Use short names for drivers

With stevedore support, we can use shorter names for the drivers
rather than the full class path.

Using the full class path is supported, but deprecated (the code
falls back to importing by importutils which is already reported
as deprecated).

bp stevedore

Co-Authored-By: Boris Bobrov <bbobrov@mirantis.com>
Change-Id: I11cf1bca474f59419185e2a1970c1dae31017329

keystone/assignment/backends/ldap.py

@@ -36,7 +36,7 @@ class Assignment(assignment.Driver):
     @versionutils.deprecated(
         versionutils.deprecated.KILO,
         remove_in=+2,
-        what='keystone.assignment.backends.ldap.Assignment')
+        what='ldap')
     def __init__(self):
         super(Assignment, self).__init__()
         self.LDAP_URL = CONF.ldap.url
@@ -54,10 +54,10 @@ class Assignment(assignment.Driver):
         self.role = RoleApi(CONF, self.user)
 
     def default_role_driver(self):
-        return 'keystone.assignment.role_backends.ldap.Role'
+        return 'ldap'
 
     def default_resource_driver(self):
-        return 'keystone.resource.backends.ldap.Resource'
+        return 'ldap'
 
     def list_role_ids_for_groups_on_project(
             self, groups, project_id, project_domain_id, project_parents):

keystone/assignment/backends/sql.py

@@ -53,10 +53,10 @@ class AssignmentType(object):
 class Assignment(keystone_assignment.Driver):
 
     def default_role_driver(self):
-        return "keystone.assignment.role_backends.sql.Role"
+        return 'sql'
 
     def default_resource_driver(self):
-        return 'keystone.resource.backends.sql.Resource'
+        return 'sql'
 
     def list_user_ids_for_project(self, tenant_id):
         with sql.transaction() as session:

keystone/common/config.py

@@ -149,8 +149,7 @@ FILE_OPTIONS = {
                         'identity configuration files if '
                         'domain_specific_drivers_enabled is set to true.'),
         cfg.StrOpt('driver',
-                   default=('keystone.identity.backends'
+                   default='sql',
-                            '.sql.Identity'),
                    help='Identity backend driver.'),
         cfg.BoolOpt('caching', default=True,
                     help='Toggle for identity caching. This has no '
@@ -168,12 +167,10 @@ FILE_OPTIONS = {
     ],
     'identity_mapping': [
         cfg.StrOpt('driver',
-                   default=('keystone.identity.mapping_backends'
+                   default='sql',
-                            '.sql.Mapping'),
                    help='Keystone Identity Mapping backend driver.'),
         cfg.StrOpt('generator',
-                   default=('keystone.identity.id_generators'
+                   default='sha256',
-                            '.sha256.Generator'),
                    help='Public ID generator for user and group entities. '
                         'The Keystone identity mapper only supports '
                         'generators that produce no more than 64 characters.'),
@@ -209,7 +206,7 @@ FILE_OPTIONS = {
         cfg.IntOpt('max_redelegation_count', default=3,
                    help='Maximum depth of trust redelegation.'),
         cfg.StrOpt('driver',
-                   default='keystone.trust.backends.sql.Trust',
+                   default='sql',
                    help='Trust backend driver.')],
     'os_inherit': [
         cfg.BoolOpt('enabled', default=False,
@@ -245,13 +242,12 @@ FILE_OPTIONS = {
                    help='Amount of time a token should remain valid '
                         '(in seconds).'),
         cfg.StrOpt('provider',
-                   default='keystone.token.providers.uuid.Provider',
+                   default='uuid',
                    help='Controls the token construction, validation, and '
                         'revocation operations. Core providers are '
-                        '"keystone.token.providers.[fernet|pkiz|pki|uuid].'
+                        '[fernet|pkiz|pki|uuid].'),
-                        'Provider".'),
         cfg.StrOpt('driver',
-                   default='keystone.token.persistence.backends.sql.Token',
+                   default='sql',
                    help='Token persistence backend driver.'),
         cfg.BoolOpt('caching', default=True,
                     help='Toggle for token system caching. This has no '
@@ -282,7 +278,7 @@ FILE_OPTIONS = {
     ],
     'revoke': [
         cfg.StrOpt('driver',
-                   default='keystone.contrib.revoke.backends.sql.Revoke',
+                   default='sql',
                    help='An implementation of the backend for persisting '
                         'revocation events.'),
         cfg.IntOpt('expiration_buffer', default=1800,
@@ -448,8 +444,7 @@ FILE_OPTIONS = {
     ],
     'domain_config': [
         cfg.StrOpt('driver',
-                   default='keystone.resource.config_backends.sql.'
+                   default='sql',
-                           'DomainConfig',
                    help='Domain config backend driver.'),
         cfg.BoolOpt('caching', default=True,
                     help='Toggle for domain config caching. This has no '
@@ -477,13 +472,12 @@ FILE_OPTIONS = {
     ],
     'credential': [
         cfg.StrOpt('driver',
-                   default=('keystone.credential.backends'
+                   default='sql',
-                            '.sql.Credential'),
                    help='Credential backend driver.'),
     ],
     'oauth1': [
         cfg.StrOpt('driver',
-                   default='keystone.contrib.oauth1.backends.sql.OAuth1',
+                   default='sql',
                    help='Credential backend driver.'),
         cfg.IntOpt('request_token_duration', default=28800,
                    help='Duration (in seconds) for the OAuth Request Token.'),
@@ -492,8 +486,7 @@ FILE_OPTIONS = {
     ],
     'federation': [
         cfg.StrOpt('driver',
-                   default='keystone.contrib.federation.'
+                   default='sql',
-                           'backends.sql.Federation',
                    help='Federation backend driver.'),
         cfg.StrOpt('assertion_prefix', default='',
                    help='Value to be used when filtering assertion parameters '
@@ -526,7 +519,7 @@ FILE_OPTIONS = {
     ],
     'policy': [
         cfg.StrOpt('driver',
-                   default='keystone.policy.backends.sql.Policy',
+                   default='sql',
                    help='Policy backend driver.'),
         cfg.IntOpt('list_limit',
                    help='Maximum number of entities that will be returned '
@@ -534,8 +527,7 @@ FILE_OPTIONS = {
     ],
     'endpoint_filter': [
         cfg.StrOpt('driver',
-                   default='keystone.contrib.endpoint_filter.backends'
+                   default='sql',
-                           '.sql.EndpointFilter',
                    help='Endpoint Filter backend driver'),
         cfg.BoolOpt('return_all_endpoints_if_no_filter', default=True,
                     help='Toggle to return all active endpoints if no filter '
@@ -543,8 +535,7 @@ FILE_OPTIONS = {
     ],
     'endpoint_policy': [
         cfg.StrOpt('driver',
-                   default='keystone.contrib.endpoint_policy.backends'
+                   default='sql',
-                           '.sql.EndpointPolicy',
                    help='Endpoint policy backend driver'),
     ],
     'ldap': [
@@ -889,7 +880,7 @@ FILE_OPTIONS = {
                    help='Catalog template file name for use with the '
                         'template catalog backend.'),
         cfg.StrOpt('driver',
-                   default='keystone.catalog.backends.sql.Catalog',
+                   default='sql',
                    help='Catalog backend driver.'),
         cfg.BoolOpt('caching', default=True,
                     help='Toggle for catalog caching. This has no '

