/** * Creates token from the response * * @param ClientResponseInterface $response The response instance * @param OpenStackConfig $config The openstack config * * @return \Scalr\Service\OpenStack\Client\AuthToken * * @throws NotSupportedException */ public static function makeToken(ClientResponseInterface $response, OpenStackConfig $config = null) { $version = $config === null ? 2 : $config->getIdentityVersion(); switch ($version) { case 2: return LoaderV2::loadJson($response); case 3: return LoaderV3::loadJson($response); default: throw new NotSupportedException("OpenStack API v{$version} is not supported!"); } }
/** * {@inheritdoc} * @see RequestInterface::makeRequest() */ public function makeRequest(OpenStackConfig $config) { if (!empty($config->getApiKey())) { $requestBody = ['auth' => ["RAX-KSKEY:apiKeyCredentials" => ['username' => $config->getUsername(), 'apiKey' => $config->getApiKey()]]]; } else { if (!empty($config->getPassword())) { $requestBody = ['auth' => ["passwordCredentials" => ['username' => $config->getUsername(), 'password' => $config->getPassword()]]]; } else { throw new OpenStackException('Neither api key nor password was provided for the OpenStack config.'); } } if ($config->getTenantName() !== null) { $requestBody['auth']['tenantName'] = $config->getTenantName(); } return $requestBody; }
/** * List tenants action * * @param Marker $marker Marker Data. * @return array Return tenants list */ public function listTenants(Marker $marker = null) { $result = null; if ($marker !== null) { $options = $marker->getQueryData(); } else { $options = array(); } $response = $this->getClient()->call($this->config->getIdentityEndpoint(), '/tenants', $options); if ($response->hasError() === false) { $result = json_decode($response->getContent()); $result = $result->tenants; } return $result; }
public function _keystoneUrl($from, $to, $action) { switch ($action) { case static::ACT_CONVERT_TO_OBJECT: /* @var $from Entity\CloudCredentials */ $to->keystoneUrl = $from->properties[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL]; break; case static::ACT_CONVERT_TO_ENTITY: /* @var $to Entity\CloudCredentials */ $to->properties[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL] = $from->keystoneUrl; $to->properties[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION] = OpenStackConfig::parseIdentityVersion($from->keystoneUrl); break; case static::ACT_GET_FILTER_CRITERIA: return [[]]; } }
/** * {@inheritdoc} * @see LoaderInterface::loadJson() */ public static function loadJson(ClientResponseInterface $response) { $token = $response->getHeader('X-Subject-Token'); $jsonString = $response->getContent(); $obj = json_decode($jsonString); if (empty($token)) { $invalid = true; } if (isset($invalid) || !isset($obj->token->expires_at)) { throw new InvalidArgumentException("Malformed JSON document " . (string) $jsonString); } $regions = $services = []; if (!empty($obj->token->catalog)) { foreach ($obj->token->catalog as $srv) { foreach ($srv->endpoints as $srvEndpoint) { $url = $srvEndpoint->url; $srvVersion = OpenStackConfig::parseIdentityVersion($url); if (isset($srvEndpoint->region)) { $regions[$srvEndpoint->region] = true; $endpointRegion = $srvEndpoint->region; } else { $endpointRegion = ''; } if (!isset($services[$srv->type][$endpointRegion][$srvVersion])) { $services[$srv->type][$endpointRegion][$srvVersion] = []; } $srvEndpoint->publicURL = $url; //Interface - can be public, internal or admin $services[$srv->type][$endpointRegion][$srvVersion][$srvEndpoint->interface] = $srvEndpoint; } } } $regions = array_keys($regions); $ret = new AuthToken(); $ret->setExpires(new DateTime($obj->token->expires_at))->setId($token)->setAuthDocument($obj)->setRegionEndpoints($services)->setZones($regions); if (isset($obj->token->project->id)) { $ret->setTenantId($obj->token->project->id); } if (isset($obj->token->project->name)) { $ret->setTenantName($obj->token->project->name); } return $ret; }
/** * {@inheritdoc} * @see RequestInterface::makeRequest() */ public function makeRequest(OpenStackConfig $config) { if ($config->getApiKey() !== null) { $requestBody = ['auth' => ['identity' => ['methods' => ['token'], 'token' => ['id' => $config->getApiKey()]]]]; } else { if ($config->getPassword() !== null) { $requestBody = ['auth' => ['identity' => ['methods' => ['password'], 'password' => ['user' => ['password' => $config->getPassword()]]]]]; if ($config->getUserId()) { $requestBody['auth']['identity']['password']['user']['id'] = $config->getUserId(); } else { if ($config->getUsername()) { $requestBody['auth']['identity']['password']['user']['name'] = $config->getUsername(); } else { throw new OpenStackException('Neither user name nor user id was provided for the OpenStack config.'); } } } else { throw new OpenStackException('Neither api key nor password was provided for the OpenStack config.'); } } if ($config->getProjectId() !== null) { $requestBody['auth']['scope']['project']['id'] = $config->getProjectId(); } else { if ($config->getTenantName() !== null) { $requestBody['auth']['scope']['project']['name'] = $config->getTenantName(); } } return $requestBody; }
