summaryrefslogtreecommitdiffstats
path: root/keystone-moon/keystone/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/keystone/contrib')
-rw-r--r--keystone-moon/keystone/contrib/moon/core.py106
-rw-r--r--keystone-moon/keystone/contrib/moon/routers.py816
-rw-r--r--keystone-moon/keystone/contrib/moon/service.py57
-rw-r--r--keystone-moon/keystone/contrib/moon/wsgi.py8
4 files changed, 526 insertions, 461 deletions
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py
index 8e19ff81..ddc88fb8 100644
--- a/keystone-moon/keystone/contrib/moon/core.py
+++ b/keystone-moon/keystone/contrib/moon/core.py
@@ -27,20 +27,35 @@ from keystone.contrib.moon.algorithms import *
CONF = cfg.CONF
LOG = log.getLogger(__name__)
-EXTENSION_DATA = {
- 'name': 'OpenStack Moon APIs',
- 'namespace': 'http://docs.openstack.org/identity/api/ext/'
- 'OS-MOON',
- 'alias': 'OS-MOON',
- 'updated': '2015-09-02T12:00:0-00:00',
- 'description': 'OpenStack Authorization Providers Mechanism.',
- 'links': [{
- 'rel': 'describedby',
- 'type': 'text/html',
- 'href': 'https://git.opnfv.org/moon.git'
- }]}
-extension.register_admin_extension(EXTENSION_DATA['alias'], EXTENSION_DATA)
-extension.register_public_extension(EXTENSION_DATA['alias'], EXTENSION_DATA)
+OPTS = [
+ cfg.StrOpt('configuration_driver',
+ default='keystone.contrib.moon.backends.memory.ConfigurationConnector',
+ help='Configuration backend driver.'),
+ cfg.StrOpt('tenant_driver',
+ default='keystone.contrib.moon.backends.sql.TenantConnector',
+ help='Tenant backend driver.'),
+ cfg.StrOpt('authz_driver',
+ default='keystone.contrib.moon.backends.flat.SuperExtensionConnector',
+ help='Authorisation backend driver.'),
+ cfg.StrOpt('intraextension_driver',
+ default='keystone.contrib.moon.backends.sql.IntraExtensionConnector',
+ help='IntraExtension backend driver.'),
+ cfg.StrOpt('interextension_driver',
+ default='keystone.contrib.moon.backends.sql.InterExtensionConnector',
+ help='InterExtension backend driver.'),
+ cfg.StrOpt('log_driver',
+ default='keystone.contrib.moon.backends.flat.LogConnector',
+ help='Logs backend driver.'),
+ cfg.StrOpt('policy_directory',
+ default='/etc/keystone/policies',
+ help='Local directory where all policies are stored.'),
+ cfg.StrOpt('root_policy_directory',
+ default='policy_root',
+ help='Local directory where Root IntraExtension configuration is stored.'),
+]
+
+for option in OPTS:
+ CONF.register_opt(option, group="moon")
def filter_input(func_or_str):
@@ -150,7 +165,7 @@ def enforce(action_names, object_name, **extra):
else:
# id is not a known tenant ID, so we must check against the Root intra_extension
intra_extension_id = intra_root_extension_id
- LOG.warning("Cannot emanager because the intra-extension is unknown (fallback to the root intraextension)")
+ LOG.warning("Cannot manage because the intra-extension is unknown (fallback to the root intraextension)")
for _tenant_id in tenants_dict:
if tenants_dict[_tenant_id]['intra_authz_extension_id'] == intra_extension_id or \
tenants_dict[_tenant_id]['intra_admin_extension_id'] == intra_extension_id:
@@ -369,18 +384,6 @@ class TenantManager(manager.Manager):
self.moonlog_api.debug("add_tenant_dict {}".format(tenant_dict))
if 'intra_admin_extension_id' in tenant_dict and tenant_dict['intra_admin_extension_id']:
if 'intra_authz_extension_id' in tenant_dict and tenant_dict['intra_authz_extension_id']:
- # authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'])
- # admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'])
- # for _subject_id in authz_subjects_dict:
- # if _subject_id not in admin_subjects_dict:
- # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id])
- # for _subject_id in admin_subjects_dict:
- # if _subject_id not in authz_subjects_dict:
- # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id])
-
- # TODO (ateroide): check whether we can replace the below code by the above one
- # NOTE (ateroide): at a first glance: no, subject_id changes depending on which intra_extesion is used
- # we must use name which is constant.
authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.root_admin_id, tenant_dict['intra_authz_extension_id'])
authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict]
admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.root_admin_id, tenant_dict['intra_admin_extension_id'])
@@ -440,10 +443,8 @@ class IntraExtensionManager(manager.Manager):
def __init__(self):
super(IntraExtensionManager, self).__init__(CONF.moon.intraextension_driver)
- # self.root_admin_id = self.__compute_admin_id_for_root_extension()
self._root_admin_id = None
self._root_extension_id = None
- # self.__init_aggregation_algorithm()
def __init_root(self, root_extension_id=None):
LOG.debug("__init_root {}".format(root_extension_id))
@@ -490,12 +491,6 @@ class IntraExtensionManager(manager.Manager):
LOG.debug("self.driver.get_intra_extensions_dict()={}".format(self.driver.get_intra_extensions_dict()))
return {self.root_extension_id: self.driver.get_intra_extensions_dict()[self.root_extension_id]}
- # def __compute_admin_id_for_root_extension(self):
- # for subject_id, subject_dict in self.driver.get_subjects_dict(self.root_extension_id).iteritems():
- # if subject_dict["name"] == "admin":
- # return subject_id
- # raise RootExtensionNotInitialized()
-
def get_root_extension_id(self):
extensions = self.driver.get_intra_extensions_dict()
for extension_id, extension_dict in extensions.iteritems():
@@ -507,15 +502,6 @@ class IntraExtensionManager(manager.Manager):
raise IntraExtensionCreationError("The root extension is not created.")
return extension['id']
- # def __init_aggregation_algorithm(self):
- # try:
- # self._root_extension_id = self.get_root_extension_id()
- # self.aggregation_algorithm_dict = self.configuration_api.get_aggregation_algorithms_dict(self.root_extension_id)
- # except AttributeError as e:
- # LOG.warning("Error on init_aggregation_algorithm ({})".format(e))
- # self._root_extension_id = None
- # self.aggregation_algorithm_dict = {}
-
def __get_authz_buffer(self, intra_extension_id, subject_id, object_id, action_id):
"""
:param intra_extension_id:
@@ -602,8 +588,6 @@ class IntraExtensionManager(manager.Manager):
meta_rule_dict[sub_meta_rule_id],
self.driver.get_rules_dict(intra_extension_id, sub_meta_rule_id).values())
- # if not self.root_extension_id:
- # self.__init_aggregation_algorithm()
aggregation_algorithm_id = self.driver.get_aggregation_algorithm_id(intra_extension_id)['aggregation_algorithm']
if self.aggregation_algorithm_dict[aggregation_algorithm_id]['name'] == 'all_true':
decision = all_true(decision_buffer)
@@ -637,32 +621,15 @@ class IntraExtensionManager(manager.Manager):
f = open(metadata_path)
json_perimeter = json.load(f)
- # subject_categories_dict = dict()
for _cat in json_perimeter['subject_categories']:
self.driver.set_subject_category_dict(intra_extension_dict["id"], uuid4().hex,
{"name": _cat, "description": _cat})
- # Initialize scope categories
- # for _cat in subject_categories_dict.keys():
- # self.driver.set_subject_scope_dict(intra_extension_dict["id"], _cat, {})
- # intra_extension_dict['subject_categories'] = subject_categories_dict
-
- # object_categories_dict = dict()
for _cat in json_perimeter['object_categories']:
self.driver.set_object_category_dict(intra_extension_dict["id"], uuid4().hex,
{"name": _cat, "description": _cat})
- # Initialize scope categories
- # for _cat in object_categories_dict.keys():
- # self.driver.set_object_scope_dict(intra_extension_dict["id"], _cat, {})
- # intra_extension_dict['object_categories'] = object_categories_dict
