Use keystoneauth1 instead of keystoneclient
The keystoneclient session has been deprecated in favour of keystoneauth1. To make this cleaner a few unnecessary usages of keystoneclient are cleaned up. Change-Id: I8bfcff53165a18f94c600797dd8105d64d948e7a
This commit is contained in:
parent
b54d07b99f
commit
712e85763b
@ -22,8 +22,9 @@ import time
|
||||
from cryptography.hazmat import backends
|
||||
from cryptography.hazmat.primitives import serialization
|
||||
from cryptography import x509 as cryptography_x509
|
||||
from keystoneclient.auth import identity
|
||||
from keystoneclient import session
|
||||
from keystoneauth1 import identity
|
||||
from keystoneauth1 import loading
|
||||
from keystoneauth1 import session
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log as logging
|
||||
from oslo_utils import excutils
|
||||
@ -85,7 +86,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
||||
self._base_url = None
|
||||
self.conf = configuration
|
||||
self.conf.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP)
|
||||
session.Session.register_conf_options(self.conf, BARBICAN_OPT_GROUP)
|
||||
loading.register_session_conf_options(self.conf, BARBICAN_OPT_GROUP)
|
||||
|
||||
def _get_barbican_client(self, context):
|
||||
"""Creates a client to connect to the Barbican service.
|
||||
@ -130,7 +131,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
||||
auth_url = self.conf.barbican.auth_endpoint
|
||||
|
||||
if context.__class__.__name__ is 'KeystonePassword':
|
||||
return identity.v3.Password(
|
||||
return identity.V3Password(
|
||||
auth_url=auth_url,
|
||||
username=context.username,
|
||||
password=context.password,
|
||||
@ -146,7 +147,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
||||
project_domain_name=context.project_domain_name,
|
||||
reauthenticate=context.reauthenticate)
|
||||
elif context.__class__.__name__ is 'KeystoneToken':
|
||||
return identity.v3.Token(
|
||||
return identity.V3Token(
|
||||
auth_url=auth_url,
|
||||
token=context.token,
|
||||
trust_id=context.trust_id,
|
||||
@ -160,7 +161,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
||||
# this will be kept for oslo.context compatibility until
|
||||
# projects begin to use utils.credential_factory
|
||||
elif context.__class__.__name__ is 'RequestContext':
|
||||
return identity.v3.Token(
|
||||
return identity.V3Token(
|
||||
auth_url=auth_url,
|
||||
token=context.auth_token,
|
||||
project_id=context.tenant)
|
||||
|
@ -21,9 +21,8 @@ Note: This requires local running instances of Barbican and Keystone.
|
||||
import abc
|
||||
import uuid
|
||||
|
||||
from keystoneclient.auth.identity import v3
|
||||
from keystoneclient import session
|
||||
from keystoneclient.v3 import client
|
||||
from keystoneauth1 import identity
|
||||
from keystoneauth1 import session
|
||||
from oslo_config import cfg
|
||||
from oslo_context import context
|
||||
from oslotest import base
|
||||
@ -113,22 +112,16 @@ class BarbicanKeyManagerOSLOContextTestCase(BarbicanKeyManagerTestCase,
|
||||
user_domain_name = CONF.identity.user_domain_name
|
||||
project_domain_name = CONF.identity.project_domain_name
|
||||
|
||||
auth = v3.Password(auth_url=auth_url,
|
||||
auth = identity.V3Password(auth_url=auth_url,
|
||||
username=username,
|
||||
password=password,
|
||||
project_name=project_name,
|
||||
user_domain_name=user_domain_name,
|
||||
project_domain_name=project_domain_name)
|
||||
sess = session.Session(auth=auth)
|
||||
keystone_client = client.Client(session=sess)
|
||||
|
||||
project_list = keystone_client.projects.list(name=project_name)
|
||||
|
||||
ctxt = context.RequestContext(
|
||||
auth_token=auth.auth_ref.auth_token,
|
||||
tenant=project_list[0].id)
|
||||
|
||||
return ctxt
|
||||
return context.RequestContext(auth_token=auth.get_token(sess),
|
||||
tenant=auth.get_project_id(sess))
|
||||
|
||||
|
||||
class BarbicanKeyManagerKSPasswordTestCase(BarbicanKeyManagerTestCase,
|
||||
@ -161,19 +154,14 @@ class BarbicanKeyManagerKSTokenTestCase(BarbicanKeyManagerTestCase,
|
||||
user_domain_name = CONF.identity.user_domain_name
|
||||
project_domain_name = CONF.identity.project_domain_name
|
||||
|
||||
auth = v3.Password(auth_url=auth_url,
|
||||
auth = identity.V3Password(auth_url=auth_url,
|
||||
username=username,
|
||||
password=password,
|
||||
project_name=project_name,
|
||||
user_domain_name=user_domain_name,
|
||||
project_domain_name=project_domain_name)
|
||||
sess = session.Session(auth=auth)
|
||||
keystone_client = client.Client(session=sess)
|
||||
sess = session.Session()
|
||||
|
||||
project_list = keystone_client.projects.list(name=project_name)
|
||||
|
||||
ctxt = keystone_token.KeystoneToken(
|
||||
token=auth.auth_ref.auth_token,
|
||||
project_id=project_list[0].id)
|
||||
|
||||
return ctxt
|
||||
return keystone_token.KeystoneToken(
|
||||
token=auth.get_token(sess),
|
||||
project_id=auth.get_project_id(sess))
|
||||
|
@ -52,7 +52,7 @@ provided.
|
||||
.. note::
|
||||
|
||||
Keystone Token and Password authentication is achieved using
|
||||
keystoneclient.auth.identity.v3 Token and Password auth plugins.
|
||||
keystoneauth1.identity Token and Password auth plugins.
|
||||
There are a variety of different variables which can be set for the
|
||||
keystone credential options.
|
||||
|
||||
@ -88,23 +88,23 @@ that is being abstracted.
|
||||
|
||||
.. code:: python
|
||||
|
||||
from keystoneclient.v3 import client
|
||||
from keystoneauth1 import identity
|
||||
from keystoneauth1 import session
|
||||
from oslo_context import context
|
||||
|
||||
username = 'admin'
|
||||
password = 'openstack'
|
||||
project_name = 'admin'
|
||||
auth_url = 'http://localhost:5000/v3'
|
||||
keystone_client = client.Client(username=username,
|
||||
auth_url = 'http://localhost:5000/'
|
||||
auth = identity.Password(auth_url=auth_url,
|
||||
username=username,
|
||||
password=password,
|
||||
project_name=project_name,
|
||||
auth_url=auth_url,
|
||||
project_domain_id='default')
|
||||
default_domain_id='default')
|
||||
sess = session.Session()
|
||||
|
||||
project_list = keystone_client.projects.list(name=project_name)
|
||||
|
||||
ctxt = context.RequestContext(auth_token=keystone_client.auth_token,
|
||||
tenant=project_list[0].id)
|
||||
ctxt = context.RequestContext(auth_token=auth.get_token(sess),
|
||||
tenant=auth.get_project_id(sess))
|
||||
|
||||
ctxt can then be passed into any key_manager api call.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user