keystone/identity/backends/ldap.py

@@ -42,7 +42,7 @@ class Identity(identity.Driver):
         self.group = GroupApi(conf)
 
     def default_assignment_driver(self):
-        return "keystone.assignment.backends.ldap.Assignment"
+        return 'ldap'
 
     def is_domain_aware(self):
         return False

keystone/identity/backends/sql.py

@@ -77,7 +77,7 @@ class Identity(identity.Driver):
         super(Identity, self).__init__()
 
     def default_assignment_driver(self):
-        return "keystone.assignment.backends.sql.Assignment"
+        return 'sql'
 
     @property
     def is_sql(self):

keystone/resource/backends/ldap.py

@@ -47,7 +47,7 @@ class Resource(resource.Driver):
         self.project = ProjectApi(CONF)
 
     def default_assignment_driver(self):
-        return 'keystone.assignment.backends.ldap.Assignment'
+        return 'ldap'
 
     def _set_default_parent_project(self, ref):
         """If the parent project ID has not been set, set it to None."""

keystone/resource/backends/sql.py

@@ -27,7 +27,7 @@ LOG = log.getLogger(__name__)
 class Resource(keystone_resource.Driver):
 
     def default_assignment_driver(self):
-        return 'keystone.assignment.backends.sql.Assignment'
+        return 'sql'
 
     def _get_project(self, session, project_id):
         project_ref = session.query(Project).get(project_id)

keystone/resource/core.py

@@ -1011,7 +1011,7 @@ class DomainConfigManager(manager.Manager):
                     'url': 'myurl'
                     'user_tree_dn': 'OU=myou'},
                 'identity': {
-                    'driver': 'keystone.identity.backends.ldap.Identity'}
+                    'driver': 'ldap'}
 
             }
 

keystone/tests/unit/backend/core_ldap.py

@@ -66,9 +66,7 @@ class BaseBackendLdapCommon(object):
 
     def config_overrides(self):
         super(BaseBackendLdapCommon, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
-            driver='keystone.identity.backends.ldap.Identity')
 
     def config_files(self):
         config_files = super(BaseBackendLdapCommon, self).config_files()
@@ -129,15 +127,9 @@ class BaseBackendLdapIdentitySqlEverythingElse(tests.SQLDriverOverrides):
     def config_overrides(self):
         super(BaseBackendLdapIdentitySqlEverythingElse,
               self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
+        self.config_fixture.config(group='resource', driver='sql')
-            driver='keystone.identity.backends.ldap.Identity')
+        self.config_fixture.config(group='assignment', driver='sql')
-        self.config_fixture.config(
-            group='resource',
-            driver='keystone.resource.backends.sql.Resource')
-        self.config_fixture.config(
-            group='assignment',
-            driver='keystone.assignment.backends.sql.Assignment')
 
