External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-06-20 14:17:42 -02:30
Code Issues Packages Projects Releases Wiki Activity
Files
3bdb6362ad28dd67aa61a93cd0d283fc8db6ed7b
awx/awx_collection/plugins/doc_fragments/auth.py
Hao Liu 849f5f796c Restore oauth_token backward compatibility for collection token auth (#16500) 
* Restore oauth_token backward compatibility for collection token auth

The aap_token rename (c8981e321e) restored module-level token auth but
left two interfaces from earlier collection releases broken:

- The lookup (controller_api) and inventory (controller) plugins
  previously declared an oauth_token option. Add oauth_token as an
  alias of aap_token in the auth_plugin doc fragment and in
  AUTH_ARGSPEC so query(..., oauth_token=...) and inventory YAML keys
  keep working.

- tower_cli.cfg-style config files used an oauth_token key under
  [general]; it was silently ignored after the rename, quietly
  degrading auth. load_config() now also reads the legacy oauth_token
  key and maps it to aap_token, with the new aap_token key winning when
  both are present. aap_token remains the canonical attribute used by
  _parse_aap_token() and the Bearer header logic.

Also make the test helper compatible with ansible-core 2.21+, which
requires a serialization profile alongside _ANSIBLE_ARGS, and extend
the tests to cover the oauth_token alias and legacy config file key.

No changelog fragment added: awx_collection has no changelogs/
directory on devel.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Document oauth_token alias in module auth doc fragment

The oauth_token alias was added to aap_token in AUTH_ARGSPEC but not to
the module doc fragment, failing the validate-modules sanity check
(undocumented argument alias).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Generalize version references in compat comments

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-12 18:32:07 +00:00

89 lines
3.4 KiB
Python
Raw Blame History

# -*- coding: utf-8 -*-
# Copyright: (c) 2017, Wayne Witzel III <wayne@riotousliving.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
class ModuleDocFragment(object):
# Automation Platform Controller documentation fragment
DOCUMENTATION = r'''
options:
controller_host:
description:
- URL to your Automation Platform Controller instance.
- If value not set, will try environment variable C(CONTROLLER_HOST) and then config files
- If value not specified by any means, the value of C(127.0.0.1) will be used
type: str
aliases: [ tower_host, aap_hostname ]
controller_username:
description:
- Username for your controller instance.
- If value not set, will try environment variable C(CONTROLLER_USERNAME) and then config files
type: str
aliases: [ tower_username, aap_username ]
controller_password:
description:
- Password for your controller instance.
- If value not set, will try environment variable C(CONTROLLER_PASSWORD) and then config files
type: str
aliases: [ tower_password , aap_password ]
aap_token:
description:
- The OAuth token to use, sent as a Bearer token in the Authorization header.
- When connecting through the AAP gateway, use a token issued by the gateway.
- This value can be in one of two formats.
- A string which is the token itself. (i.e. bqV5txm97wqJqtkxlMkhQz0pKhRMMX)
- A dictionary structure as set as a fact by the M(ansible.platform.token) module.
- If value not set, will try environment variable C(CONTROLLER_OAUTH_TOKEN) and then config files
type: raw
version_added: "3.7.0"
aliases: [ oauth_token, controller_oauthtoken, tower_oauthtoken ]
validate_certs:
description:
- Whether to allow insecure connections to AWX.
- If C(no), SSL certificates will not be validated.
- This should only be used on personally controlled sites using self-signed certificates.
- If value not set, will try environment variable C(CONTROLLER_VERIFY_SSL) and then config files
type: bool
aliases: [ tower_verify_ssl, aap_validate_certs ]
request_timeout:
description:
- Specify the timeout Ansible should use in requests to the controller host.
- Defaults to 10s, but this is handled by the shared module_utils code
type: float
aliases: [ aap_request_timeout ]
max_retries:
description:
- Specify the max retries to be used with some connection issues.
- Defaults to 5.
- If value not set, will try environment variable C(AAP_MAX_RETRIES) and then config files.
type: int
aliases: [ aap_max_retries ]
retry_backoff_factor:
description:
- Backoff factor used when retrying connections.
- Defaults to 2.
- If value not set, will try environment variable C(AAP_RETRY_BACKOFF_FACTOR) and then config files.
type: int
aliases: [ aap_retry_backoff_factor ]
controller_config_file:
description:
- Path to the controller config file.
- If provided, the other locations for config files will not be considered.
type: path
aliases: [ tower_config_file ]
notes:
- If no I(config_file) is provided we will attempt to use the tower-cli library
defaults to find your host information.
- I(config_file) should be in the following format
host=hostname
username=username
password=password
'''
Reference in New Issue View Git Blame Copy Permalink