_option(
    '--project-id',
    dest='project_id',
    help='A project id')

parser.add_option(
    '-p', '--password',
    dest='password',
    default=DEFAULT_PASSWORD,
    help='A password')

parser.add_option(
    '-A', '--auth-url',
    dest='auth_url',
    default=DEFAULT_AUTH_URL,
    help='A Keystone URL with a v3 endpoint.')

parser.add_option(
    '-P', '--port',
    dest='port',
    default=DEFAULT_PORT,
    type=int,
    help='A port where to connect')

parser.add_option(
    '-v', '--verbose',
    dest='verbose',
    action='store_true',
    help='Be verbose')

parser.add_option(
    '--endpoint-type',
    dest='endpoint_type',
    default=DEFAULT_ENDPOINT_TYPE,
    help='The endpoint type.')

parser.add_option(
    '--endpoint-region',
    dest='endpoint_region',
    default=DEFAULT_ENDPOINT_REGION,
    help='The endpoint region.')

parser.add_option(
    '--endpoint-interface',
    dest='endpoint_interface',
    default=DEFAULT_ENDPOINT_INTERFACE,
    help='The endpoint interface (i.e: public private etc..).')


options, args = parser.parse_args()

if options.auth_url == DEFAULT_AUTH_URL and 'KS_KEYSTONE_DEV' in os.environ:
    options.auth_url = os.environ['KS_KEYSTONE_DEV']

if not options.auth_url.startswith('http'):
    options.auth_url = 'http://%s:%d/v3' % (options.auth_url,
                                            options.port)

headers = {'content-type': 'application/json'}

dk, dv = options.domain_id and ('id', options.domain_id) or \
    ('name', options.domain_name)

pk, pv = options.project_id and ('id', options.project_id) or \
    ('name', options.project_name)

AUTH = {'auth':
        {'identity':
         {
             'methods': ['password'],
             'password': {
                 'user': {
                     'domain': {dk: dv},
                     'password': options.password,
                     'name': options.user
                 }}},
         'scope': {
             'project': {
                 'domain': {dk: dv},
                 pk: pv,
             }}}}


sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
furl = urlparse.urlparse(options.auth_url)
host, port = furl.netloc.split(':')

try:
    sock.connect((host, int(port)))
except(socket.error), e:
    print 'Cannot connect to: %s' % (options.auth_url)
    sys.exit(1)

if options.verbose:
    print 'Sending to %s/auth/tokens:' % (options.auth_url)
    pprint.pprint(AUTH)


r = requests.post(options.auth_url + '/auth/tokens',
                  data=json.dumps(AUTH),
                  headers=headers)

try:
    r.raise_for_status()
except(requests.exceptions.HTTPError), e:
    print e.message
    sys.exit(1)


json_token = r.json()
token_id = None
endpoint_url = None

token_id = r.headers.get('x-subject-token')

if not token_id:
    print 'Error while authing.'
    print json_token
    sys.exit(1)

if options.verbose:
    pprint.pprint(json_token)

for catalog in json_token['token']['catalog']:
    if not catalog['type'] == options.endpoint_type:
        continue
    for endpoint in catalog['endpoints']:
        if (endpoint['region'] == options.endpoint_region and
            endpoint['interface'] == options.endpoint_interface):
            endpoint_url = endpoint['url']

if not endpoint_url:
    print "Cannot found url for catalog type %s and" % (options.endpoint_type)
    print "endpoint region %s and endpoint interface %s" % (
        options.endpoint_region, options.endpoint_interface)
    sys.exit(1)

print 'TOKEN=%s' % (token_id)
print 'URL=%s' % (endpoint_url)
print 'curl -H "X-Auth-Token: %s" %s' % (token_id, endpoint_url)