diff options
author | asteroide <thomas.duval@orange.com> | 2015-09-24 16:27:16 +0200 |
---|---|---|
committer | asteroide <thomas.duval@orange.com> | 2015-09-24 16:27:16 +0200 |
commit | 92d11d139e9f76d4fd76859aea78643fc32ef36b (patch) | |
tree | bd5a2e7b50853498074ab55bdaee4452c460010b /keystone-moon/keystone/auth | |
parent | 49325d99acfadaadfad99c596c4ada6b5ec849de (diff) |
Update Keystone code from repository.
Change-Id: Ib3d0a06b10902fcc6d520f58e85aa617bc326d00
Diffstat (limited to 'keystone-moon/keystone/auth')
-rw-r--r-- | keystone-moon/keystone/auth/controllers.py | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/keystone-moon/keystone/auth/controllers.py b/keystone-moon/keystone/auth/controllers.py index 04124696..133230d6 100644 --- a/keystone-moon/keystone/auth/controllers.py +++ b/keystone-moon/keystone/auth/controllers.py @@ -129,9 +129,9 @@ class AuthInfo(object): """Encapsulation of "auth" request.""" @staticmethod - def create(context, auth=None): + def create(context, auth=None, scope_only=False): auth_info = AuthInfo(context, auth=auth) - auth_info._validate_and_normalize_auth_data() + auth_info._validate_and_normalize_auth_data(scope_only) return auth_info def __init__(self, context, auth=None): @@ -272,14 +272,25 @@ class AuthInfo(object): if method_name not in AUTH_METHODS: raise exception.AuthMethodNotSupported() - def _validate_and_normalize_auth_data(self): - """Make sure "auth" is valid.""" + def _validate_and_normalize_auth_data(self, scope_only=False): + """Make sure "auth" is valid. + + :param scope_only: If it is True, auth methods will not be + validated but only the scope data. + :type scope_only: boolean + """ # make sure "auth" exist if not self.auth: raise exception.ValidationError(attribute='auth', target='request body') - self._validate_auth_methods() + # NOTE(chioleong): Tokenless auth does not provide auth methods, + # we only care about using this method to validate the scope + # information. Therefore, validating the auth methods here is + # insignificant and we can skip it when scope_only is set to + # true. + if scope_only is False: + self._validate_auth_methods() self._validate_and_normalize_scope_data() def get_method_names(self): |