 
 class BaseBackendLdapIdentitySqlEverythingElseWithMapping(object):

keystone/tests/unit/common/test_ldap.py

@@ -218,9 +218,7 @@ class LDAPDeleteTreeTest(tests.TestCase):
 
     def config_overrides(self):
         super(LDAPDeleteTreeTest, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
-            driver='keystone.identity.backends.ldap.Identity')
 
     def config_files(self):
         config_files = super(LDAPDeleteTreeTest, self).config_files()
@@ -372,9 +370,7 @@ class LDAPPagedResultsTest(tests.TestCase):
 
     def config_overrides(self):
         super(LDAPPagedResultsTest, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
-            driver='keystone.identity.backends.ldap.Identity')
 
     def config_files(self):
         config_files = super(LDAPPagedResultsTest, self).config_files()

keystone/tests/unit/config_files/domain_configs_default_ldap_one_sql/keystone.domain1.conf

@@ -2,4 +2,4 @@
 # 'domain1' for use with unit tests.
 
 [identity]
-driver = keystone.identity.backends.sql.Identity
+driver = sql

keystone/tests/unit/config_files/domain_configs_multi_ldap/keystone.Default.conf

@@ -11,4 +11,4 @@ password = password
 suffix = cn=example,cn=com
 
 [identity]
-driver = keystone.identity.backends.ldap.Identity
+driver = ldap

keystone/tests/unit/config_files/domain_configs_multi_ldap/keystone.domain1.conf

@@ -8,4 +8,4 @@ password = password
 suffix = cn=example,cn=com
 
 [identity]
-driver = keystone.identity.backends.ldap.Identity
+driver = ldap

keystone/tests/unit/config_files/domain_configs_multi_ldap/keystone.domain2.conf

@@ -10,4 +10,4 @@ group_tree_dn = ou=UserGroups,dc=myroot,dc=org
 user_tree_dn = ou=Users,dc=myroot,dc=org
 
 [identity]
-driver = keystone.identity.backends.ldap.Identity
+driver = ldap

keystone/tests/unit/config_files/domain_configs_one_extra_sql/keystone.domain2.conf

@@ -2,4 +2,4 @@
 # 'domain2' for use with unit tests.
 
 [identity]
-driver = keystone.identity.backends.sql.Identity
+driver = sql

keystone/tests/unit/config_files/domain_configs_one_sql_one_ldap/keystone.Default.conf

@@ -11,4 +11,4 @@ password = password
 suffix = cn=example,cn=com
 
 [identity]
-driver = keystone.identity.backends.ldap.Identity
+driver = ldap

keystone/tests/unit/config_files/domain_configs_one_sql_one_ldap/keystone.domain1.conf

@@ -2,4 +2,4 @@
 # 'domain1' for use with unit tests.
 
 [identity]
-driver = keystone.identity.backends.sql.Identity
+driver = sql

keystone/tests/unit/core.py

@@ -287,7 +287,7 @@ class TestCase(BaseTestCase):
             proxies=['keystone.tests.unit.test_cache.CacheIsolatingProxy'])
         self.config_fixture.config(
             group='catalog',
-            driver='keystone.catalog.backends.templated.Catalog',
+            driver='templated',
             template_file=dirs.tests('default_catalog.templates'))
         self.config_fixture.config(
             group='kvs',
@@ -295,16 +295,12 @@ class TestCase(BaseTestCase):
                 ('keystone.tests.unit.test_kvs.'
                  'KVSBackendForcedKeyMangleFixture'),
                 'keystone.tests.unit.test_kvs.KVSBackendFixture'])
-        self.config_fixture.config(
+        self.config_fixture.config(group='revoke', driver='kvs')
-            group='revoke',
-            driver='keystone.contrib.revoke.backends.kvs.Revoke')
         self.config_fixture.config(
             group='signing', certfile=signing_certfile,
             keyfile=signing_keyfile,
             ca_certs='examples/pki/certs/cacert.pem')
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', driver='kvs')
-            group='token',
-            driver='keystone.token.persistence.backends.kvs.Token')
         self.config_fixture.config(
             group='saml', certfile=signing_certfile, keyfile=signing_keyfile)
         self.config_fixture.config(
@@ -633,21 +629,9 @@ class SQLDriverOverrides(object):
     def config_overrides(self):
         super(SQLDriverOverrides, self).config_overrides()
         # SQL specific driver overrides
-        self.config_fixture.config(
+        self.config_fixture.config(group='catalog', driver='sql')
-            group='catalog',
+        self.config_fixture.config(group='identity', driver='sql')
-            driver='keystone.catalog.backends.sql.Catalog')
+        self.config_fixture.config(group='policy', driver='sql')
-        self.config_fixture.config(
+        self.config_fixture.config(group='revoke', driver='sql')
-            group='identity',
+        self.config_fixture.config(group='token', driver='sql')
-            driver='keystone.identity.backends.sql.Identity')
+        self.config_fixture.config(group='trust', driver='sql')
-        self.config_fixture.config(
-            group='policy',
-            driver='keystone.policy.backends.sql.Policy')
-        self.config_fixture.config(
-            group='revoke',
-            driver='keystone.contrib.revoke.backends.sql.Revoke')
-        self.config_fixture.config(
-            group='token',
-            driver='keystone.token.persistence.backends.sql.Token')
-        self.config_fixture.config(
-            group='trust',
-            driver='keystone.trust.backends.sql.Trust')

