Cannot authenticate on-demand

Bug #1630972 reported by Elijah
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
python-novaclient
Expired
Undecided
Unassigned

Bug Description

I'm trying to set up a nova client and ensure that there are no authentication errors on client creation. My attempt is below:

from novaclient import client
from keystoneauth1 import session
from keystoneauth1.identity import v3

def setup_nova(creds):
    """
    Creates a nova instance with which we can leverage the OpenStack virtualization
    platform.

    :param creds: A dictionary containing the authorization url, username,
                  password, version, and project ID associated with the OpenStack
                  cluster.
    :type creds: dict
    """
    password = v3.PasswordMethod(username=creds['USERNAME'],
                                 password=creds['PASSWORD'],
                                 user_domain_name='default')

    auth = v3.Auth(auth_url=creds['AUTH_URL'],
                   auth_methods=[password],
                   project_id=creds['PROJECT_ID'])

    sess = session.Session(auth=auth)
    nova = client.Client(creds['VERSION'], session=sess)
    nova.authenticate()
    return nova

However, the `nova.authenticate()` call throws a novaclient.exceptions.InvalidUsage which tells me to authenticate the Session object. The Session object doesn't seem to have a way to authenticate on-demand, though.

Perhaps I'm missing something, but if there isn't a way to do this, there's either a bug in python-novaclient or in keystoneauth.

Revision history for this message
Ali Jabbar (jabbar-ali) wrote :

Hi ,
Could you please let share what is your end objective and why you want to do this ?

a) Are you trying to build a new feature ?

b) Or you want to do some kind of sanity check before launching any instance ?

Please share !!

Revision history for this message
Elijah (erip) wrote :

I think it's normal to enter credentials before attempting to make requests. I don't want to need to add a check for Unauthorized exceptions for every different type of request the user might want to make.

Revision history for this message
Ali Jabbar (jabbar-ali) wrote :

So are you saying that current way of handling is OK and there is no need of modification
 ?

Changed in python-novaclient:
status: New → Incomplete
Revision history for this message
Elijah (erip) wrote :

Clearly that's not what I'm saying--if it were, I wouldn't have filed this bug.

Imagine this user experience:

1. You go to ATM.
2. You enter bank card.
3. You type PIN.
4. You attempt to make a withdraw.
5. To your chagrin, you're alerted that your pin is wrong.

This is a terrible experience. Similarly, the way OpenStack (or atleast the python-novaclient module) works is quite analogous to this and should be changed (or at least extended).

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for python-novaclient because there has been no activity for 60 days.]

Changed in python-novaclient:
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.