Skip to content

Commit

Permalink
1. Pass auth header in post_query request
Browse files Browse the repository at this point in the history 
    Fix for test_verify_object_logs
    Needed to pass auth header in post_query request
    Pass expect : 202 in query header to get qid

2. Script fix required after Secured Access for Analytic REST API- 8081 in R3.1(master):
   1. we need to pass inputs in VerificationOpsSrv now which can be used for authentication in class JsonDrv

(cherry picked from commit 55eb03b)

3. Change VerificationOpsSrv to use admin credentials for auth

After changing default aaa mode to cloud-admin-only for contrail-analytics-api
we need to change VerificationOpsSrv to use admin credentials when
getting auth token to send to contrail-analytics-api instead of
stack user credentials.

Partial-Bug: #1599654
(cherry picked from commit 1eb5678)

Change-Id: I9692c57add27b2bacc3d0c05d59690c3e2c82b7f
  • Loading branch information
@Ankitja
Ankitja authored and Megh Bhatt committed Aug 5, 2016
1 parent 5d15e3a commit 84a73d6
Show file tree
Hide file tree
Showing 4 changed files with 39 additions and 25 deletions.
5 changes: 3 additions & 2 deletions common/connections.py
View file
Expand Up @@ -39,7 +39,7 @@ def __init__(self, inputs=None, logger=None, project_name=None,
self.agent_inspect = custom_dict(self.get_vrouter_agent_inspect_handle,
'agent_inspect')
self.ops_inspects = custom_dict(self.get_opserver_inspect_handle,
'ops_inspect')
'ops_inspect:'+self.project_name+':'+self.username)
self.cn_inspect = custom_dict(self.get_control_node_inspect_handle,
'cn_inspect')
self.ds_inspect = custom_dict(self.get_discovery_service_inspect_handle,
Expand Down Expand Up @@ -156,7 +156,8 @@ def get_opserver_inspect_handle(self, host):
if ip not in self.ops_inspects:
self.ops_inspects[ip] = VerificationOpsSrv(ip,
port=self.inputs.analytics_api_port,
logger=self.logger)
logger=self.logger,
inputs=self.inputs)
return self.ops_inspects[ip]

def get_discovery_service_inspect_handle(self, host):
Expand Down
24 changes: 16 additions & 8 deletions tcutils/collector/opserver_introspect_utils.py
View file
Expand Up @@ -16,8 +16,9 @@

class VerificationOpsSrv (VerificationUtilBase):

def __init__(self, ip, port=8081, logger=LOG):
super(VerificationOpsSrv, self).__init__(ip, port, logger=logger)
def __init__(self, ip, port=8081, logger=LOG, inputs=None):
super(VerificationOpsSrv, self).__init__(ip, port, logger=logger, args=inputs,
use_admin_auth=True)


def get_ops_generator(self, generator=None,
Expand Down Expand Up @@ -290,6 +291,8 @@ def post_query(self, table, start_time=None, end_time=None,
where_clause='',
sort_fields=None, sort=None, limit=None, filter=None, dir=None):
res = None
self._drv._auth()
headers = self._drv._headers
try:
flows_url = OpServerUtils.opserver_query_url(
self._ip, str(self._port))
Expand All @@ -303,14 +306,19 @@ def post_query(self, table, start_time=None, end_time=None,
print json.dumps(query_dict)
res = []
resp = OpServerUtils.post_url_http(
flows_url, json.dumps(query_dict))
flows_url, json.dumps(query_dict), headers)
if resp is not None:
resp = json.loads(resp)
qid = resp['href'].rsplit('/', 1)[1]
result = OpServerUtils.get_query_result(
self._ip, str(self._port), qid)
for item in result:
res.append(item)
try:
qid = resp['href'].rsplit('/', 1)[1]
result = OpServerUtils.get_query_result(
self._ip, str(self._port), qid, headers)
for item in result:
res.append(item)
except Exception as e:
if 'value' in resp:
for item in resp['value']:
res.append(item)
except Exception as e:
print str(e)
finally:
Expand Down
21 changes: 12 additions & 9 deletions tcutils/collector/opserver_util.py
View file
Expand Up @@ -59,17 +59,20 @@ def get_start_end_time(start_time, end_time):
# end get_start_end_time