-
- # action_categories_dict = dict()
for _cat in json_perimeter['action_categories']:
self.driver.set_action_category_dict(intra_extension_dict["id"], uuid4().hex,
{"name": _cat, "description": _cat})
- # Initialize scope categories
- # for _cat in action_categories_dict.keys():
- # self.driver.set_action_scope_dict(intra_extension_dict["id"], _cat, {})
- # intra_extension_dict['action_categories'] = action_categories_dict
def __load_perimeter_file(self, intra_extension_dict, policy_dir):
@@ -805,7 +772,6 @@ class IntraExtensionManager(manager.Manager):
metadata_path = os.path.join(policy_dir, 'metarule.json')
f = open(metadata_path)
json_metarule = json.load(f)
- # ie["meta_rules"] = copy.deepcopy(json_metarule)
metarule = dict()
categories = {
"subject_categories": self.driver.SUBJECT_CATEGORY,
@@ -847,13 +813,10 @@ class IntraExtensionManager(manager.Manager):
sub_rule_id = self.driver.get_uuid_from_name(intra_extension_dict["id"],
sub_rule_name,
self.driver.SUB_META_RULE)
- # if sub_rule_name not in self.get_sub_meta_rule_relations("admin", ie["id"])["sub_meta_rule_relations"]:
- # raise IntraExtensionException("Bad sub_rule_name name {} in rules".format(sub_rule_name))
rules[sub_rule_id] = list()
for rule in json_rules[sub_rule_name]:
subrule = list()
_rule = list(rule)
- # sub_rule_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], sub_rule_name, self.driver.SUB_META_RULE)
for category_uuid in sub_meta_rules[sub_rule_id]["subject_categories"]:
scope_name = _rule.pop(0)
scope_uuid = self.driver.get_uuid_from_name(intra_extension_dict["id"],
@@ -881,7 +844,6 @@ class IntraExtensionManager(manager.Manager):
else:
# if value doesn't exist add a default value
subrule.append(True)
- # rules[sub_rule_id].append(subrule)
self.driver.set_rule_dict(intra_extension_dict["id"], sub_rule_id, uuid4().hex, subrule)
@enforce(("read", "write"), "intra_extensions")
@@ -914,11 +876,6 @@ class IntraExtensionManager(manager.Manager):
# Note (asteroide): Only one root Extension is authorized
# and this extension is created at the very beginning of the server
# so we don't need to use enforce here
- # if self.get_root_extension_id():
- # # for ext in self.driver.get_intra_extensions_dict():
- # # Note (asteroide): if there is at least one Intra Extension, it implies that
- # # the Root Intra Extension had already been created...
- # return
extensions = self.driver.get_intra_extensions_dict()
for extension_id, extension_dict in extensions.iteritems():
if extension_dict["name"] == CONF.moon.root_policy_directory:
@@ -930,10 +887,7 @@ class IntraExtensionManager(manager.Manager):
ie_dict["genre"] = "admin"
ie_dict["description"] = "policy_root"
ref = self.driver.set_intra_extension_dict(ie_dict['id'], ie_dict)
- # try:
self.moonlog_api.debug("Creation of root IE: {}".format(ref))
- # except AttributeError:
- # LOG.debug("Creation of root IE: {}".format(ref))
# read the template given by "model" and populate default variables
template_dir = os.path.join(CONF.moon.policy_directory, ie_dict["model"])
diff --git a/keystone-moon/keystone/contrib/moon/routers.py b/keystone-moon/keystone/contrib/moon/routers.py
index fd1c0adf..fd821a49 100644
--- a/keystone-moon/keystone/contrib/moon/routers.py
+++ b/keystone-moon/keystone/contrib/moon/routers.py
@@ -12,11 +12,14 @@ from oslo_log import log
LOG = log.getLogger(__name__)
-class Routers(wsgi.V3ExtensionRouter):
+class Routers(wsgi.ComposableRouter):
"""API Endpoints for the Moon extension.
