Source code for monasca_log_api.healthcheck.keystone_protocol
# Copyright 2016 FUJITSU LIMITED
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from keystonemiddleware import auth_token
from oslo_log import log
LOG = log.getLogger(__name__)
_SKIP_PATH = '/version', '/healthcheck'
"""Tuple of non-application endpoints"""
[docs]class SkippingAuthProtocol(auth_token.AuthProtocol):
"""SkippingAuthProtocol to reach healthcheck endpoint
Because healthcheck endpoints exists as endpoint, it
is hidden behind keystone filter thus a request
needs to authenticated before it is reached.
Note:
SkippingAuthProtocol is lean customization
of :py:class:`keystonemiddleware.auth_token.AuthProtocol`
that disables keystone communication if request
is meant to reach healthcheck
"""
[docs] def process_request(self, request):
path = request.path
for p in _SKIP_PATH:
if path.startswith(p):
LOG.debug(
('Request path is %s and it does not require keystone '
'communication'), path)
return None # return NONE to reach actual logic
return super(SkippingAuthProtocol, self).process_request(request)
[docs]def filter_factory(global_conf, **local_conf): # pragma: no cover
"""Return factory function for :py:class:`.SkippingAuthProtocol`
:param global_conf: global configuration
:param local_conf: local configuration
:return: factory function
:rtype: function
"""
conf = global_conf.copy()
conf.update(local_conf)
def auth_filter(app):
return SkippingAuthProtocol(app, conf)
return auth_filter