keystone/tests/unit/identity/test_core.py

@@ -140,7 +140,7 @@ class TestDatabaseDomainConfigs(tests.TestCase):
         conf = {'ldap': {'url': uuid.uuid4().hex,
                          'suffix': uuid.uuid4().hex},
                 'identity': {
-                    'driver': 'keystone.identity.backends.ldap.Identity'}}
+                    'driver': 'ldap'}}
         self.domain_config_api.create_config(domain['id'], conf)
         fake_standard_driver = None
         domain_config = identity.DomainConfigs()

keystone/tests/unit/test_associate_project_endpoint_extension.py

@@ -28,9 +28,7 @@ class TestExtensionCase(test_v3.RestfulTestCase):
     def config_overrides(self):
         super(TestExtensionCase, self).config_overrides()
         self.config_fixture.config(
-            group='catalog',
+            group='catalog', driver='endpoint_filter.sql')
-            driver='keystone.contrib.endpoint_filter.backends.catalog_sql.'
-                   'EndpointFilterCatalog')
 
     def setUp(self):
         super(TestExtensionCase, self).setUp()

keystone/tests/unit/test_auth.py

@@ -1196,9 +1196,7 @@ class TokenExpirationTest(AuthTest):
         self.assertEqual(original_expiration, r['access']['token']['expires'])
 
     def test_maintain_uuid_token_expiration(self):
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='uuid')
-            group='token',
-            provider='keystone.token.providers.uuid.Provider')
         self._maintain_token_expiration()
 
 

keystone/tests/unit/test_backend_kvs.py

@@ -110,9 +110,7 @@ class KvsCatalog(tests.TestCase, test_backend.CatalogTests):
 
     def config_overrides(self):
         super(KvsCatalog, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='catalog', driver='kvs')
-            group='catalog',
-            driver='keystone.catalog.backends.kvs.Catalog')
 
     def _load_fake_catalog(self):
         self.catalog_foobar = self.catalog_api.driver._create_catalog(
@@ -167,6 +165,4 @@ class KvsTokenCacheInvalidation(tests.TestCase,
 
     def config_overrides(self):
         super(KvsTokenCacheInvalidation, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', driver='kvs')
-            group='token',
-            driver='keystone.token.persistence.backends.kvs.Token')

keystone/tests/unit/test_backend_ldap.py

@@ -79,9 +79,7 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
 
     def config_overrides(self):
         super(BaseLDAPIdentity, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
-            driver='keystone.identity.backends.ldap.Identity')
 
     def config_files(self):
         config_files = super(BaseLDAPIdentity, self).config_files()
@@ -2128,15 +2126,9 @@ class LdapIdentitySqlAssignment(BaseLDAPIdentity, tests.SQLDriverOverrides,
 
     def config_overrides(self):
         super(LdapIdentitySqlAssignment, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
+        self.config_fixture.config(group='resource', driver='sql')
-            driver='keystone.identity.backends.ldap.Identity')
+        self.config_fixture.config(group='assignment', driver='sql')
-        self.config_fixture.config(
-            group='resource',
-            driver='keystone.resource.backends.sql.Resource')
-        self.config_fixture.config(
-            group='assignment',
-            driver='keystone.assignment.backends.sql.Assignment')
 
     def test_domain_crud(self):
         pass
@@ -2414,15 +2406,9 @@ class MultiLDAPandSQLIdentity(BaseLDAPIdentity, tests.SQLDriverOverrides,
         super(MultiLDAPandSQLIdentity, self).config_overrides()
         # Make sure identity and assignment are actually SQL drivers,
         # BaseLDAPIdentity sets these options to use LDAP.
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='sql')
-            group='identity',
+        self.config_fixture.config(group='resource', driver='sql')
-            driver='keystone.identity.backends.sql.Identity')
+        self.config_fixture.config(group='assignment', driver='sql')
-        self.config_fixture.config(
-            group='resource',
-            driver='keystone.resource.backends.sql.Resource')
-        self.config_fixture.config(
-            group='assignment',
-            driver='keystone.assignment.backends.sql.Assignment')
 
