From 085fa79ec0240751be1bbd3c0025097970319a8e Mon Sep 17 00:00:00 2001 From: Doug Hellmann Date: Wed, 31 Oct 2012 15:24:42 -0400 Subject: [PATCH] Fix auth middleware configuration Initialze the configuration object before initializing the middleware, and pass the resulting config in to the middleware so it can get the configuration settings. addresses bug #1071047 Change-Id: I2a487d2a2f2d3467e522868ac78dc4645bf7d643 Signed-off-by: Doug Hellmann --- bin/ceilometer-api | 22 +++++++++++++++++++--- ceilometer/api/acl.py | 19 ++++++++++++------- ceilometer/api/app.py | 4 ---- tests/api/test_acl.py | 2 +- 4 files changed, 32 insertions(+), 15 deletions(-) diff --git a/bin/ceilometer-api b/bin/ceilometer-api index fadd9744fb..38692ecedb 100755 --- a/bin/ceilometer-api +++ b/bin/ceilometer-api @@ -20,14 +20,30 @@ """ import sys -from ceilometer.api.app import app +from ceilometer.api import acl +from ceilometer.api import app from ceilometer.openstack.common import cfg from ceilometer.openstack.common import log as logging if __name__ == '__main__': + # Register keystone middleware option before + # parsing the config file and command line + # inputs. + acl.register_opts(cfg.CONF) + + # Parse config file and command line options, + # then configure logging. cfg.CONF(sys.argv[1:]) logging.setup('ceilometer.api') + + root = app.app + + # Enable debug mode if cfg.CONF.verbose or cfg.CONF.debug: - app.debug = True - app.run(host='0.0.0.0', port=cfg.CONF.metering_api_port) + root.debug = True + + # Install the middleware wrapper + root = acl.install(root, cfg.CONF) + + root.run(host='0.0.0.0', port=cfg.CONF.metering_api_port) diff --git a/ceilometer/api/acl.py b/ceilometer/api/acl.py index 7756162a1f..b5c766bc33 100644 --- a/ceilometer/api/acl.py +++ b/ceilometer/api/acl.py @@ -18,22 +18,27 @@ """Set up the ACL to acces the API server.""" import flask -from ceilometer.openstack.common import cfg from ceilometer import policy import keystone.middleware.auth_token -# Register keystone middleware option -cfg.CONF.register_opts(keystone.middleware.auth_token.opts, - group='keystone_authtoken') -keystone.middleware.auth_token.CONF = cfg.CONF + +def register_opts(conf): + """Register keystone middleware options + """ + conf.register_opts(keystone.middleware.auth_token.opts, + group='keystone_authtoken', + ) + keystone.middleware.auth_token.CONF = conf -def install(app): +def install(app, conf): """Install ACL check on application.""" app.wsgi_app = keystone.middleware.auth_token.AuthProtocol(app.wsgi_app, - {}) + conf=conf, + ) app.before_request(check) + return app def check(): diff --git a/ceilometer/api/app.py b/ceilometer/api/app.py index 215113325e..c6d473e01d 100644 --- a/ceilometer/api/app.py +++ b/ceilometer/api/app.py @@ -24,7 +24,6 @@ from ceilometer.openstack.common import cfg from ceilometer.openstack.common import jsonutils from ceilometer import storage from ceilometer.api import v1 -from ceilometer.api import acl app = flask.Flask('ceilometer.api') @@ -45,6 +44,3 @@ def attach_config(): def attach_sources(): with open("sources.json", "r") as f: flask.request.sources = jsonutils.load(f) - - -acl.install(app) diff --git a/tests/api/test_acl.py b/tests/api/test_acl.py index cf7f58a24b..d2dbc3cb33 100644 --- a/tests/api/test_acl.py +++ b/tests/api/test_acl.py @@ -26,7 +26,7 @@ class TestAPIACL(tests_api.TestBase): def setUp(self): super(TestAPIACL, self).setUp() - acl.install(self.app) + acl.install(self.app, {}) def test_non_authenticated(self): with self.app.test_request_context('/'):