Merge "Request token creation docs + tweaks"

doc/source/command-objects/request-token.rst

@@ -0,0 +1,37 @@
+=============
+request token
+=============
+
+Identity v3
+
+`Requires: OS-OAUTH1 extension`
+
+request token create
+--------------------
+
+Create a request token
+
+.. program:: request token create
+.. code:: bash
+
+    os request token create
+        --consumer-key <consumer-key>
+        --consumer-secret <consumer-secret>
+        --project <project>
+        [--domain <domain>]
+
+.. option:: --consumer-key <consumer-key>
+
+    Consumer key (required)
+
+.. option:: --description <description>
+
+    Consumer secret (required)
+
+.. option:: --project <project>
+
+    Project that consumer wants to access (name or ID) (required)
+
+.. option:: --domain <domain>
+
+    Domain owning <project> (name or ID)

doc/source/commands.rst

@@ -102,7 +102,7 @@ referring to both Compute and Volume quotas.
 * ``project``: (**Identity**) owns a group of resources
 * ``quota``: (**Compute**, **Volume**) resource usage restrictions
 * ``region``: (**Identity**) a subset of an OpenStack deployment
-* ``request token``: Identity - temporary OAuth-based token
+* ``request token``: (**Identity**) temporary OAuth-based token
 * ``role``: (**Identity**) a policy object used to determine authorization
 * ``role assignment``: (**Identity**) a relationship between roles, users or groups, and domains or projects
 * ``security group``: Compute, Network - groups of network access rules

openstackclient/identity/v3/token.py

@@ -20,6 +20,9 @@ import six
 
 from cliff import show
 
+from openstackclient.common import utils
+from openstackclient.identity import common
+
 
 class AuthorizeRequestToken(show.ShowOne):
     """Authorize request token"""
@@ -53,6 +56,7 @@ class AuthorizeRequestToken(show.ShowOne):
         verifier_pin = identity_client.oauth1.request_tokens.authorize(
             parsed_args.request_key,
             roles)
+
         info = {}
         info.update(verifier_pin._info)
         return zip(*sorted(six.iteritems(info)))
@@ -110,7 +114,7 @@ class CreateAccessToken(show.ShowOne):
 
 
 class CreateRequestToken(show.ShowOne):
-    """Create request token"""
+    """Create a request token"""
 
     log = logging.getLogger(__name__ + '.CreateRequestToken')
 
@@ -119,33 +123,50 @@ class CreateRequestToken(show.ShowOne):
         parser.add_argument(
             '--consumer-key',
             metavar='<consumer-key>',
-            help='Consumer key',
+            help='Consumer key (required)',
             required=True
         )
         parser.add_argument(
             '--consumer-secret',
             metavar='<consumer-secret>',
-            help='Consumer secret',
+            help='Consumer secret (required)',
             required=True
         )
         parser.add_argument(
-            '--project-id',
+            '--project',
-            metavar='<project-id>',
+            metavar='<project>',
-            help='Requested project ID',
+            help='Project that consumer wants to access (name or ID)'
+                 ' (required)',
             required=True
         )
+        parser.add_argument(
+            '--domain',
+            metavar='<domain>',
+            help='Domain owning <project> (name or ID)',
+        )
         return parser
 
     def take_action(self, parsed_args):
         self.log.debug('take_action(%s)' % parsed_args)
-        token_client = self.app.client_manager.identity.oauth1.request_tokens
+
+        identity_client = self.app.client_manager.identity
+
+        if parsed_args.domain:
+            domain = common.find_domain(identity_client, parsed_args.domain)
+            project = utils.find_resource(identity_client.projects,
+                                          parsed_args.project,
+                                          domain_id=domain.id)
+        else:
+            project = utils.find_resource(identity_client.projects,
+                                          parsed_args.project)
+
+        token_client = identity_client.oauth1.request_tokens
+
         request_token = token_client.create(
             parsed_args.consumer_key,
             parsed_args.consumer_secret,
-            parsed_args.project_id)
+            project.id)
-        info = {}
+        return zip(*sorted(six.iteritems(request_token._info)))
-        info.update(request_token._info)
-        return zip(*sorted(six.iteritems(info)))
 
 
 class IssueToken(show.ShowOne):

openstackclient/tests/identity/v3/test_oauth.py

@@ -26,6 +26,8 @@ class TestOAuth1(identity_fakes.TestOAuth1):
         self.access_tokens_mock.reset_mock()
         self.request_tokens_mock = identity_client.oauth1.request_tokens
         self.request_tokens_mock.reset_mock()
+        self.projects_mock = identity_client.projects
+        self.projects_mock.reset_mock()
 
 
 class TestRequestTokenCreate(TestOAuth1):
@@ -39,18 +41,24 @@ class TestRequestTokenCreate(TestOAuth1):
             loaded=True,
         )
 
+        self.projects_mock.get.return_value = fakes.FakeResource(
+            None,
+            copy.deepcopy(identity_fakes.PROJECT),
+            loaded=True,
+        )
+
         self.cmd = token.CreateRequestToken(self.app, None)
 
     def test_create_request_tokens(self):
         arglist = [
             '--consumer-key', identity_fakes.consumer_id,
             '--consumer-secret', identity_fakes.consumer_secret,
-            '--project-id', identity_fakes.project_id,
+            '--project', identity_fakes.project_id,
         ]
         verifylist = [
             ('consumer_key', identity_fakes.consumer_id),
             ('consumer_secret', identity_fakes.consumer_secret),
-            ('project_id', identity_fakes.project_id),
+            ('project', identity_fakes.project_id),
         ]
         parsed_args = self.check_parser(self.cmd, arglist, verifylist)
         columns, data = self.cmd.take_action(parsed_args)