     def _setup_initial_users(self):
         # Create some identity entities BEFORE we switch to multi-backend, so
@@ -2666,14 +2652,14 @@ class MultiLDAPandSQLIdentityDomainConfigsInSQL(MultiLDAPandSQLIdentity):
                      'user': 'cn=Admin',
                      'password': 'password',
                      'suffix': 'cn=example,cn=com'},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}
+            'identity': {'driver': 'ldap'}
         }
         domain1_config = {
             'ldap': {'url': 'fake://memory1',
                      'user': 'cn=Admin',
                      'password': 'password',
                      'suffix': 'cn=example,cn=com'},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}
+            'identity': {'driver': 'ldap'}
         }
         domain2_config = {
             'ldap': {'url': 'fake://memory',
@@ -2682,7 +2668,7 @@ class MultiLDAPandSQLIdentityDomainConfigsInSQL(MultiLDAPandSQLIdentity):
                      'suffix': 'cn=myroot,cn=com',
                      'group_tree_dn': 'ou=UserGroups,dc=myroot,dc=org',
                      'user_tree_dn': 'ou=Users,dc=myroot,dc=org'},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}
+            'identity': {'driver': 'ldap'}
         }
 
         self.domain_config_api.create_config(CONF.identity.default_domain_id,
@@ -2730,7 +2716,7 @@ class MultiLDAPandSQLIdentityDomainConfigsInSQL(MultiLDAPandSQLIdentity):
         # current settings.
         new_config = {
             'ldap': {'url': uuid.uuid4().hex},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}}
+            'identity': {'driver': 'ldap'}}
         self.domain_config_api.create_config(
             CONF.identity.default_domain_id, new_config)
         default_config = (
@@ -2756,8 +2742,7 @@ class MultiLDAPandSQLIdentityDomainConfigsInSQL(MultiLDAPandSQLIdentity):
     def test_setting_sql_driver_raises_exception(self):
         """Ensure setting of domain specific sql driver is prevented."""
 
-        new_config = {
+        new_config = {'identity': {'driver': 'sql'}}
-            'identity': {'driver': 'keystone.identity.backends.sql.Identity'}}
         self.domain_config_api.create_config(
             CONF.identity.default_domain_id, new_config)
         self.assertRaises(exception.InvalidDomainConfig,
@@ -2809,12 +2794,8 @@ class DomainSpecificLDAPandSQLIdentity(
         super(DomainSpecificLDAPandSQLIdentity, self).config_overrides()
         # Make sure resource & assignment are actually SQL drivers,
         # BaseLDAPIdentity causes this option to use LDAP.
-        self.config_fixture.config(
+        self.config_fixture.config(group='resource', driver='sql')
-            group='resource',
+        self.config_fixture.config(group='assignment', driver='sql')
-            driver='keystone.resource.backends.sql.Resource')
-        self.config_fixture.config(
-            group='assignment',
-            driver='keystone.assignment.backends.sql.Assignment')
 
     def reload_backends(self, domain_id):
         # Just reload the driver for this domain - which will pickup
@@ -2962,15 +2943,9 @@ class DomainSpecificSQLIdentity(DomainSpecificLDAPandSQLIdentity):
 
     def config_overrides(self):
         super(DomainSpecificSQLIdentity, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
+        self.config_fixture.config(group='resource', driver='sql')
-            driver='keystone.identity.backends.ldap.Identity')
+        self.config_fixture.config(group='assignment', driver='sql')
-        self.config_fixture.config(
-            group='resource',
-            driver='keystone.resource.backends.sql.Resource')
-        self.config_fixture.config(
-            group='assignment',
-            driver='keystone.assignment.backends.sql.Assignment')
 
     def get_config(self, domain_id):
         if domain_id == CONF.identity.default_domain_id:
@@ -2989,25 +2964,17 @@ class DomainSpecificSQLIdentity(DomainSpecificLDAPandSQLIdentity):
     def test_default_sql_plus_sql_specific_driver_fails(self):
         # First confirm that if ldap is default driver, domain1 can be
         # loaded as sql
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
+        self.config_fixture.config(group='assignment', driver='sql')
-            driver='keystone.identity.backends.ldap.Identity')
-        self.config_fixture.config(
-            group='assignment',
-            driver='keystone.assignment.backends.sql.Assignment')
         self.load_backends()
         # Make any identity call to initiate the lazy loading of configs
         self.identity_api.list_users(
             domain_scope=CONF.identity.default_domain_id)
         self.assertIsNotNone(self.get_config(self.domains['domain1']['id']))
 
