Cleanup keystonemiddleware configuration

This set the name of the project in the paste configuration to allow keystonemiddleware to find its configuration. This option will be introduced in version 2.2.0. This change also removes all keystonemiddleware workarounds. Change-Id: Ic4cb466ef911378e404ba20cb9a910fb599ad3c5
2015-08-04 12:51:34 +02:00 · 2015-08-04 12:51:34 +02:00 · b9da42b2d0
parent cf4cc65be6
commit b9da42b2d0
6 changed files with 3 additions and 77 deletions
--- a/aodh/service.py
+++ b/aodh/service.py
@ -17,7 +17,6 @@
 import os
 import socket

-from keystonemiddleware import opts as ks_opts
 from oslo_config import cfg
 from oslo_db import options as db_options
 import oslo_i18n
@ -105,8 +104,6 @@ def prepare_service(argv=None):
    log.set_defaults(default_log_levels=log_levels)
    db_options.set_defaults(conf)
    policy_opts.set_defaults(conf)
-    for group, options in ks_opts.list_auth_token_opts():
-        conf.register_opts(list(options), group=group)
    from aodh import opts
    # Register our own Aodh options
    for group, options in opts.list_opts():
--- a/aodh/tests/api/init.py
+++ b/aodh/tests/api/init.py
@ -39,7 +39,6 @@ class FunctionalTest(db_test_base.TestBase):
        self.CONF = self.useFixture(fixture_config.Config(conf)).conf
        self.setup_messaging(self.CONF)

-        self.CONF.set_override("auth_version", "v2.0", 'keystone_authtoken')
        self.CONF.set_override("policy_file",
                               self.path_get('etc/aodh/policy.json'),
                               group='oslo_policy')
--- a/aodh/tests/api/v2/test_acl_scenarios.py
+++ b/aodh/tests/api/v2/test_acl_scenarios.py
@ -15,82 +15,18 @@
 # under the License.
 """Test ACL."""

-import datetime
-import hashlib
-import json
-
 import mock
-from oslo_utils import timeutils
 import webtest

 from aodh.api import app
 from aodh.tests.api import v2
 from aodh.tests import db as tests_db

-VALID_TOKEN = '4562138218392831'
-VALID_TOKEN2 = '4562138218392832'
-
-
-class FakeMemcache(object):
-
-    TOKEN_HASH = hashlib.sha256(VALID_TOKEN.encode('utf-8')).hexdigest()
-    TOKEN2_HASH = hashlib.sha256(VALID_TOKEN2.encode('utf-8')).hexdigest()
-
-    def get(self, key):
-        if (key == "tokens/%s" % VALID_TOKEN or
-                key == "tokens/%s" % self.TOKEN_HASH):
-            dt = timeutils.utcnow() + datetime.timedelta(minutes=5)
-            return json.dumps(({'access': {
-                'token': {'id': VALID_TOKEN,
-                          'expires': timeutils.isotime(dt)},
-                'user': {
-                    'id': 'user_id1',
-                    'name': 'user_name1',
-                    'tenantId': '123i2910',
-                    'tenantName': 'mytenant',
-                    'roles': [
-                        {'name': 'admin'},
-                    ]},
-            }}, timeutils.isotime(dt)))
-        if (key == "tokens/%s" % VALID_TOKEN2 or
-                key == "tokens/%s" % self.TOKEN2_HASH):
-            dt = timeutils.utcnow() + datetime.timedelta(minutes=5)
-            return json.dumps(({'access': {
-                'token': {'id': VALID_TOKEN2,
-                          'expires': timeutils.isotime(dt)},
-                'user': {
-                    'id': 'user_id2',
-                    'name': 'user-good',
-                    'tenantId': 'project-good',
-                    'tenantName': 'goodies',
-                    'roles': [
-                        {'name': 'Member'},
-                    ]},
-            }}, timeutils.isotime(dt)))
-
-    @staticmethod
-    def set(key, value, **kwargs):
-        pass
-

 class TestAPIACL(v2.FunctionalTest,
                 tests_db.MixinTestsWithBackendScenarios):

-    def setUp(self):
-        super(TestAPIACL, self).setUp()
-        self.environ = {'fake.cache': FakeMemcache()}
-
-    def get_json(self, path, expect_errors=False, headers=None,
-                 q=None, **params):
-        return super(TestAPIACL, self).get_json(path,
-                                                expect_errors=expect_errors,
-                                                headers=headers,
-                                                q=q or [],
-                                                extra_environ=self.environ,
-                                                **params)
-
    def _make_app(self):
-        self.CONF.set_override("cache", "fake.cache", 'keystone_authtoken')
        file_name = self.path_get('etc/aodh/api_paste.ini')
        self.CONF.set_override("paste_config", file_name, "api")
        # We need the other call to prepare_service in app.py to return the
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@ -189,14 +189,7 @@ function configure_aodh {
    iniset $AODH_CONF service_credentials os_region_name $REGION_NAME
    iniset $AODH_CONF service_credentials os_auth_url $KEYSTONE_SERVICE_URI/v2.0

-    # TODO(chdent): Until
-    # https://bugs.launchpad.net/keystonemiddleware/+bug/1482078
-    # and
-    # https://bugs.launchpad.net/keystonemiddleware/+bug/1406218
-    # are resolved the easiest way to deal with the auth_token
-    # middleware when using a non-global conf is to put it in the
-    # paste file.
-    configure_auth_token_middleware $AODH_CONF_DIR/api_paste.ini aodh $AODH_AUTH_CACHE_DIR filter:authtoken
+    configure_auth_token_middleware $AODH_CONF aodh $AODH_AUTH_CACHE_DIR 

    iniset $AODH_CONF notification store_events $AODH_EVENTS

--- a/etc/aodh/api_paste.ini
+++ b/etc/aodh/api_paste.ini
@ -12,6 +12,7 @@ paste.app_factory = aodh.api.app:app_factory

 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory
+oslo_config_project = aodh

 [filter:request_id]
 paste.filter_factory = oslo_middleware:RequestId.factory
--- a/requirements.txt
+++ b/requirements.txt
@ -7,7 +7,7 @@ retrying!=1.3.0,>=1.2.3 # Apache-2.0
 croniter>=0.3.4 # MIT License
 eventlet>=0.17.4
 jsonschema!=2.5.0,<3.0.0,>=2.0.0
-keystonemiddleware>=1.5.0
+keystonemiddleware>=2.2.0
 lxml>=2.3
 oslo.context>=0.2.0 # Apache-2.0
 oslo.db>=1.12.0 # Apache-2.0