Update session header with JWT token and skip session create

Although we need to skip the request to /api/session/create with JWT based auth (original patch: https://review.opendev.org/c/x/vmware-nsxlib/+/774025/), we should update the session headers with the JWT token. Change-Id: I87a338f99c195e163d3618c123760c13252317ab
2021-03-08 12:30:51 -08:00 · 2021-03-08 12:30:51 -08:00 · 4741b2edd8
commit 4741b2edd8
parent ce1d1e2424
1 changed files with 13 additions and 4 deletions
--- a/vmware_nsxlib/v3/cluster.py
+++ b/vmware_nsxlib/v3/cluster.py
@ -256,10 +256,19 @@ class NSXRequestsHTTPProvider(AbstractHTTPProvider):
                       'Content-Type': 'application/x-www-form-urlencoded'}
        # Insert the JWT in Auth header if using tokens for auth
        if token_provider:
-            # Don't call /api/session/create when using
-            # JWT Token Based Principal Identity auth scheme
-            LOG.debug("Skipping session create with JWT based auth")
-            return
+            try:
+                token_value = token_provider.get_token()
+                bearer_token = token_provider.get_header_value(token_value)
+                token_header = {"Authorization": bearer_token}
+                session.default_headers.update(token_header)
+                # Don't call /api/session/create when using
+                # JWT Token Based Principal Identity auth scheme
+                LOG.debug("Skipping session create with JWT based auth")
+                return
+            except exceptions.BadJSONWebTokenProviderRequest as e:
+                LOG.error("Session create failed for endpoint %s due to "
+                          "error in retrieving JSON Web Token: %s",
+                          provider.url, e)
        else:
            # With client certificate authentication, username and password
            # may not be provided.