From c1b3100ba27ee48c97e7203fa77cdff2fcc61939 Mon Sep 17 00:00:00 2001 From: Mathieu Velten Date: Tue, 6 Sep 2016 16:54:02 +0200 Subject: [PATCH] Support trust id as a scope in the OpenStack authentication logic. --- .../providers/openstack/openstack.go | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/pkg/cloudprovider/providers/openstack/openstack.go b/pkg/cloudprovider/providers/openstack/openstack.go index b522ae269b2..5d18fd52ccf 100644 --- a/pkg/cloudprovider/providers/openstack/openstack.go +++ b/pkg/cloudprovider/providers/openstack/openstack.go @@ -31,6 +31,8 @@ import ( "github.com/rackspace/gophercloud" "github.com/rackspace/gophercloud/openstack" "github.com/rackspace/gophercloud/openstack/compute/v2/servers" + "github.com/rackspace/gophercloud/openstack/identity/v3/extensions/trust" + token3 "github.com/rackspace/gophercloud/openstack/identity/v3/tokens" "github.com/rackspace/gophercloud/pagination" "github.com/golang/glog" @@ -102,6 +104,7 @@ type Config struct { ApiKey string `gcfg:"api-key"` TenantId string `gcfg:"tenant-id"` TenantName string `gcfg:"tenant-name"` + TrustId string `gcfg:"trust-id"` DomainId string `gcfg:"domain-id"` DomainName string `gcfg:"domain-name"` Region string @@ -170,7 +173,20 @@ func readInstanceID() (string, error) { } func newOpenStack(cfg Config) (*OpenStack, error) { - provider, err := openstack.AuthenticatedClient(cfg.toAuthOptions()) + provider, err := openstack.NewClient(cfg.Global.AuthUrl) + if err != nil { + return nil, err + } + if cfg.Global.TrustId != "" { + authOptionsExt := trust.AuthOptionsExt{ + TrustID: cfg.Global.TrustId, + AuthOptions: token3.AuthOptions{AuthOptions: cfg.toAuthOptions()}, + } + err = trust.AuthenticateV3Trust(provider, authOptionsExt) + } else { + err = openstack.Authenticate(provider, cfg.toAuthOptions()) + } + if err != nil { return nil, err }