Refactor sync-state command, allow specifying perspective as option
Change-Id: I2caf3cd3a36178fb26ed34df24de38df252944fc
diff --git a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenstackSyncStateCommand.java b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenstackSyncStateCommand.java
index 066714a..d85f39e 100644
--- a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenstackSyncStateCommand.java
+++ b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenstackSyncStateCommand.java
@@ -24,6 +24,7 @@
import org.onosproject.openstacknetworking.api.OpenstackRouterAdminService;
import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupAdminService;
import org.openstack4j.api.OSClient;
+import org.openstack4j.api.client.IOSClientBuilder;
import org.openstack4j.api.exceptions.AuthenticationException;
import org.openstack4j.api.types.Facing;
import org.openstack4j.core.transport.Config;
@@ -63,22 +64,22 @@
required = true, multiValued = false)
private String endpoint = null;
- @Argument(index = 1, name = "perspective", description = "OpenStack endpoint perspective",
- required = true, multiValued = false)
- private String perspective = null;
-
- @Argument(index = 2, name = "tenant", description = "OpenStack admin tenant name",
+ @Argument(index = 1, name = "tenant", description = "OpenStack admin tenant name",
required = true, multiValued = false)
private String tenant = null;
- @Argument(index = 3, name = "user", description = "OpenStack admin user name",
+ @Argument(index = 2, name = "user", description = "OpenStack admin user name",
required = true, multiValued = false)
private String user = null;
- @Argument(index = 4, name = "password", description = "OpenStack admin user password",
+ @Argument(index = 3, name = "password", description = "OpenStack admin user password",
required = true, multiValued = false)
private String password = null;
+ @Argument(index = 4, name = "perspective", description = "OpenStack endpoint perspective",
+ required = false, multiValued = false)
+ private String perspective = null;
+
private static final String DOMAIN_DEFUALT = "default";
private static final String SECURITY_GROUP_FORMAT = "%-40s%-20s";
@@ -102,61 +103,38 @@
OSClient osClient;
- // we bypass the SSL certification verification for now
- // TODO: verify server side SSL using a given certification
- Config config = Config.newConfig().withSSLVerificationDisabled();
-
- TrustManager[] trustAllCerts = new TrustManager[]{
- new X509TrustManager() {
- public X509Certificate[] getAcceptedIssuers() {
- return null;
- }
-
- public void checkClientTrusted(X509Certificate[] certs, String authType) {
- }
-
- public void checkServerTrusted(X509Certificate[] certs, String authType) {
- }
- }
- };
-
- HostnameVerifier allHostsValid = (hostname, session) -> true;
+ Config config = getSslConfig();
try {
- SSLContext sc = SSLContext.getInstance("SSL");
- sc.init(null, trustAllCerts, new java.security.SecureRandom());
- HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
- HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
-
- config.withSSLContext(sc);
-
- Facing facing = getFacing(perspective);
- if (facing == null) {
- error("Perspective is invalid. Use public | internal | admin ");
- return;
- }
-
if (endpoint != null) {
if (endpoint.contains(KEYSTONE_V2)) {
- osClient = OSFactory.builderV2()
+ IOSClientBuilder.V2 builder = OSFactory.builderV2()
.endpoint(this.endpoint)
.tenantName(this.tenant)
.credentials(this.user, this.password)
- .withConfig(config)
- .perspective(facing)
- .authenticate();
+ .withConfig(config);
+
+ if (perspective != null) {
+ builder.perspective(getFacing(perspective));
+ }
+
+ osClient = builder.authenticate();
} else if (endpoint.contains(KEYSTONE_V3)) {
Identifier project = Identifier.byName(this.tenant);
Identifier domain = Identifier.byName(DOMAIN_DEFUALT);
- osClient = OSFactory.builderV3()
+ IOSClientBuilder.V3 builder = OSFactory.builderV3()
.endpoint(this.endpoint)
.credentials(this.user, this.password, domain)
.scopeToProject(project, domain)
- .withConfig(config)
- .perspective(facing)
- .authenticate();
+ .withConfig(config);
+
+ if (perspective != null) {
+ builder.perspective(getFacing(perspective));
+ }
+
+ osClient = builder.authenticate();
} else {
print("Unrecognized keystone version type");
return;
@@ -168,9 +146,6 @@
} catch (AuthenticationException e) {
print("Authentication failed");
return;
- } catch (Exception e) {
- print("Failed to access OpenStack service");
- return;
}
print("Synchronizing OpenStack security groups");
@@ -330,6 +305,42 @@
print(strFloating);
}
+ private Config getSslConfig() {
+ // we bypass the SSL certification verification for now
+ // TODO: verify server side SSL using a given certification
+ Config config = Config.newConfig().withSSLVerificationDisabled();
+
+ TrustManager[] trustAllCerts = new TrustManager[]{
+ new X509TrustManager() {
+ public X509Certificate[] getAcceptedIssuers() {
+ return null;
+ }
+
+ public void checkClientTrusted(X509Certificate[] certs, String authType) {
+ }
+
+ public void checkServerTrusted(X509Certificate[] certs, String authType) {
+ }
+ }
+ };
+
+ HostnameVerifier allHostsValid = (hostname, session) -> true;
+
+ try {
+ SSLContext sc = SSLContext.getInstance("SSL");
+ sc.init(null, trustAllCerts, new java.security.SecureRandom());
+ HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+ HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
+
+ config.withSSLContext(sc);
+ } catch (Exception e) {
+ print("Failed to access OpenStack service");
+ return null;
+ }
+
+ return config;
+ }
+
private Facing getFacing(String strFacing) {
if (strFacing == null) {