From 6327e9ee52ff46b89742cf7ee172c326fb75b476 Mon Sep 17 00:00:00 2001
From: Eyal <eyal.bar-ilan@nokia.com>
Date: Thu, 15 Jun 2017 10:24:47 +0300
Subject: [PATCH] add option to connect without authentication

user can provide the user name , project id and endpoint
and connect directly to vitrage without connecting to keystone

the user should use the no-auth plugin for this

Change-Id: Id672ab974fb383c03ef8360b54a385b2f6aeae86
---
 setup.cfg              |  3 ++
 vitrageclient/auth.py  | 77 ++++++++++++++++++++++++++++++++++++++++++
 vitrageclient/shell.py | 18 ++++++----
 3 files changed, 91 insertions(+), 7 deletions(-)
 create mode 100644 vitrageclient/auth.py

diff --git a/setup.cfg b/setup.cfg
index a106ce3..9c77866 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -32,6 +32,9 @@ setup-hooks =
 console_scripts =
     vitrage = vitrageclient.shell:main
 
+keystoneauth1.plugin =
+    vitrage-noauth = vitrageclient.auth:VitrageNoAuthLoader
+
 openstack.cli.extension =
     rca = vitrageclient.osc
 
diff --git a/vitrageclient/auth.py b/vitrageclient/auth.py
new file mode 100644
index 0000000..2db7a6e
--- /dev/null
+++ b/vitrageclient/auth.py
@@ -0,0 +1,77 @@
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+import os
+
+from keystoneauth1 import loading
+from keystoneauth1 import plugin
+
+
+class VitrageNoAuthPlugin(plugin.BaseAuthPlugin):
+    """No authentication plugin for Vitrage
+
+    This is a keystoneauth plugin that instead of
+    doing authentication, it just fill the 'x-user-id'
+    and 'x-project-id' headers with the user provided one.
+    """
+    def __init__(self, user_id, project_id, roles, endpoint):
+        self._user_id = user_id
+        self._project_id = project_id
+        self._endpoint = endpoint
+        self._roles = roles
+
+    def get_token(self, session, **kwargs):
+        return '<no-token-needed>'
+
+    def get_headers(self, session, **kwargs):
+        return {'x-user-id': self._user_id,
+                'x-project-id': self._project_id,
+                'x-roles': self._roles}
+
+    def get_user_id(self, session, **kwargs):
+        return self._user_id
+
+    def get_project_id(self, session, **kwargs):
+        return self._project_id
+
+    def get_endpoint(self, session, **kwargs):
+        return self._endpoint
+
+
+class VitrageOpt(loading.Opt):
+    @property
+    def argparse_args(self):
+        return ['--%s' % o.name for o in self._all_opts]
+
+    @property
+    def argparse_default(self):
+        # select the first ENV that is not false-y or return None
+        for o in self._all_opts:
+            v = os.environ.get('VITRAGE_%s' % o.name.replace('-', '_').upper())
+            if v:
+                return v
+        return self.default
+
+
+class VitrageNoAuthLoader(loading.BaseLoader):
+    plugin_class = VitrageNoAuthPlugin
+
+    def get_options(self):
+        options = super(VitrageNoAuthLoader, self).get_options()
+        return options
+        options.extend([
+            VitrageOpt('user-id', help='User ID', required=True),
+            VitrageOpt('project-id', help='Project ID', required=True),
+            VitrageOpt('roles', help='Roles', default="admin"),
+            VitrageOpt('endpoint', help='Vitrage endpoint', required=True),
+        ])
diff --git a/vitrageclient/shell.py b/vitrageclient/shell.py
index f47e2b5..c44d8bd 100644
--- a/vitrageclient/shell.py
+++ b/vitrageclient/shell.py
@@ -24,6 +24,7 @@ import os
 import sys
 import warnings
 
+import auth
 from cliff import app
 from cliff import commandmanager
 from keystoneauth1 import loading
@@ -85,15 +86,17 @@ class VitrageShell(app.App):
         parser = super(VitrageShell, self).build_option_parser(
             description, version, argparse_kwargs={'allow_abbrev': False})
 
-        self.register_keyauth_argparse_arguments(parser)
-
         parser.add_argument('--vitrage-api-version',
                             default=os.environ.get('VITRAGE_API_VERSION', '1'),
                             help='Defaults to env[VITRAGE_API_VERSION] or 1.')
 
-        parser.add_argument('--endpoint',
-                            default=os.environ.get('VITRAGE_ENDPOINT'),
-                            help='Vitrage endpoint (Env: VITRAGE_ENDPOINT)')
+        plugin = self.register_keyauth_argparse_arguments(parser)
+
+        if not isinstance(plugin, auth.VitrageNoAuthLoader):
+            parser.add_argument('--endpoint',
+                                default=os.environ.get('VITRAGE_ENDPOINT'),
+                                help='Vitrage endpoint (Env: VITRAGE_ENDPOINT)'
+                                )
 
         return parser
 
@@ -117,8 +120,9 @@ class VitrageShell(app.App):
 
         loading.register_session_argparse_arguments(parser=parser)
 
-        loading.register_auth_argparse_arguments(parser=parser, argv=sys.argv,
-                                                 default='password')
+        return loading.register_auth_argparse_arguments(parser=parser,
+                                                        argv=sys.argv,
+                                                        default='password')
 
     @property
     def client(self):