migrate moon code from github to opnfv

Change-Id: Ice53e368fd1114d56a75271aa9f2e598e3eba604
Signed-off-by: WuKong <rebirthmonkey@gmail.com>

4 files changed, 129 insertions, 0 deletions

diff --git a/keystone-moon/keystone/contrib/simple_cert/__init__.py b/keystone-moon/keystone/contrib/simple_cert/__init__.py
new file mode 100644
index 00000000..b213192e
--- /dev/null
+++ b/keystone-moon/keystone/contrib/simple_cert/__init__.py
@@ -0,0 +1,14 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from keystone.contrib.simple_cert.core import *  # noqa
+from keystone.contrib.simple_cert.routers import SimpleCertExtension  # noqa
diff --git a/keystone-moon/keystone/contrib/simple_cert/controllers.py b/keystone-moon/keystone/contrib/simple_cert/controllers.py
new file mode 100644
index 00000000..d34c03a6
--- /dev/null
+++ b/keystone-moon/keystone/contrib/simple_cert/controllers.py
@@ -0,0 +1,42 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from oslo_config import cfg
+import webob
+
+from keystone.common import controller
+from keystone.common import dependency
+from keystone import exception
+
+CONF = cfg.CONF
+
+
+@dependency.requires('token_provider_api')
+class SimpleCert(controller.V3Controller):
+
+    def _get_certificate(self, name):
+        try:
+            with open(name, 'r') as f:
+                body = f.read()
+        except IOError:
+            raise exception.CertificateFilesUnavailable()
+
+        # NOTE(jamielennox): We construct the webob Response ourselves here so
+        # that we don't pass through the JSON encoding process.
+        headers = [('Content-Type', 'application/x-pem-file')]
+        return webob.Response(body=body, headerlist=headers, status="200 OK")
+
+    def get_ca_certificate(self, context):
+        return self._get_certificate(CONF.signing.ca_certs)
+
+    def list_certificates(self, context):
+        return self._get_certificate(CONF.signing.certfile)
diff --git a/keystone-moon/keystone/contrib/simple_cert/core.py b/keystone-moon/keystone/contrib/simple_cert/core.py
new file mode 100644
index 00000000..531c6aae
--- /dev/null
+++ b/keystone-moon/keystone/contrib/simple_cert/core.py
@@ -0,0 +1,32 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from keystone.common import extension
+
+EXTENSION_DATA = {
+    'name': 'OpenStack Simple Certificate API',
+    'namespace': 'http://docs.openstack.org/identity/api/ext/'
+                 'OS-SIMPLE-CERT/v1.0',
+    'alias': 'OS-SIMPLE-CERT',
+    'updated': '2014-01-20T12:00:0-00:00',
+    'description': 'OpenStack simple certificate retrieval extension',
+    'links': [
+        {
+            'rel': 'describedby',
+            # TODO(dolph): link needs to be revised after
+            #              bug 928059 merges
+            'type': 'text/html',
+            'href': 'https://github.com/openstack/identity-api',
+        }
+    ]}
+extension.register_admin_extension(EXTENSION_DATA['alias'], EXTENSION_DATA)
+extension.register_public_extension(EXTENSION_DATA['alias'], EXTENSION_DATA)
diff --git a/keystone-moon/keystone/contrib/simple_cert/routers.py b/keystone-moon/keystone/contrib/simple_cert/routers.py
new file mode 100644
index 00000000..8c36c2a4
--- /dev/null
+++ b/keystone-moon/keystone/contrib/simple_cert/routers.py
@@ -0,0 +1,41 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import functools
+
+from keystone.common import json_home
+from keystone.common import wsgi
+from keystone.contrib.simple_cert import controllers
+
+
+build_resource_relation = functools.partial(
+    json_home.build_v3_extension_resource_relation,
+    extension_name='OS-SIMPLE-CERT', extension_version='1.0')
+
+
+class SimpleCertExtension(wsgi.V3ExtensionRouter):
+
+    PREFIX = 'OS-SIMPLE-CERT'
+
+    def add_routes(self, mapper):
+        controller = controllers.SimpleCert()
+
+        self._add_resource(
+            mapper, controller,
+            path='/%s/ca' % self.PREFIX,
+            get_action='get_ca_certificate',
+            rel=build_resource_relation(resource_name='ca_certificate'))
+        self._add_resource(
+            mapper, controller,
+            path='/%s/certificates' % self.PREFIX,
+            get_action='list_certificates',
+            rel=build_resource_relation(resource_name='certificates'))