-
Notifications
You must be signed in to change notification settings - Fork 157
Expand file tree
/
Copy pathService.php
More file actions
442 lines (399 loc) · 16.9 KB
/
Service.php
File metadata and controls
442 lines (399 loc) · 16.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
<?php
declare(strict_types=1);
namespace OpenStack\Identity\v3;
use GuzzleHttp\ClientInterface;
use OpenStack\Common\Auth\IdentityService;
use OpenStack\Common\Error\BadResponseError;
use OpenStack\Common\Service\AbstractService;
/**
* Represents the Keystone v3 service.
*
* @property Api $api
*/
class Service extends AbstractService implements IdentityService
{
public static function factory(ClientInterface $client): self
{
return new static($client, new Api());
}
/**
* Authenticates credentials, giving back a token and a base URL for the service.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postTokens}
*
* @return array Returns a {@see Models\Token} as the first element, a string base URL as the second
*/
public function authenticate(array $options): array
{
$authOptions = array_intersect_key($options, $this->api->postTokens()['params']);
if (!empty($options['cachedToken'])) {
$token = $this->generateTokenFromCache($options['cachedToken']);
if ($token->hasExpired()) {
throw new \RuntimeException(sprintf('Cached token has expired on "%s".', $token->expires->format(\DateTime::ISO8601)));
}
} else {
$token = $this->generateToken($authOptions);
}
$name = $options['catalogName'];
$type = $options['catalogType'];
$region = $options['region'];
$interface = $options['interface'] ?? Enum::INTERFACE_PUBLIC;
if (!empty($options['catalog_overrides'])) {
$baseUrl = $token->catalog->getServiceUrlOverride(
$name,
$type,
$region,
$interface,
$options['catalog_overrides']
);
if ($baseUrl) {
return [$token, $baseUrl];
}
}
if ($baseUrl = $token->catalog->getServiceUrl($name, $type, $region, $interface)) {
return [$token, $baseUrl];
}
throw new \RuntimeException(sprintf('No service found with type [%s] name [%s] region [%s] interface [%s]', $type, $name, $region, $interface));
}
/**
* Generates authentication token from cached token using `$token->export()`.
*
* @param array $cachedToken {@see \OpenStack\Identity\v3\Models\Token::export}
*/
public function generateTokenFromCache(array $cachedToken): Models\Token
{
return $this->model(Models\Token::class)->populateFromArray($cachedToken);
}
/**
* Generates a new authentication token.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postTokens}
*/
public function generateToken(array $options): Models\Token
{
return $this->model(Models\Token::class)->create($options);
}
/**
* Retrieves a token object and populates its unique identifier object. This operation will not perform a GET or
* HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the token to retrieve
*/
public function getToken(string $id): Models\Token
{
return $this->model(Models\Token::class, ['id' => $id]);
}
/**
* Validates a token, identified by its ID, and returns TRUE if its valid, FALSE if not.
*
* @param string $id The unique ID of the token
*/
public function validateToken(string $id): bool
{
try {
$this->execute($this->api->headTokens(), ['tokenId' => $id]);
return true;
} catch (BadResponseError $e) {
return false;
}
}
/**
* Revokes a token, identified by its ID. After this operation completes, users will not be able to use this token
* again for authentication.
*
* @param string $id The unique ID of the token
*/
public function revokeToken(string $id)
{
$this->execute($this->api->deleteTokens(), ['tokenId' => $id]);
}
/**
* Creates a new service according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postServices}
*/
public function createService(array $options): Models\Service
{
return $this->model(Models\Service::class)->create($options);
}
/**
* Returns a generator which will yield a collection of service objects. The elements which generators yield can be
* accessed using a foreach loop. Often the API will not return the full state of the resource in collections; you
* will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getServices}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Service>
*/
public function listServices(array $options = []): \Generator
{
return $this->model(Models\Service::class)->enumerate($this->api->getServices(), $options);
}
/**
* Retrieves a service object and populates its unique identifier object. This operation will not perform a GET or
* HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the service
*/
public function getService(string $id): Models\Service
{
return $this->model(Models\Service::class, ['id' => $id]);
}
/**
* Creates a new endpoint according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postEndpoints}
*/
public function createEndpoint(array $options): Models\Endpoint
{
return $this->model(Models\Endpoint::class)->create($options);
}
/**
* Retrieves an endpoint object and populates its unique identifier object. This operation will not perform a GET or
* HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the service
*/
public function getEndpoint(string $id): Models\Endpoint
{
return $this->model(Models\Endpoint::class, ['id' => $id]);
}
/**
* Returns a generator which will yield a collection of endpoint objects. The elements which generators yield can be
* accessed using a foreach loop. Often the API will not return the full state of the resource in collections; you
* will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getEndpoints}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Endpoint>
*/
public function listEndpoints(array $options = []): \Generator
{
return $this->model(Models\Endpoint::class)->enumerate($this->api->getEndpoints(), $options);
}
/**
* Creates a new domain according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postDomains}
*/
public function createDomain(array $options): Models\Domain
{
return $this->model(Models\Domain::class)->create($options);
}
/**
* Returns a generator which will yield a collection of domain objects. The elements which generators yield can be
* accessed using a foreach loop. Often the API will not return the full state of the resource in collections; you
* will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getDomains}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Domain>
*/
public function listDomains(array $options = []): \Generator
{
return $this->model(Models\Domain::class)->enumerate($this->api->getDomains(), $options);
}
/**
* Retrieves a domain object and populates its unique identifier object. This operation will not perform a GET or
* HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the domain
*/
public function getDomain(string $id): Models\Domain
{
