From b9161d77db209e9c78976bb2f2f05b5769c79364 Mon Sep 17 00:00:00 2001
From: Matthew Kassawara <mkassawara@gmail.com>
Date: Wed, 15 Apr 2015 11:11:46 -0500
Subject: [PATCH] Update keystone middleware in swift for Kilo

Update keystone authentication middleware in swift to
support the v3 API in Kilo.

Partially implements: blueprint master-kilofication

Change-Id: I28420dbb1cc0da958791c5e23c13eb38689028dd
---
 playbooks/roles/os_swift/defaults/main.yml          |  7 ++++++-
 .../roles/os_swift/tasks/swift_service_setup.yml    |  8 ++++----
 .../roles/os_swift/templates/proxy-server.conf.j2   | 13 ++++++++-----
 3 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/playbooks/roles/os_swift/defaults/main.yml b/playbooks/roles/os_swift/defaults/main.yml
index ff27c1e12a..e8f133afef 100644
--- a/playbooks/roles/os_swift/defaults/main.yml
+++ b/playbooks/roles/os_swift/defaults/main.yml
@@ -40,7 +40,9 @@ swift_account_port: "6002"
 ## Swift service defaults
 swift_service_name: swift
 swift_service_user_name: swift
-swift_service_tenant_name: service
+swift_service_project_name: service
+swift_service_project_domain_id: "default"
+swift_service_user_domain_id: "default"
 swift_service_role_name: "admin"
 swift_service_type: object-store
 swift_service_proto: http
@@ -53,6 +55,9 @@ swift_service_internaluri: "{{ swift_service_proto }}://{{ internal_lb_vip_addre
 swift_service_internalurl: "{{ swift_service_internaluri }}/v1/AUTH_%(tenant_id)s"
 swift_service_region: RegionOne
 
+## Keystone authentication middleware
+swift_keystone_auth_plugin: "password"
+
 ## Swift default variables
 swift_dispersion_user: dispersion
 swift_operator_role: swiftoperator
diff --git a/playbooks/roles/os_swift/tasks/swift_service_setup.yml b/playbooks/roles/os_swift/tasks/swift_service_setup.yml
index ed68c94226..08ef02ce66 100644
--- a/playbooks/roles/os_swift/tasks/swift_service_setup.yml
+++ b/playbooks/roles/os_swift/tasks/swift_service_setup.yml
@@ -38,7 +38,7 @@
     token: "{{ keystone_auth_admin_token }}"
     endpoint: "{{ keystone_service_adminurl }}"
     user_name: "{{ swift_service_user_name }}"
-    tenant_name: "{{ swift_service_tenant_name }}"
+    tenant_name: "{{ swift_service_project_name }}"
     password: "{{ swift_service_password }}"
   register: add_service
   until: add_service|success
@@ -56,7 +56,7 @@
     token: "{{ keystone_auth_admin_token }}"
     endpoint: "{{ keystone_service_adminurl }}"
     user_name: "{{ swift_service_user_name }}"
-    tenant_name: "{{ swift_service_tenant_name }}"
+    tenant_name: "{{ swift_service_project_name }}"
     role_name: "{{ swift_service_role_name }}"
   register: add_service
   until: add_service|success
@@ -88,7 +88,7 @@
     token: "{{ keystone_auth_admin_token }}"
     endpoint: "{{ keystone_service_adminurl }}"
     user_name: "{{ swift_dispersion_user }}"
-    tenant_name: "{{ swift_service_tenant_name }}"
+    tenant_name: "{{ swift_service_project_name }}"
     password: "{{ swift_dispersion_password }}"
   register: add_service
   until: add_service|success
@@ -105,7 +105,7 @@
     token: "{{ keystone_auth_admin_token }}"
     endpoint: "{{ keystone_service_adminurl }}"
     user_name: "{{ swift_dispersion_user }}"
-    tenant_name: "{{ swift_service_tenant_name }}"
+    tenant_name: "{{ swift_service_project_name }}"
     role_name: "{{ swift_operator_role }}"
   register: add_service
   until: add_service|success
diff --git a/playbooks/roles/os_swift/templates/proxy-server.conf.j2 b/playbooks/roles/os_swift/templates/proxy-server.conf.j2
index 9a47dc6a15..69e9b83c8e 100644
--- a/playbooks/roles/os_swift/templates/proxy-server.conf.j2
+++ b/playbooks/roles/os_swift/templates/proxy-server.conf.j2
@@ -35,11 +35,14 @@ user_test_tester3 = testing3
 {% elif swift_authtoken_active %}
 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory
-identity_uri = {{ keystone_service_adminuri }}
-auth_uri = {{ keystone_service_internalurl }}
-admin_tenant_name = {{ swift_service_tenant_name }}
-admin_user = {{ swift_service_user_name }}
-admin_password = {{ swift_service_password }}
+auth_plugin = {{ swift_keystone_auth_plugin }}
+auth_url = {{ keystone_service_adminuri }}
+auth_uri = {{ keystone_service_internaluri }}
+project_domain_id = {{ swift_service_project_domain_id }}
+user_domain_id = {{ swift_service_user_domain_id }}
+project_name = {{ swift_service_project_name }}
+username = {{ swift_service_user_name }}
+password = {{ swift_service_password }}
 delay_auth_decision = {{ swift_delay_auth_decision }}
 {% endif %}