Login/Register
Getting auth token from keystone in horizon
Asked Answered
pythondjangoopenstackopenstack-horizon
B

6

5

I want to get the auth token from keystone using horizon and then wants to pass that auth token to my backed code.

i don't know how to get this, please help me out.

I read many articles and blogs blogs but i am not able to find the answer. Please just point me into the right direction.

Banal answered 17/11, 2013 at 17:56 Comment(0)
T
7

Easiest is to use a Rest client to login and just take the token from the response. I like the Firefox RESTClient add-on but you can use any client you want.

  • Post a request to the Openstack Identity URL: 

    POST keystone_ip:port/version/tokens

    (e.g. 127.0.0.1:5000/v2.0/tokens)

    with header:

    Content-Type: application/json

    and body:

    {
    "auth": {
        "tenantName": "enter_your_tenantname",
        "passwordCredentials": {
            "username": "enter_your_username",
            "password": "enter_your_password"
        }
    }
}

    Note: If you're not sure what is the correct identity (keystone) URL you can log in manually to Horizon and look for a list of API endpoints.

  • The response body will include something like this:

    {
    "token": {
        "issued_at": "2014-02-25T08:34:56.068363",
        "expires": "2014-02-26T08:34:55Z",
        "id": "529e3a0e1c375j498315c71d08134837"
    }
}

  • Use the returned token id as a header in new rest calls. For example, to get a list of servers use request: 

    GET compute_endpoint_ip:port/v2/tenant_id/servers

    with Headers: 

    X-Auth-Token: 529e3a0e1c375j498315c71d08134837
Content-Type: application/json
Typography answered 25/2, 2014 at 9:10 Comment(0)
L
2

You can use python-keystoneclient. To authenticate the user, use for example 

 username='admin'
 password='1234'
 tenant_name='admin'
 auth_url='http://127.0.0.1:5000/v2.0'
 keystone = client.Client(username=username, password=password, tenant_name=tenant_name, auth_url=auth_url)

Once, the user is authenticated, a token is generated. The auth_ref property on the client ( keystone variable in this example) will give you a dictionary like structure having all the information you need about the token, which will enable you to re-use the token or pass it to the back-end in your case.

token_dict = keystone.auth_ref

Now,the token_dict is the variable that you can pass to your back-end.

Loosen answered 9/3, 2014 at 3:12 Comment(0)
D
2

As an example of how to get at it:

import keystoneclient.v2_0.client as ksclient
# authenticate with keystone to get a token

keystone = ksclient.Client(auth_url="http://192.168.10.5:35357/v2.0",
                           username="admin",
                           password="admin",
                           tenant_name="admin")


token = keystone.auth_ref['token']['id']

# use this token for whatever other services you are accessing.
print token
Dilator answered 6/8, 2014 at 12:15 Comment(0)
V
1

Go to the node where you have installed Keystone services. Open vi /etc/keystone/keystone.conf

Check for the third line starting admin_token. It should be a long random string:

admin_token = 05131394ad6b49c56f217

That is your keystone token. Using python:

>>> from keystoneclient.v2_0.client as ksclient
>>> keystone = ksclient.Client(auth_url="http://service-stack.linxsol.com:35357/v2.0", username="admin", password="123456", tenant_name="admin")

Ofcourse, you will change auth_url, *username, password* and tenant_name to your choice. Now you can use keystone to execute all the api tasks:

keystone.tenants.list()
keystone.users.list()
keystone.roles.list()

Or use dir(keystone) to list all the available options.

You can reuse the token as follows: 

auth_ref = keystone.auth_ref or token = ksclient.get_raw_token_from_identity_service(auth_url="http://service-stack.linxsol.com:35357/v2.0", username="admin", password="123456", tenant_name="admin")

But remember it returns a dictionary and a raw token not in a form of a token as you can see above.

For further information please check the python-keystoneclient.

I hope that helps.

Vaud answered 18/11, 2013 at 13:6 Comment(0)
M
0

Use the python-keystoneclient package.

Look into the Client.get_raw_token_from_identity_service method.

Madriene answered 17/11, 2013 at 18:50 Comment(0)
H
0

First you have to install python-keystoneclient.

To generate the token you can use the following code, here I want to mention you can change the authentication url with your server url but port number will be same, 

from keystoneclient.v2_0 import client
username='admin'
password='1234'
tenant_name='demo'
auth_url='http://10.0.2.15:5000/v2.0' # Or auth_url='http://192.168.206.133:5000/v2.0'

if your username, password, or tenant_name is wrong then you will get keystoneclient.openstack.common.apiclient.exceptions.Unauthorized: Invalid user / password keystone = client.Client(username=username, password=password, tenant_name=tenant_name, auth_url=auth_url) token_dict = keystone.auth_ref token_dict

Heteronym answered 25/8, 2015 at 6:10 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.