<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 07/17/2012 06:06 PM, Matt Joyce
wrote:<br>
</div>
<blockquote
cite="mid:CAGYSk8fjmDWLWjGqrGJaoMLpkEJSNz4W2mbU+zfYN2SSpFAE8w@mail.gmail.com"
type="cite">Anyone by any chance know how to read out the
auth_token or raw_token that is acquired in keystoneclient when it
performs a client.Client() Authenticate?<br>
</blockquote>
<br>
The token is just a UUID, randomly generated. <br>
<br>
In the PKI proposal, it is a base64 encoding of a Signed document in
CMS format.<br>
<br>
<blockquote
cite="mid:CAGYSk8fjmDWLWjGqrGJaoMLpkEJSNz4W2mbU+zfYN2SSpFAE8w@mail.gmail.com"
type="cite"><br>
I'd love to be able to read that. And it's totally not documented
anywhere if it exists.<br>
<br>
-Matt<br>
<br>
<div class="gmail_quote">On Tue, Jul 17, 2012 at 2:19 PM, Matt
Joyce <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:matt.joyce@cloudscaling.com" target="_blank">matt.joyce@cloudscaling.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
Works for me. =D
<div class="HOEnZb">
<div class="h5"><br>
<br>
<div class="gmail_quote">On Tue, Jul 17, 2012 at 1:51 PM,
Dolph Mathews <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:dolph.mathews@gmail.com"
target="_blank">dolph.mathews@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Adam
speaks lies ;)
<div><br>
</div>
<div>Here's a regular user requesting a list of
tenants on port 5000 (notice they only get back 1
tenant):<br>
<div><br>
</div>
<blockquote style="margin:0 0 0
40px;border:none;padding:0px">
<div>
<div>GET <a moz-do-not-send="true"
href="http://localhost:5000/v2.0/tenants"
target="_blank">http://localhost:5000/v2.0/tenants</a></div>
</div>
<div>
<div>======================================</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div>
X-Auth-Token: a6094f62e38c4fafa57e6edf7bd04961</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div>200 OK</div>
</div>
<div>
<div>======</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div>Status: 200</div>
</div>
<div>
<div>Content-Length: 133</div>
</div>
<div>
<div>
Content-Location: <a moz-do-not-send="true"
href="http://localhost:5000/v2.0/tenants"
target="_blank">http://localhost:5000/v2.0/tenants</a></div>
</div>
<div>
<div>Vary: X-Auth-Token</div>
</div>
<div>
<div>Date: Tue, 17 Jul 2012 20:49:16 GMT</div>
</div>
<div>
<div>Content-Type: application/json</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div>{</div>
</div>
<div>
<div> "tenants": [</div>
</div>
<div>
<div> {</div>
</div>
<div>
<div> "enabled": true, </div>
</div>
<div>
<div> "description": null, </div>
</div>
<div>
<div> "name": "my-project", </div>
</div>
<div>
<div> "id":
"2cf2efb1da5c4d5b8c97d8055ff3b5d8"</div>
</div>
<div>
<div> }</div>
</div>
<div>
<div> ], </div>
</div>
<div>
<div> "tenants_links": []</div>
</div>
<div>
<div>}</div>
</div>
</blockquote>
<div>
<div><br>
</div>
<div>Here's an admin API call for all tenants in
the system (notice there is an additional tenant
the above user did not have access to):</div>
<div><br>
</div>
</div>
<blockquote style="margin:0 0 0
40px;border:none;padding:0px">
<div>
<div>GET <a moz-do-not-send="true"
href="http://localhost:35357/v2.0/tenants"
target="_blank">http://localhost:35357/v2.0/tenants</a></div>
</div>
<div>
<div>
=======================================</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div>X-Auth-Token: ADMIN</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div>200 OK</div>
</div>
<div>
<div>======</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div>Status: 200</div>
</div>
<div>
<div>Content-Length: 236</div>
</div>
<div>
<div>Content-Location: <a
moz-do-not-send="true"
href="http://localhost:35357/v2.0/tenants"
target="_blank">http://localhost:35357/v2.0/tenants</a></div>
</div>
<div>
<div>Vary: X-Auth-Token</div>
</div>
<div>
<div>
Date: Tue, 17 Jul 2012 20:49:22 GMT</div>
</div>
<div>
<div>Content-Type: application/json</div>
</div>
<div>
<div><br>
</div>
</div>
<div>
<div>{</div>
</div>
<div>
<div> "tenants": [</div>
</div>
<div>
<div> {</div>
</div>
<div>
<div> "enabled": true, </div>
</div>
<div>
<div> "description": null, </div>
</div>
<div>
<div> "name": "my-project", </div>
</div>
<div>
<div> "id":
"2cf2efb1da5c4d5b8c97d8055ff3b5d8"</div>
</div>
<div>
<div> }, </div>
</div>
<div>
<div> {</div>
</div>
<div>
<div> "enabled": true, </div>
</div>
<div>
<div> "description": null, </div>
</div>
<div>
<div> "name": "project-x", </div>
</div>
<div>
<div> "id":
"1213c2511f364264b1dfea9a56a225e0"</div>
</div>
<div>
<div> }</div>
</div>
<div>
<div> ], </div>
</div>
<div>
<div> "tenants_links": []</div>
</div>
<div>
<div>}</div>
</div>
</blockquote>
<div><br>
</div>
<div>-Dolph</div>
<div><br>
<div class="gmail_quote">
<div>
<div>On Tue, Jul 17, 2012 at 2:55 PM, Matt
Joyce <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:matt.joyce@cloudscaling.com"
target="_blank">matt.joyce@cloudscaling.com</a>></span>
wrote:<br>
</div>
</div>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div>
<div>
<div>On Tue, Jul 17, 2012 at 12:55 PM,
Adam Young <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:ayoung@redhat.com"
target="_blank">ayoung@redhat.com</a>></span>
wrote:<br>
<div class="gmail_quote">
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div>On 07/17/2012 03:47 PM, Matt
Joyce wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">
As a non admin user. Querying
the keystone v2 API is there a
way for me to get a list of the
tenants that I am a member of?
Or is that only a v3 thing?<br>
<br>
-Matt<br>
</blockquote>
<br>
</div>
I was just looking into it, and
there is no such API yet. The
underlying Identity provider call is
get_tenants_for_user and there does
not seem to be a route set up that
calls that.<br>
</blockquote>
</div>
<br>
<br>
</div>
8( <--- sad panda face.<br>
<br>
That would have been a very useful call
for me right now. I hope we have
something by folsom ( albeit
s/tenant/project/ig )<span><font
color="#888888"><br>
<br>
-Matt<br>
</font></span><br>
</div>
</div>
_______________________________________________<br>
Mailing list: <a moz-do-not-send="true"
href="https://launchpad.net/%7Eopenstack"
target="_blank">https://launchpad.net/~openstack</a><br>
Post to : <a moz-do-not-send="true"
href="mailto:openstack@lists.launchpad.net"
target="_blank">openstack@lists.launchpad.net</a><br>
Unsubscribe : <a moz-do-not-send="true"
href="https://launchpad.net/%7Eopenstack"
target="_blank">https://launchpad.net/~openstack</a><br>
More help : <a moz-do-not-send="true"
href="https://help.launchpad.net/ListHelp"
target="_blank">https://help.launchpad.net/ListHelp</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
</div>
<br>
</blockquote>
<br>
<br>
</body>
</html>