-        # Now re-initialize, but with sql as the default identity driver
+        # Now re-initialize, but with sql as the identity driver
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='sql')
-            group='identity',
+        self.config_fixture.config(group='assignment', driver='sql')
-            driver='keystone.identity.backends.sql.Identity')
-        self.config_fixture.config(
-            group='assignment',
-            driver='keystone.assignment.backends.sql.Assignment')
         self.load_backends()
         # Make any identity call to initiate the lazy loading of configs, which
         # should fail since we would now have two sql drivers.
@@ -3016,12 +2983,8 @@ class DomainSpecificSQLIdentity(DomainSpecificLDAPandSQLIdentity):
                           domain_scope=CONF.identity.default_domain_id)
 
     def test_multiple_sql_specific_drivers_fails(self):
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
+        self.config_fixture.config(group='assignment', driver='sql')
-            driver='keystone.identity.backends.ldap.Identity')
-        self.config_fixture.config(
-            group='assignment',
-            driver='keystone.assignment.backends.sql.Assignment')
         self.load_backends()
         # Ensure default, domain1 and domain2 exist
         self.domain_count = 3
@@ -3060,9 +3023,7 @@ class LdapFilterTests(test_backend.FilterTests, tests.TestCase):
 
     def config_overrides(self):
         super(LdapFilterTests, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
-            driver='keystone.identity.backends.ldap.Identity')
 
     def config_files(self):
         config_files = super(LdapFilterTests, self).config_files()

keystone/tests/unit/test_backend_rules.py

@@ -25,9 +25,7 @@ class RulesPolicy(tests.TestCase, test_backend.PolicyTests):
 
     def config_overrides(self):
         super(RulesPolicy, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='policy', driver='rules')
-            group='policy',
-            driver='keystone.policy.backends.rules.Policy')
 
     def test_create(self):
         self.assertRaises(exception.NotImplemented,

keystone/tests/unit/test_catalog.py

@@ -47,9 +47,7 @@ class V2CatalogTestCase(rest.RestfulTestCase):
 
     def config_overrides(self):
         super(V2CatalogTestCase, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='catalog', driver='sql')
-            group='catalog',
-            driver='keystone.catalog.backends.sql.Catalog')
 
     def new_ref(self):
         """Populates a ref with attributes common to all API entities."""
@@ -147,9 +145,7 @@ class TestV2CatalogAPISQL(tests.TestCase):
 
     def config_overrides(self):
         super(TestV2CatalogAPISQL, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='catalog', driver='sql')
-            group='catalog',
-            driver='keystone.catalog.backends.sql.Catalog')
 
     def new_endpoint_ref(self, service_id):
         return {

keystone/tests/unit/test_cert_setup.py

@@ -68,9 +68,7 @@ class CertSetupTestCase(rest.RestfulTestCase):
             ca_certs=ca_certs,
             certfile=os.path.join(CERTDIR, 'keystone.pem'),
             keyfile=os.path.join(KEYDIR, 'keystonekey.pem'))
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='pkiz')
-            group='token',
-            provider='keystone.token.providers.pkiz.Provider')
 
     def test_can_handle_missing_certs(self):
         controller = token.controllers.Auth()

keystone/tests/unit/test_cli.py

@@ -104,14 +104,14 @@ class CliDomainConfigAllTestCase(tests.SQLDriverOverrides, tests.TestCase):
                      'user': 'cn=Admin',
                      'password': 'password',
                      'suffix': 'cn=example,cn=com'},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}
+            'identity': {'driver': 'ldap'}
         }
         domain1_config = {
             'ldap': {'url': 'fake://memory1',
                      'user': 'cn=Admin',
                      'password': 'password',
                      'suffix': 'cn=example,cn=com'},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}
+            'identity': {'driver': 'ldap'}
         }
         domain2_config = {
             'ldap': {'url': 'fake://memory',
@@ -120,7 +120,7 @@ class CliDomainConfigAllTestCase(tests.SQLDriverOverrides, tests.TestCase):
                      'suffix': 'cn=myroot,cn=com',
                      'group_tree_dn': 'ou=UserGroups,dc=myroot,dc=org',
                      'user_tree_dn': 'ou=Users,dc=myroot,dc=org'},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}
+            'identity': {'driver': 'ldap'}
         }
 
         # Clear backend dependencies, since cli loads these manually
@@ -152,7 +152,7 @@ class CliDomainConfigSingleDomainTestCase(CliDomainConfigAllTestCase):
                      'user': 'cn=Admin',
                      'password': 'password',
                      'suffix': 'cn=example,cn=com'},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}
+            'identity': {'driver': 'ldap'}
         }
 
         # Clear backend dependencies, since cli loads these manually
@@ -173,7 +173,7 @@ class CliDomainConfigSingleDomainTestCase(CliDomainConfigAllTestCase):
         # Create a config for the default domain
         default_config = {
             'ldap': {'url': uuid.uuid4().hex},
-            'identity': {'driver': 'keystone.identity.backends.ldap.Identity'}
+            'identity': {'driver': 'ldap'}
         }
         self.domain_config_api.create_config(
             CONF.identity.default_domain_id, default_config)

keystone/tests/unit/test_ldap_livetest.py

@@ -83,9 +83,7 @@ class LiveLDAPIdentity(test_backend_ldap.LDAPIdentity):
 
     def config_overrides(self):
         super(LiveLDAPIdentity, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
-            driver='keystone.identity.backends.ldap.Identity')
 
     def test_build_tree(self):
         """Regression test for building the tree names

keystone/tests/unit/test_ldap_pool_livetest.py

@@ -50,9 +50,7 @@ class LiveLDAPPoolIdentity(test_backend_ldap_pool.LdapPoolCommonTestMixin,
 