"""
- PATH_PREFIX = '/OS-MOON'
+ PATH_PREFIX = ''
+
+ def __init__(self, description):
+ self.description = description
@staticmethod
def _get_rel(component):
@@ -34,419 +37,462 @@ class Routers(wsgi.V3ExtensionRouter):
tenants_controller = controllers.Tenants()
logs_controller = controllers.Logs()
inter_ext_controller = controllers.InterExtensions()
+
# Configuration route
- self._add_resource(
- mapper, configuration_controller,
- path=self.PATH_PREFIX+'/configuration/templates',
- get_action='get_policy_templates',
- rel=self._get_rel('templates'),
- path_vars={})
- self._add_resource(
- mapper, configuration_controller,
- path=self.PATH_PREFIX+'/configuration/aggregation_algorithms',
- get_action='get_aggregation_algorithms',
- rel=self._get_rel('aggregation_algorithms'),
- path_vars={})
- self._add_resource(
- mapper, configuration_controller,
- path=self.PATH_PREFIX+'/configuration/sub_meta_rule_algorithms',
- get_action='get_sub_meta_rule_algorithms',
- rel=self._get_rel('sub_meta_rule_algorithms'),
- path_vars={})
+ mapper.connect(
+ self.PATH_PREFIX+'/configuration/templates',
+ controller=configuration_controller,
+ action='get_policy_templates',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/configuration/aggregation_algorithms',
+ controller=configuration_controller,
+ action='get_aggregation_algorithms',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/configuration/sub_meta_rule_algorithms',
+ controller=configuration_controller,
+ action='get_sub_meta_rule_algorithms',
+ conditions=dict(method=['GET']))
# Tenants route
- self._add_resource(
- mapper, tenants_controller,
- path=self.PATH_PREFIX+'/tenants',
- get_action='get_tenants',
- post_action='add_tenant',
- rel=self._get_rel('tenants'),
- path_vars={})
- self._add_resource(
- mapper, tenants_controller,
- path=self.PATH_PREFIX+'/tenants/{tenant_id}',
- get_action='get_tenant',
- delete_action='del_tenant',
- post_action='set_tenant',
- rel=self._get_rel('tenants'),
- path_vars={
- 'tenant_id': self._get_path('tenants'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants',
+ controller=tenants_controller,
+ action='get_tenants',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants',
+ controller=tenants_controller,
+ action='add_tenant',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants/{tenant_id}',
+ controller=tenants_controller,
+ action='get_tenant',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants/{tenant_id}',
+ controller=tenants_controller,
+ action='del_tenant',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants/{tenant_id}',
+ controller=tenants_controller,
+ action='set_tenant',
+ conditions=dict(method=['POST']))
# Authz route
- self._add_resource(
- mapper, authz_controller,
- path=self.PATH_PREFIX+'/authz/{tenant_id}/{subject_k_id}/{object_name}/{action_name}',
- get_action='get_authz',
- rel=self._get_rel('authz'),
- path_vars={
- 'tenant_id': self._get_path('tenants'),
- 'subject_k_id': self._get_path('subjects'),
- 'object_name': self._get_path('objects'),
- 'action_name': self._get_path('actions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/authz/{tenant_id}/{subject_k_id}/{object_name}/{action_name}',
+ controller=authz_controller,
+ action='get_authz',
+ conditions=dict(method=['GET']))
# IntraExtensions/Admin route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/init',
- get_action='load_root_intra_extension',
- rel=self._get_rel('intra_extensions'),
- path_vars={})
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions',
- get_action='get_intra_extensions',
- post_action='add_intra_extension',
- rel=self._get_rel('intra_extensions'),
- path_vars={})
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}',
- get_action='get_intra_extension',
- delete_action='del_intra_extension',
- post_action='set_intra_extension',
- rel=self._get_rel('intra_extensions'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/init',
+ controller=intra_ext_controller,
+ action='load_root_intra_extension',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions',
+ controller=intra_ext_controller,
+ action='get_intra_extensions',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions',
+ controller=intra_ext_controller,
+ action='add_intra_extension',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}',
+ controller=intra_ext_controller,
+ action='get_intra_extension',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}',
+ controller=intra_ext_controller,
+ action='set_intra_extension',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}',
+ controller=intra_ext_controller,
+ action='del_intra_extension',
+ conditions=dict(method=['DELETE']))
# Metadata route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories',
- get_action='get_subject_categories',
- post_action='add_subject_category',
- rel=self._get_rel('subject_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}',
- get_action='get_subject_category',
- delete_action='del_subject_category',
- post_action='set_subject_category',
- rel=self._get_rel('subject_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories',
- get_action='get_object_categories',
- post_action='add_object_category',
- rel=self._get_rel('object_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}',
- get_action='get_object_category',