return $this->model(Models\Domain::class, ['id' => $id]);
}
/**
* Creates a new project according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postProjects}
*/
public function createProject(array $options): Models\Project
{
return $this->model(Models\Project::class)->create($options);
}
/**
* Returns a generator which will yield a collection of project objects. The elements which generators yield can be
* accessed using a foreach loop. Often the API will not return the full state of the resource in collections; you
* will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getProjects}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Project>
*/
public function listProjects(array $options = []): \Generator
{
return $this->model(Models\Project::class)->enumerate($this->api->getProjects(), $options);
}
/**
* Retrieves a project object and populates its unique identifier object. This operation will not perform a GET or
* HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the project
*/
public function getProject(string $id): Models\Project
{
return $this->model(Models\Project::class, ['id' => $id]);
}
/**
* Creates a new user according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postUsers}
*/
public function createUser(array $options): Models\User
{
return $this->model(Models\User::class)->create($options);
}
/**
* Returns a generator which will yield a collection of user objects. The elements which generators yield can be
* accessed using a foreach loop. Often the API will not return the full state of the resource in collections; you
* will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getUsers}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\User>
*/
public function listUsers(array $options = []): \Generator
{
return $this->model(Models\User::class)->enumerate($this->api->getUsers(), $options);
}
/**
* Retrieves a user object and populates its unique identifier object. This operation will not perform a GET or
* HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the user
*/
public function getUser(string $id): Models\User
{
return $this->model(Models\User::class, ['id' => $id]);
}
/**
* Creates a new group according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postGroups}
*/
public function createGroup(array $options): Models\Group
{
return $this->model(Models\Group::class)->create($options);
}
/**
* Returns a generator which will yield a collection of group objects. The elements which generators yield can be
* accessed using a foreach loop. Often the API will not return the full state of the resource in collections; you
* will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getGroups}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Group>
*/
public function listGroups(array $options = []): \Generator
{
return $this->model(Models\Group::class)->enumerate($this->api->getGroups(), $options);
}
/**
* Retrieves a group object and populates its unique identifier object. This operation will not perform a GET or
* HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the group
*/
public function getGroup($id): Models\Group
{
return $this->model(Models\Group::class, ['id' => $id]);
}
/**
* Creates a new credential according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postCredentials}
*/
public function createCredential(array $options): Models\Credential
{
return $this->model(Models\Credential::class)->create($options);
}
/**
* Returns a generator which will yield a collection of credential objects. The elements which generators yield can
* be accessed using a foreach loop. Often the API will not return the full state of the resource in collections;
* you will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Credential>
*/
public function listCredentials(): \Generator
{
return $this->model(Models\Credential::class)->enumerate($this->api->getCredentials());
}
/**
* Retrieves a credential object and populates its unique identifier object. This operation will not perform a GET
* or HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the credential
*/
public function getCredential(string $id): Models\Credential
{
return $this->model(Models\Credential::class, ['id' => $id]);
}
/**
* Creates a new role according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postRoles}
*/
public function createRole(array $options): Models\Role
{
return $this->model(Models\Role::class)->create($options);
}
/**
* Returns a generator which will yield a collection of role objects. The elements which generators yield can be
* accessed using a foreach loop. Often the API will not return the full state of the resource in collections; you
* will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getRoles}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Role>
*/
public function listRoles(array $options = []): \Generator
{
return $this->model(Models\Role::class)->enumerate($this->api->getRoles(), $options);
}
/**
* Returns a generator which will yield a collection of role assignment objects. The elements which generators
* yield can be accessed using a foreach loop. Often the API will not return the full state of the resource in
* collections; you will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getRoleAssignments}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Assignment>
*/
public function listRoleAssignments(array $options = []): \Generator
{
return $this->model(Models\Assignment::class)->enumerate($this->api->getRoleAssignments(), $options);
}
/**
* Creates a new policy according to the provided options.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::postPolicies}
*/
public function createPolicy(array $options): Models\Policy
{
return $this->model(Models\Policy::class)->create($options);
}
/**
* Returns a generator which will yield a collection of policy objects. The elements which generators yield can be
* accessed using a foreach loop. Often the API will not return the full state of the resource in collections; you
* will need to use retrieve() to pull in the full state of the remote resource from the API.
*
* @param array $options {@see \OpenStack\Identity\v3\Api::getPolicies}
*
* @return \Generator<mixed, \OpenStack\Identity\v3\Models\Policy>
*/
public function listPolicies(array $options = []): \Generator
{
return $this->model(Models\Policy::class)->enumerate($this->api->getPolicies(), $options);
}
/**
* Retrieves a policy object and populates its unique identifier object. This operation will not perform a GET or
* HEAD request by default; you will need to call retrieve() if you want to pull in remote state from the API.
*
* @param string $id The unique ID of the policy
*/
public function getPolicy(string $id): Models\Policy
{
return $this->model(Models\Policy::class, ['id' => $id]);
}
}