     def config_overrides(self):
         super(LiveLDAPPoolIdentity, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
-            driver='keystone.identity.backends.ldap.Identity')
 
     def test_assert_connector_used_not_fake_ldap_pool(self):
         handler = ldap_core._get_connection(CONF.ldap.url, use_pool=True)

keystone/tests/unit/test_ldap_tls_livetest.py

@@ -46,9 +46,7 @@ class LiveTLSLDAPIdentity(test_ldap_livetest.LiveLDAPIdentity):
 
     def config_overrides(self):
         super(LiveTLSLDAPIdentity, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='identity', driver='ldap')
-            group='identity',
-            driver='keystone.identity.backends.ldap.Identity')
 
     def test_tls_certfile_demand_option(self):
         self.config_fixture.config(group='ldap',

keystone/tests/unit/test_revoke.py

@@ -187,24 +187,20 @@ class RevokeTests(object):
 class SqlRevokeTests(test_backend_sql.SqlTests, RevokeTests):
     def config_overrides(self):
         super(SqlRevokeTests, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='revoke', driver='sql')
-            group='revoke',
-            driver='keystone.contrib.revoke.backends.sql.Revoke')
         self.config_fixture.config(
             group='token',
-            provider='keystone.token.providers.pki.Provider',
+            provider='pki',
             revoke_by_id=False)
 
 
 class KvsRevokeTests(tests.TestCase, RevokeTests):
     def config_overrides(self):
         super(KvsRevokeTests, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='revoke', driver='kvs')
-            group='revoke',
-            driver='keystone.contrib.revoke.backends.kvs.Revoke')
         self.config_fixture.config(
             group='token',
-            provider='keystone.token.providers.pki.Provider',
+            provider='pki',
             revoke_by_id=False)
 
     def setUp(self):

keystone/tests/unit/test_token_provider.py

@@ -744,27 +744,19 @@ class TestTokenProvider(tests.TestCase):
                               uuid.Provider)
 
         dependency.reset()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='uuid')
-            group='token',
-            provider='keystone.token.providers.uuid.Provider')
         self.assertIsInstance(token.provider.Manager().driver, uuid.Provider)
 
         dependency.reset()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='pki')
-            group='token',
-            provider='keystone.token.providers.pki.Provider')
         self.assertIsInstance(token.provider.Manager().driver, pki.Provider)
 
         dependency.reset()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='pkiz')
-            group='token',
-            provider='keystone.token.providers.pkiz.Provider')
         self.assertIsInstance(token.provider.Manager().driver, pkiz.Provider)
 
         dependency.reset()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='fernet')
-            group='token',
-            provider='keystone.token.providers.fernet.Provider')
         self.assertIsInstance(token.provider.Manager().driver, fernet.Provider)
 
     def test_unsupported_token_provider(self):

keystone/tests/unit/test_v2.py

@@ -1375,12 +1375,10 @@ class V2TestCase(RestfulTestCase, CoreApiTests, LegacyV2UsernameTests):
 class RevokeApiTestCase(V2TestCase):
     def config_overrides(self):
         super(RevokeApiTestCase, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='revoke', driver='kvs')
-            group='revoke',
-            driver='keystone.contrib.revoke.backends.kvs.Revoke')
         self.config_fixture.config(
             group='token',
-            provider='keystone.token.providers.pki.Provider',
+            provider='pki',
             revoke_by_id=False)
 
     def test_fetch_revocation_list_admin_200(self):
@@ -1412,9 +1410,7 @@ class TestFernetTokenProviderV2(RestfulTestCase):
 
     def config_overrides(self):
         super(TestFernetTokenProviderV2, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='fernet')
-            group='token',
-            provider='keystone.token.providers.fernet.Provider')
 
     def test_authenticate_unscoped_token(self):
         unscoped_token = self.get_unscoped_token()

keystone/tests/unit/test_v3_auth.py

@@ -485,9 +485,7 @@ class AllowRescopeScopedTokenDisabledTests(test_v3.RestfulTestCase):
 class TestPKITokenAPIs(test_v3.RestfulTestCase, TokenAPITests):
     def config_overrides(self):
         super(TestPKITokenAPIs, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='pki')
-            group='token',
-            provider='keystone.token.providers.pki.Provider')
 
     def setUp(self):
         super(TestPKITokenAPIs, self).setUp()
@@ -501,9 +499,7 @@ class TestPKIZTokenAPIs(test_v3.RestfulTestCase, TokenAPITests):
 
     def config_overrides(self):
         super(TestPKIZTokenAPIs, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='pkiz')
-            group='token',
-            provider='keystone.token.providers.pkiz.Provider')
 
     def setUp(self):
         super(TestPKIZTokenAPIs, self).setUp()
@@ -513,9 +509,7 @@ class TestPKIZTokenAPIs(test_v3.RestfulTestCase, TokenAPITests):
 class TestUUIDTokenAPIs(test_v3.RestfulTestCase, TokenAPITests):
     def config_overrides(self):
         super(TestUUIDTokenAPIs, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='uuid')
-            group='token',
-            provider='keystone.token.providers.uuid.Provider')
 