- delete_action='del_object_category',
- post_action='set_object_category',
- rel=self._get_rel('object_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories',
- get_action='get_action_categories',
- post_action='add_action_category',
- rel=self._get_rel('action_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}',
- get_action='get_action_category',
- delete_action='del_action_category',
- post_action='set_action_category',
- rel=self._get_rel('action_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories',
+ controller=intra_ext_controller,
+ action='get_subject_categories',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories',
+ controller=intra_ext_controller,
+ action='add_subject_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='get_subject_category',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='del_subject_category',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='set_subject_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories',
+ controller=intra_ext_controller,
+ action='get_object_categories',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories',
+ controller=intra_ext_controller,
+ action='add_object_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}',
+ controller=intra_ext_controller,
+ action='get_object_category',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}',
+ controller=intra_ext_controller,
+ action='del_object_category',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}',
+ controller=intra_ext_controller,
+ action='set_object_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories',
+ controller=intra_ext_controller,
+ action='get_action_categories',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories',
+ controller=intra_ext_controller,
+ action='add_action_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}',
+ controller=intra_ext_controller,
+ action='get_action_category',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}',
+ controller=intra_ext_controller,
+ action='del_action_category',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}',
+ controller=intra_ext_controller,
+ action='set_action_category',
+ conditions=dict(method=['POST']))
# Perimeter route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects',
- get_action='get_subjects',
- post_action='add_subject',
- rel=self._get_rel('subjects'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}',
- get_action='get_subject',
- delete_action='del_subject',
- post_action='set_subject',
- rel=self._get_rel('subjects'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects',
- get_action='get_objects',
- post_action='add_object',
- rel=self._get_rel('subjects'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}',
- get_action='get_object',
- delete_action='del_object',
- post_action='set_object',
- rel=self._get_rel('objects'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions',
- get_action='get_actions',
- post_action='add_action',
- rel=self._get_rel('actions'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}',
- get_action='get_action',
- delete_action='del_action',
- post_action='set_action',
- rel=self._get_rel('actions'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects',
+ controller=intra_ext_controller,
+ action='get_subjects',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects',
+ controller=intra_ext_controller,
+ action='add_subject',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}',
+ controller=intra_ext_controller,
+ action='get_subject',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}',
+ controller=intra_ext_controller,
+ action='del_subject',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}',
+ controller=intra_ext_controller,
+ action='set_subject',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects',
+ controller=intra_ext_controller,
+ action='get_objects',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects',
+ controller=intra_ext_controller,
+ action='add_object',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}',
+ controller=intra_ext_controller,
+ action='get_object',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}',
+ controller=intra_ext_controller,
+ action='del_object',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}',
+ controller=intra_ext_controller,
+ action='set_object',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions',
+ controller=intra_ext_controller,
+ action='get_actions',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions',
+ controller=intra_ext_controller,
+ action='add_action',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}',
+ controller=intra_ext_controller,
+ action='get_action',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}',
+ controller=intra_ext_controller,
+ action='del_action',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}',
+ controller=intra_ext_controller,
+ action='set_action',
+ conditions=dict(method=['POST']))
# Scope route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}',
- get_action='get_subject_scopes',
- post_action='add_subject_scope',
- rel=self._get_rel('subject_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}',
- get_action='get_subject_scope',
- delete_action='del_subject_scope',
- post_action='set_subject_scope',
- rel=self._get_rel('subject_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}',