@staticmethod
def post_url_http(url, params):
def post_url_http(url, params, token):
DEFAULT_HEADERS = {'Content-type': 'application/json; charset="UTF-8"','Expect': '202-accepted'}
headers = DEFAULT_HEADERS.copy()
headers['X-AUTH-TOKEN'] = token['X-AUTH-TOKEN']
try:
print 'request version : %s'%(pkg_resources.get_distribution("requests").version[0])
if int(pkg_resources.get_distribution("requests").version[0]) >= 1:
response = requests.post(url, stream=True,
data=params,
headers=OpServerUtils.POST_HEADERS)
headers=headers)
else:
response = requests.post(url, prefetch=False,
data=params,
headers=OpServerUtils.POST_HEADERS)
headers=headers)
except requests.exceptions.ConnectionError, e:
print "Connection to %s failed" % url
return None
Expand All @@ -81,13 +84,13 @@ def post_url_http(url, params):
# end post_url_http

@staticmethod
def get_url_http(url):
def get_url_http(url, headers=None):
data = {}
try:
if int(pkg_resources.get_distribution("requests").version[0]) >= 1:
data = requests.get(url, stream=True)
data = requests.get(url, stream=True, headers=headers)
else:
data = requests.get(url, prefetch=False)
data = requests.get(url, prefetch=False, headers=headers)
except requests.exceptions.ConnectionError, e:
print "Connection to %s failed" % url

Expand Down Expand Up @@ -121,11 +124,11 @@ def parse_query_result(result):
# end parse_query_result

@staticmethod
def get_query_result(opserver_ip, opserver_port, qid):
def get_query_result(opserver_ip, opserver_port, qid, headers):
while True:
url = OpServerUtils.opserver_query_url(
opserver_ip, opserver_port) + '/' + qid
resp = OpServerUtils.get_url_http(url)
resp = OpServerUtils.get_url_http(url, headers=headers)
if resp.status_code != 200:
yield {}
return
Expand All @@ -137,7 +140,7 @@ def get_query_result(opserver_ip, opserver_port, qid):
for chunk in status['chunks']:
url = OpServerUtils.opserver_url(
opserver_ip, opserver_port) + chunk['href']
resp = OpServerUtils.get_url_http(url)
resp = OpServerUtils.get_url_http(url, headers=headers)
if resp.status_code != 200:
yield {}
else:
Expand Down
14 changes: 8 additions & 6 deletions tcutils/verification_util.py
View file
Expand Up @@ -14,11 +14,12 @@ class JsonDrv (object):
}
_DEFAULT_AUTHN_URL = "/v2.0/tokens"

def __init__(self, vub, logger=LOG, args=None):
def __init__(self, vub, logger=LOG, args=None, use_admin_auth=False):
self.log = logger
self._vub = vub
self._headers = None
self._args = args
self._use_admin_auth = use_admin_auth

def _auth(self):
if self._args:
Expand All @@ -33,8 +34,9 @@ def _auth(self):
verify = not insecure
self._authn_body = \
'{"auth":{"passwordCredentials":{"username": "%s", "password": "%s"}, "tenantName":"%s"}}' % (
self._args.stack_user, self._args.stack_password,
self._args.project_name)
self._args.admin_username if self._use_admin_auth else self._args.stack_user,
self._args.admin_password if self._use_admin_auth else self._args.stack_password,
self._args.admin_tenant if self._use_admin_auth else self._args.project_name)
response = requests.post(url, data=self._authn_body,
headers=self._DEFAULT_HEADERS,
verify=verify)
Expand Down Expand Up @@ -62,7 +64,7 @@ def load(self, url, retry=True):

class XmlDrv (object):

def __init__(self, vub, logger=LOG, args=None):
def __init__(self, vub, logger=LOG, args=None, use_admin_auth=False):
self.log = logger
self._vub = vub
if args:
Expand All @@ -80,11 +82,11 @@ def load(self, url):

class VerificationUtilBase (object):

def __init__(self, ip, port, drv=JsonDrv, logger=LOG, args=None):
def __init__(self, ip, port, drv=JsonDrv, logger=LOG, args=None, use_admin_auth=False):
self.log = logger
self._ip = ip
self._port = port
self._drv = drv(self, logger=logger, args=args)
self._drv = drv(self, logger=logger, args=args, use_admin_auth=use_admin_auth)
self._force_refresh = False

def get_force_refresh(self):
Expand Down

0 comments on commit 84a73d6

Please sign in to comment.