private function saveOpenstack() { $pars = array(); $enabled = false; $platform = $this->getParam('platform'); $currentCloudCredentials = $this->env->keychain($platform); $bNew = !$currentCloudCredentials->isEnabled(); if (!$bNew) { $oldUrl = $currentCloudCredentials->properties[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL]; } if ($this->getParam("{$platform}_is_enabled")) { $enabled = true; $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL] = trim($this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL, 'string', 'KeyStone URL required', $platform)); $pars[Entity\CloudCredentialsProperty::OPENSTACK_SSL_VERIFYPEER] = trim($this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_SSL_VERIFYPEER, 'bool', '', $platform)); $pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_USERNAME, 'string', 'Username required', $platform); $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD, 'password', '', $platform, false); $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_API_KEY, 'string', '', $platform); $pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION] = OpenStackConfig::parseIdentityVersion($pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL]); $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME, 'string', '', $platform); $pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME, 'string', '', $platform); if (empty($this->checkVarError) && empty($pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD]) && empty($pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY])) { $this->checkVarError['api_key'] = $this->checkVarError['password'] = '******'; } } /* @var $config Yaml */ $config = $this->env->getContainer()->config; if (isset($platform) && $config->defined("scalr.{$platform}.use_proxy") && $config("scalr.{$platform}.use_proxy") && in_array($config('scalr.connections.proxy.use_on'), ['both', 'scalr'])) { $proxySettings = $config('scalr.connections.proxy'); } else { $proxySettings = null; } if (count($this->checkVarError)) { $this->response->failure(); $this->response->data(array('errors' => $this->checkVarError)); } else { if ($this->getParam($platform . "_is_enabled")) { $os = new OpenStack(new OpenStackConfig($pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], 'fake-region', $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION], $proxySettings)); //It throws an exception on failure $zones = $os->listZones(); $zone = array_shift($zones); $os = new OpenStack(new OpenStackConfig($pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], $zone->name, $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION], $proxySettings)); // Check SG Extension $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_SECURITYGROUPS_ENABLED] = (int) $os->servers->isExtensionSupported(ServersExtension::securityGroups()); // Check Floating Ips Extension $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_FLOATING_IPS_ENABLED] = (int) $os->servers->isExtensionSupported(ServersExtension::floatingIps()); // Check Cinder Extension $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_CINDER_ENABLED] = (int) $os->hasService('volume'); // Check Swift Extension $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_SWIFT_ENABLED] = (int) $os->hasService('object-store'); // Check LBaas Extension $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_LBAAS_ENABLED] = !in_array($platform, array(SERVER_PLATFORMS::RACKSPACENG_US, SERVER_PLATFORMS::RACKSPACENG_UK)) && $os->hasService('network') ? (int) $os->network->isExtensionSupported('lbaas') : 0; } $this->db->BeginTrans(); try { $this->env->enablePlatform($platform, $enabled); if ($enabled) { $this->makeCloudCredentials($platform, $pars); if ($this->getContainer()->analytics->enabled && ($bNew || $oldUrl !== $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL])) { $this->getContainer()->analytics->notifications->onCloudAdd($platform, $this->env, $this->user); } } if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) { $this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time()); } $this->response->success('Cloud credentials have been ' . ($enabled ? 'saved' : 'removed from Scalr')); $this->response->data(array('enabled' => $enabled)); } catch (Exception $e) { $this->db->RollbackTrans(); throw new Exception(_('Failed to save ' . ucfirst($platform) . ' settings')); } $this->db->CommitTrans(); } }