- get_action='get_object_scopes',
- post_action='add_object_scope',
- rel=self._get_rel('object_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}',
- get_action='get_object_scope',
- delete_action='del_object_scope',
- post_action='set_object_scope',
- rel=self._get_rel('object_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}',
- get_action='get_action_scopes',
- post_action='add_action_scope',
- rel=self._get_rel('action_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}',
- get_action='get_action_scope',
- delete_action='del_action_scope',
- post_action='set_action_scope',
- rel=self._get_rel('action_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='get_subject_scopes',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='add_subject_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}',
+ controller=intra_ext_controller,
+ action='get_subject_scope',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}',
+ controller=intra_ext_controller,
+ action='del_subject_scope',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}',
+ controller=intra_ext_controller,
+ action='set_subject_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}',
+ controller=intra_ext_controller,
+ action='get_object_scopes',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}',
+ controller=intra_ext_controller,
+ action='add_object_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}',
+ controller=intra_ext_controller,
+ action='get_object_scope',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}',
+ controller=intra_ext_controller,
+ action='del_object_scope',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}',
+ controller=intra_ext_controller,
+ action='set_object_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}',
+ controller=intra_ext_controller,
+ action='get_action_scopes',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}',
+ controller=intra_ext_controller,
+ action='add_action_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}',
+ controller=intra_ext_controller,
+ action='get_action_scope',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}',
+ controller=intra_ext_controller,
+ action='del_action_scope',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}',
+ controller=intra_ext_controller,
+ action='set_action_scope',
+ conditions=dict(method=['POST']))
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_assignments',
- post_action='add_subject_assignment',
- rel=self._get_rel('subject_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_assignments',
+ controller=intra_ext_controller,
+ action='add_subject_assignment',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'subject_assignments/{subject_id}/{subject_category_id}',
- get_action='get_subject_assignment',
- rel=self._get_rel('subject_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='get_subject_assignment',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'subject_assignments/{subject_id}/{subject_category_id}/{subject_scope_id}',
- delete_action='del_subject_assignment',
- rel=self._get_rel('subject_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_assignments',
- post_action='add_object_assignment',
- rel=self._get_rel('object_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='del_subject_assignment',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_assignments',
+ controller=intra_ext_controller,
+ action='add_object_assignment',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'object_assignments/{object_id}/{object_category_id}',
- get_action='get_object_assignment',
- rel=self._get_rel('object_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='get_object_assignment',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'object_assignments/{object_id}/{object_category_id}/{object_scope_id}',
- delete_action='del_object_assignment',
- rel=self._get_rel('object_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_assignments',
- post_action='add_action_assignment',
- rel=self._get_rel('action_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='del_object_assignment',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_assignments',
+ controller=intra_ext_controller,
+ action='add_action_assignment',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'action_assignments/{action_id}/{action_category_id}',
- get_action='get_action_assignment',
- rel=self._get_rel('action_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='get_action_assignment',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'action_assignments/{action_id}/{action_category_id}/{action_scope_id}',
- delete_action='del_action_assignment',
- rel=self._get_rel('action_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ controller=intra_ext_controller,
+ action='del_action_assignment',
+ conditions=dict(method=['DELETE']))
# Metarule route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm',
- post_action='set_aggregation_algorithm',
- get_action='get_aggregation_algorithm',
- rel=self._get_rel('aggregation_algorithms'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules',
- get_action='get_sub_meta_rules',
- post_action='add_sub_meta_rule',
- rel=self._get_rel('sub_meta_rules'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}',
- get_action='get_sub_meta_rule',
