From d8332bcebb1a9782f5a33ced4dd5e4b8c8a43a47 Mon Sep 17 00:00:00 2001
From: Svetlana Shturm <sshturm@mirantis.com>
Date: Thu, 1 Aug 2019 21:36:50 -0500
Subject: [PATCH] Add support domain-scoped token for CLI

Change-Id: I4c0b4a6de9598e234e0b49b9cfc0b4dc5daaf7be
---
 doc/source/CLI.rst                            |  2 ++
 .../shipyard_client/api_client/base_client.py |  5 +++-
 .../shipyard_client/cli/commands.py           | 27 ++++++++++++++++---
 3 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/doc/source/CLI.rst b/doc/source/CLI.rst
index 3d38aef7..86d98c97 100644
--- a/doc/source/CLI.rst
+++ b/doc/source/CLI.rst
@@ -32,6 +32,8 @@ variables that will be used are as follows:
 
 -  OS_PROJECT_DOMAIN_NAME ("default" if not specified)
 -  OS_USER_DOMAIN_NAME ("default" if not specified)
+-  OS_DOMAIN_NAME
+-  OS_AUTH_TOKEN
 -  OS_PROJECT_NAME
 -  OS_USERNAME
 -  OS_PASSWORD
diff --git a/src/bin/shipyard_client/shipyard_client/api_client/base_client.py b/src/bin/shipyard_client/shipyard_client/api_client/base_client.py
index 5f984059..d806beb5 100644
--- a/src/bin/shipyard_client/shipyard_client/api_client/base_client.py
+++ b/src/bin/shipyard_client/shipyard_client/api_client/base_client.py
@@ -150,7 +150,10 @@ class BaseClient(metaclass=abc.ABCMeta):
     def _get_ks_session(self):
         self.logger.debug('Accessing keystone for keystone session')
         try:
-            auth = v3.Password(**self.context.keystone_auth)
+            if self.context.keystone_auth.get("token"):
+                auth = v3.Token(**self.context.keystone_auth)
+            else:
+                auth = v3.Password(**self.context.keystone_auth)
             return session.Session(auth=auth)
         except AuthorizationFailure as e:
             self.logger.error('Could not authorize against keystone: %s',
diff --git a/src/bin/shipyard_client/shipyard_client/cli/commands.py b/src/bin/shipyard_client/shipyard_client/cli/commands.py
index fec0e2ad..b36b3d70 100644
--- a/src/bin/shipyard_client/shipyard_client/cli/commands.py
+++ b/src/bin/shipyard_client/shipyard_client/cli/commands.py
@@ -46,10 +46,16 @@ from shipyard_client.cli.input_checks import check_control_action, check_id
     type=click.Choice(['format', 'raw', 'cli']),
     default='cli')
 # Supported Environment Variables
+@click.option('--os-auth-token',
+              envvar='OS_AUTH_TOKEN',
+              required=False)
 @click.option('--os-project-domain-name',
               envvar='OS_PROJECT_DOMAIN_NAME',
               required=False,
               default='default')
+@click.option('--os-domain-name',
+              envvar='OS_DOMAIN_NAME',
+              required=False)
 @click.option('--os-user-domain-name',
               envvar='OS_USER_DOMAIN_NAME',
               required=False,
@@ -68,9 +74,9 @@ from shipyard_client.cli.input_checks import check_control_action, check_id
     type=click.IntRange(0, 5),
     default=1)
 @click.pass_context
-def shipyard(ctx, context_marker, debug, os_project_domain_name,
-             os_user_domain_name, os_project_name, os_username, os_password,
-             os_auth_url, output_format, verbosity):
+def shipyard(ctx, context_marker, debug, os_auth_token, os_project_domain_name,
+             os_user_domain_name, os_domain_name, os_project_name, os_username,
+             os_password, os_auth_url, output_format, verbosity):
     """
     COMMAND: shipyard \n
     DESCRIPTION: The base shipyard command supports options that determine
@@ -95,7 +101,6 @@ def shipyard(ctx, context_marker, debug, os_project_domain_name,
     logger.debug('logging for cli initialized')
 
     auth_vars = {
-        'project_domain_name': os_project_domain_name,
         'user_domain_name': os_user_domain_name,
         'project_name': os_project_name,
         'username': os_username,
@@ -103,6 +108,20 @@ def shipyard(ctx, context_marker, debug, os_project_domain_name,
         'auth_url': os_auth_url
     }
 
+    if os_auth_token:
+        auth_vars = {
+            'token': os_auth_token,
+            'auth_url': os_auth_url
+        }
+
+    # Domain-scoped params
+    if os_domain_name:
+        auth_vars['domain_name'] = os_domain_name
+        auth_vars['project_domain_name'] = None
+    # Project-scoped params
+    else:
+        auth_vars['project_domain_name'] = os_project_domain_name
+
     ctx.obj['API_PARAMETERS'] = {
         'auth_vars': auth_vars,
         'context_marker': str(context_marker) if context_marker else None,