Use keystoneauth1 instead of keystoneclient

The keystoneclient session has been deprecated in favour of
keystoneauth1. To make this cleaner a few unnecessary usages of
keystoneclient are cleaned up.

Change-Id: I8bfcff53165a18f94c600797dd8105d64d948e7a
This commit is contained in:
Jamie Lennox 2016-06-01 22:15:50 +10:00
parent b54d07b99f
commit 712e85763b
3 changed files with 39 additions and 50 deletions

View File

@ -22,8 +22,9 @@ import time
from cryptography.hazmat import backends
from cryptography.hazmat.primitives import serialization
from cryptography import x509 as cryptography_x509
from keystoneclient.auth import identity
from keystoneclient import session
from keystoneauth1 import identity
from keystoneauth1 import loading
from keystoneauth1 import session
from oslo_config import cfg
from oslo_log import log as logging
from oslo_utils import excutils
@ -85,7 +86,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
self._base_url = None
self.conf = configuration
self.conf.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP)
session.Session.register_conf_options(self.conf, BARBICAN_OPT_GROUP)
loading.register_session_conf_options(self.conf, BARBICAN_OPT_GROUP)
def _get_barbican_client(self, context):
"""Creates a client to connect to the Barbican service.
@ -130,7 +131,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
auth_url = self.conf.barbican.auth_endpoint
if context.__class__.__name__ is 'KeystonePassword':
return identity.v3.Password(
return identity.V3Password(
auth_url=auth_url,
username=context.username,
password=context.password,
@ -146,7 +147,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
project_domain_name=context.project_domain_name,
reauthenticate=context.reauthenticate)
elif context.__class__.__name__ is 'KeystoneToken':
return identity.v3.Token(
return identity.V3Token(
auth_url=auth_url,
token=context.token,
trust_id=context.trust_id,
@ -160,7 +161,7 @@ class BarbicanKeyManager(key_manager.KeyManager):
# this will be kept for oslo.context compatibility until
# projects begin to use utils.credential_factory
elif context.__class__.__name__ is 'RequestContext':
return identity.v3.Token(
return identity.V3Token(
auth_url=auth_url,
token=context.auth_token,
project_id=context.tenant)

View File

@ -21,9 +21,8 @@ Note: This requires local running instances of Barbican and Keystone.
import abc
import uuid
from keystoneclient.auth.identity import v3
from keystoneclient import session
from keystoneclient.v3 import client
from keystoneauth1 import identity
from keystoneauth1 import session
from oslo_config import cfg
from oslo_context import context
from oslotest import base
@ -113,22 +112,16 @@ class BarbicanKeyManagerOSLOContextTestCase(BarbicanKeyManagerTestCase,
user_domain_name = CONF.identity.user_domain_name
project_domain_name = CONF.identity.project_domain_name
auth = v3.Password(auth_url=auth_url,
username=username,
password=password,
project_name=project_name,
user_domain_name=user_domain_name,
project_domain_name=project_domain_name)
auth = identity.V3Password(auth_url=auth_url,
username=username,
password=password,
project_name=project_name,
user_domain_name=user_domain_name,
project_domain_name=project_domain_name)
sess = session.Session(auth=auth)
keystone_client = client.Client(session=sess)
project_list = keystone_client.projects.list(name=project_name)
ctxt = context.RequestContext(
auth_token=auth.auth_ref.auth_token,
tenant=project_list[0].id)
return ctxt
return context.RequestContext(auth_token=auth.get_token(sess),
tenant=auth.get_project_id(sess))
class BarbicanKeyManagerKSPasswordTestCase(BarbicanKeyManagerTestCase,
@ -161,19 +154,14 @@ class BarbicanKeyManagerKSTokenTestCase(BarbicanKeyManagerTestCase,
user_domain_name = CONF.identity.user_domain_name
project_domain_name = CONF.identity.project_domain_name
auth = v3.Password(auth_url=auth_url,
username=username,
password=password,
project_name=project_name,
user_domain_name=user_domain_name,
project_domain_name=project_domain_name)
sess = session.Session(auth=auth)
keystone_client = client.Client(session=sess)
auth = identity.V3Password(auth_url=auth_url,
username=username,
password=password,
project_name=project_name,
user_domain_name=user_domain_name,
project_domain_name=project_domain_name)
sess = session.Session()
project_list = keystone_client.projects.list(name=project_name)
ctxt = keystone_token.KeystoneToken(
token=auth.auth_ref.auth_token,
project_id=project_list[0].id)
return ctxt
return keystone_token.KeystoneToken(
token=auth.get_token(sess),
project_id=auth.get_project_id(sess))

View File

@ -52,7 +52,7 @@ provided.
.. note::
Keystone Token and Password authentication is achieved using
keystoneclient.auth.identity.v3 Token and Password auth plugins.
keystoneauth1.identity Token and Password auth plugins.
There are a variety of different variables which can be set for the
keystone credential options.
@ -88,23 +88,23 @@ that is being abstracted.
.. code:: python
from keystoneclient.v3 import client
from keystoneauth1 import identity
from keystoneauth1 import session
from oslo_context import context
username = 'admin'
password = 'openstack'
project_name = 'admin'
auth_url = 'http://localhost:5000/v3'
keystone_client = client.Client(username=username,
password=password,
project_name=project_name,
auth_url=auth_url,
project_domain_id='default')
auth_url = 'http://localhost:5000/'
auth = identity.Password(auth_url=auth_url,
username=username,
password=password,
project_name=project_name,
default_domain_id='default')
sess = session.Session()
project_list = keystone_client.projects.list(name=project_name)
ctxt = context.RequestContext(auth_token=keystone_client.auth_token,
tenant=project_list[0].id)
ctxt = context.RequestContext(auth_token=auth.get_token(sess),
tenant=auth.get_project_id(sess))
ctxt can then be passed into any key_manager api call.