- delete_action='del_sub_meta_rule',
- post_action='set_sub_meta_rule',
- rel=self._get_rel('sub_meta_rules'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm',
+ controller=intra_ext_controller,
+ action='get_aggregation_algorithm',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm',
+ controller=intra_ext_controller,
+ action='set_aggregation_algorithm',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules',
+ controller=intra_ext_controller,
+ action='get_sub_meta_rules',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules',
+ controller=intra_ext_controller,
+ action='add_sub_meta_rule',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='get_sub_meta_rule',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='del_sub_meta_rule',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='set_sub_meta_rule',
+ conditions=dict(method=['POST']))
# Rules route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}',
- get_action='get_rules',
- post_action='add_rule',
- rel=self._get_rel('rules'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}',
- get_action='get_rule',
- delete_action='del_rule',
- post_action='set_rule',
- rel=self._get_rel('rules'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='get_rules',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='add_rule',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}',
+ controller=intra_ext_controller,
+ action='get_rule',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}',
+ controller=intra_ext_controller,
+ action='del_rule',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}',
+ controller=intra_ext_controller,
+ action='set_rule',
+ conditions=dict(method=['POST']))
# Logs route
- self._add_resource(
- mapper, logs_controller,
- path=self.PATH_PREFIX+'/logs',
- get_action='get_logs',
- rel=self._get_rel('logs'),
- path_vars={
- })
- self._add_resource(
- mapper, logs_controller,
- path=self.PATH_PREFIX+'/logs/{options}',
- get_action='get_logs',
- rel=self._get_rel('logs'),
- path_vars={
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/logs',
+ controller=logs_controller,
+ action='get_logs',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/logs/{options}',
+ controller=logs_controller,
+ action='get_logs',
+ conditions=dict(method=['GET']))
# InterExtensions route
- # self._add_resource(
- # mapper, inter_ext_controller,
- # path=self.PATH_PREFIX+'/inter_extensions',
- # get_action='get_inter_extensions',
- # post_action='create_inter_extension',
+ # mapper.connect(
+ # controller=inter_ext_controller,
+ # self.PATH_PREFIX+'/inter_extensions',
+ # action='get_inter_extensions',
+ # action='create_inter_extension',
# rel=self._get_rel('inter_extensions'),
# path_vars={})
- # self._add_resource(
- # mapper, inter_ext_controller,
- # path=self.PATH_PREFIX+'/inter_extensions/{inter_extension_id}',
- # get_action='get_inter_extension',
- # delete_action='delete_inter_extension',
+ # mapper.connect(
+ # controller=inter_ext_controller,
+ # self.PATH_PREFIX+'/inter_extensions/{inter_extension_id}',
+ # action='get_inter_extension',
+ # action='delete_inter_extension',
# rel=self._get_rel('inter_extensions'),
# path_vars={
# 'inter_extension_id': self._get_path('inter_extensions'),
diff --git a/keystone-moon/keystone/contrib/moon/service.py b/keystone-moon/keystone/contrib/moon/service.py
new file mode 100644
index 00000000..cd68e98a
--- /dev/null
+++ b/keystone-moon/keystone/contrib/moon/service.py
@@ -0,0 +1,57 @@
+import functools
+import sys
+
+from oslo_config import cfg
+from oslo_log import log
+from paste import deploy
+import routes
+from keystone.contrib.moon.routers import Routers
+
+from keystone import assignment
+from keystone import auth
+from keystone import catalog
+from keystone.common import wsgi
+from keystone import controllers
+from keystone import credential
+from keystone import endpoint_policy
+from keystone import identity
+from keystone import policy
+from keystone import resource
+from keystone import routers
+from keystone import token
+from keystone import trust
+
+
+CONF = cfg.CONF
+LOG = log.getLogger(__name__)
+
+
+# def loadapp(conf, name):
+# # NOTE(blk-u): Save the application being loaded in the controllers module.
+# # This is similar to how public_app_factory() and v3_app_factory()
+# # register the version with the controllers module.
+# controllers.latest_app = deploy.loadapp(conf, name=name)
+# return controllers.latest_app
+
+
+def fail_gracefully(f):
+ """Logs exceptions and aborts."""
+ @functools.wraps(f)
+ def wrapper(*args, **kw):
+ try:
+ return f(*args, **kw)
+ except Exception as e:
+ LOG.debug(e, exc_info=True)
+
+ # exception message is printed to all logs
+ LOG.critical(e)
+ sys.exit(1)
+
+ return wrapper
+
+
+@fail_gracefully
+def moon_app_factory(global_conf, **local_conf):
+ return wsgi.ComposingRouter(routes.Mapper(),
+ [Routers('moon_service')])
+
diff --git a/keystone-moon/keystone/contrib/moon/wsgi.py b/keystone-moon/keystone/contrib/moon/wsgi.py
new file mode 100644
index 00000000..f2a99633
--- /dev/null
+++ b/keystone-moon/keystone/contrib/moon/wsgi.py
@@ -0,0 +1,8 @@
+from keystone.server import wsgi
+from oslo_log import log
+
+LOG = log.getLogger(__name__)
+
+
+def initialize_moon_application():
+ return wsgi.initialize_application('moon_service')