Merge "Use keystoneauth1 instead of keystoneclient"

2016-06-06 15:59:11 +00:00 · 2016-06-06 15:59:11 +00:00 · 44233de471
commit 44233de471
parent 2435c1a775 712e85763b
3 changed files with 39 additions and 50 deletions
--- a/castellan/key_manager/barbican_key_manager.py
+++ b/castellan/key_manager/barbican_key_manager.py
@ -22,8 +22,9 @@ import time
 from cryptography.hazmat import backends
 from cryptography.hazmat.primitives import serialization
 from cryptography import x509 as cryptography_x509
-from keystoneclient.auth import identity
-from keystoneclient import session
+from keystoneauth1 import identity
+from keystoneauth1 import loading
+from keystoneauth1 import session
 from oslo_config import cfg
 from oslo_log import log as logging
 from oslo_utils import excutils
@ -85,7 +86,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
        self._base_url = None
        self.conf = configuration
        self.conf.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP)
-        session.Session.register_conf_options(self.conf, BARBICAN_OPT_GROUP)
+        loading.register_session_conf_options(self.conf, BARBICAN_OPT_GROUP)

    def _get_barbican_client(self, context):
        """Creates a client to connect to the Barbican service.
@ -130,7 +131,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
        auth_url = self.conf.barbican.auth_endpoint

        if context.__class__.__name__ is 'KeystonePassword':
-            return identity.v3.Password(
+            return identity.V3Password(
                auth_url=auth_url,
                username=context.username,
                password=context.password,
@ -146,7 +147,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
                project_domain_name=context.project_domain_name,
                reauthenticate=context.reauthenticate)
        elif context.__class__.__name__ is 'KeystoneToken':
-            return identity.v3.Token(
+            return identity.V3Token(
                auth_url=auth_url,
                token=context.token,
                trust_id=context.trust_id,
@ -160,7 +161,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
        # this will be kept for oslo.context compatibility until
        # projects begin to use utils.credential_factory
        elif context.__class__.__name__ is 'RequestContext':
-            return identity.v3.Token(
+            return identity.V3Token(
                auth_url=auth_url,
                token=context.auth_token,
                project_id=context.tenant)
--- a/castellan/tests/functional/key_manager/test_barbican_key_manager.py
+++ b/castellan/tests/functional/key_manager/test_barbican_key_manager.py
@ -21,9 +21,8 @@ Note: This requires local running instances of Barbican and Keystone.
 import abc
 import uuid

-from keystoneclient.auth.identity import v3
-from keystoneclient import session
-from keystoneclient.v3 import client
+from keystoneauth1 import identity
+from keystoneauth1 import session
 from oslo_config import cfg
 from oslo_context import context
 from oslotest import base
@ -113,22 +112,16 @@ class BarbicanKeyManagerOSLOContextTestCase(BarbicanKeyManagerTestCase,
        user_domain_name = CONF.identity.user_domain_name
        project_domain_name = CONF.identity.project_domain_name

-        auth = v3.Password(auth_url=auth_url,
-                           username=username,
-                           password=password,
-                           project_name=project_name,
-                           user_domain_name=user_domain_name,
-                           project_domain_name=project_domain_name)
+        auth = identity.V3Password(auth_url=auth_url,
+                                   username=username,
+                                   password=password,
+                                   project_name=project_name,
+                                   user_domain_name=user_domain_name,
+                                   project_domain_name=project_domain_name)
        sess = session.Session(auth=auth)
-        keystone_client = client.Client(session=sess)

-        project_list = keystone_client.projects.list(name=project_name)
-
-        ctxt = context.RequestContext(
-            auth_token=auth.auth_ref.auth_token,
-            tenant=project_list[0].id)
-
-        return ctxt
+        return context.RequestContext(auth_token=auth.get_token(sess),
+                                      tenant=auth.get_project_id(sess))


 class BarbicanKeyManagerKSPasswordTestCase(BarbicanKeyManagerTestCase,
@ -161,19 +154,14 @@ class BarbicanKeyManagerKSTokenTestCase(BarbicanKeyManagerTestCase,
        user_domain_name = CONF.identity.user_domain_name
        project_domain_name = CONF.identity.project_domain_name

-        auth = v3.Password(auth_url=auth_url,
-                           username=username,
-                           password=password,
-                           project_name=project_name,
-                           user_domain_name=user_domain_name,
-                           project_domain_name=project_domain_name)
-        sess = session.Session(auth=auth)
-        keystone_client = client.Client(session=sess)
+        auth = identity.V3Password(auth_url=auth_url,
+                                   username=username,
+                                   password=password,
+                                   project_name=project_name,
+                                   user_domain_name=user_domain_name,
+                                   project_domain_name=project_domain_name)
+        sess = session.Session()

-        project_list = keystone_client.projects.list(name=project_name)
-
-        ctxt = keystone_token.KeystoneToken(
-            token=auth.auth_ref.auth_token,
-            project_id=project_list[0].id)
-
-        return ctxt
+        return keystone_token.KeystoneToken(
+            token=auth.get_token(sess),
+            project_id=auth.get_project_id(sess))
--- a/doc/source/usage.rst
+++ b/doc/source/usage.rst
@ -52,7 +52,7 @@ provided.
 .. note::

  Keystone Token and Password authentication is achieved using
-  keystoneclient.auth.identity.v3 Token and Password auth plugins.
+  keystoneauth1.identity Token and Password auth plugins.
  There are a variety of different variables which can be set for the
  keystone credential options.

@ -88,23 +88,23 @@ that is being abstracted.

 .. code:: python

-    from keystoneclient.v3 import client
+    from keystoneauth1 import identity
+    from keystoneauth1 import session
    from oslo_context import context

    username = 'admin'
    password = 'openstack'
    project_name = 'admin'
-    auth_url = 'http://localhost:5000/v3'
-    keystone_client = client.Client(username=username,
-                                    password=password,
-                                    project_name=project_name,
-                                    auth_url=auth_url,
-                                    project_domain_id='default')
+    auth_url = 'http://localhost:5000/'
+    auth = identity.Password(auth_url=auth_url,
+                             username=username,
+                             password=password,
+                             project_name=project_name,
+                             default_domain_id='default')
+    sess = session.Session()

-    project_list = keystone_client.projects.list(name=project_name)
-
-    ctxt = context.RequestContext(auth_token=keystone_client.auth_token,
-                                  tenant=project_list[0].id)
+    ctxt = context.RequestContext(auth_token=auth.get_token(sess),
+                                  tenant=auth.get_project_id(sess))

 ctxt can then be passed into any key_manager api call.