     def setUp(self):
         super(TestUUIDTokenAPIs, self).setUp()
@@ -675,12 +669,10 @@ class TestTokenRevokeById(test_v3.RestfulTestCase):
 
     def config_overrides(self):
         super(TestTokenRevokeById, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='revoke', driver='kvs')
-            group='revoke',
-            driver='keystone.contrib.revoke.backends.kvs.Revoke')
         self.config_fixture.config(
             group='token',
-            provider='keystone.token.providers.pki.Provider',
+            provider='pki',
             revoke_by_id=False)
 
     def setUp(self):
@@ -1391,12 +1383,10 @@ class TestTokenRevokeApi(TestTokenRevokeById):
     """Test token revocation on the v3 Identity API."""
     def config_overrides(self):
         super(TestTokenRevokeApi, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='revoke', driver='kvs')
-            group='revoke',
-            driver='keystone.contrib.revoke.backends.kvs.Revoke')
         self.config_fixture.config(
             group='token',
-            provider='keystone.token.providers.pki.Provider',
+            provider='pki',
             revoke_by_id=False)
 
     def assertValidDeletedProjectResponse(self, events_response, project_id):
@@ -3067,12 +3057,10 @@ class TestTrustAuth(test_v3.RestfulTestCase):
 
     def config_overrides(self):
         super(TestTrustAuth, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='revoke', driver='kvs')
-            group='revoke',
-            driver='keystone.contrib.revoke.backends.kvs.Revoke')
         self.config_fixture.config(
             group='token',
-            provider='keystone.token.providers.pki.Provider',
+            provider='pki',
             revoke_by_id=False)
         self.config_fixture.config(group='trust', enabled=True)
 
@@ -4123,9 +4111,7 @@ class TestFernetTokenProvider(test_v3.RestfulTestCase):
 
     def config_overrides(self):
         super(TestFernetTokenProvider, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='fernet')
-            group='token',
-            provider='keystone.token.providers.fernet.Provider')
 
     def test_validate_unscoped_token(self):
         unscoped_token = self._get_unscoped_token()
@@ -4454,9 +4440,7 @@ class TestAuthFernetTokenProvider(TestAuth):
 
     def config_overrides(self):
         super(TestAuthFernetTokenProvider, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='fernet')
-            group='token',
-            provider='keystone.token.providers.fernet.Provider')
 
     def test_verify_with_bound_token(self):
         self.config_fixture.config(group='token', bind='kerberos')

keystone/tests/unit/test_v3_catalog.py

@@ -637,9 +637,7 @@ class TestCatalogAPISQL(tests.TestCase):
 
     def config_overrides(self):
         super(TestCatalogAPISQL, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='catalog', driver='sql')
-            group='catalog',
-            driver='keystone.catalog.backends.sql.Catalog')
 
     def new_endpoint_ref(self, service_id):
         return {
@@ -740,9 +738,7 @@ class TestCatalogAPISQLRegions(tests.TestCase):
 
     def config_overrides(self):
         super(TestCatalogAPISQLRegions, self).config_overrides()
-        self.config_fixture.config(
+        self.config_fixture.config(group='catalog', driver='sql')
-            group='catalog',
-            driver='keystone.catalog.backends.sql.Catalog')
 
     def new_endpoint_ref(self, service_id):
         return {

keystone/tests/unit/test_v3_federation.py

@@ -2917,9 +2917,7 @@ class FernetFederatedTokenTests(FederationTests, FederatedSetupMixin):
             saml2='keystone.auth.plugins.saml2.Saml2')
         super(FernetFederatedTokenTests,
               self).auth_plugin_config_override(methods, **method_classes)
-        self.config_fixture.config(
+        self.config_fixture.config(group='token', provider='fernet')
-            group='token',
-            provider='keystone.token.providers.fernet.Provider')
         self.useFixture(ksfixtures.KeyRepository(self.config_fixture))
 
     def test_federated_unscoped_token(self):

keystone/token/persistence/backends/kvs.py

@@ -56,10 +56,8 @@ class Token(token.persistence.Driver):
             # is instantiated.
             LOG.warn(_LW('It is recommended to only use the base '
                          'key-value-store implementation for the token driver '
-                         'for testing purposes. Please use '
+                         "for testing purposes. Please use 'memcache' or "
-                         'keystone.token.persistence.backends.memcache.Token '
+                         "'sql' instead."))
-                         'or keystone.token.persistence.backends.sql.Token '
-                         'instead.'))
 
     def _prefix_token_id(self, token_id):
         return 'token-%s' % token_id.encode('utf-8')

setup.cfg

@@ -65,73 +65,73 @@ console_scripts =
     keystone-manage = keystone.cmd.manage:main
 
 keystone.assignment =
-    keystone.assignment.backends.ldap.Assignment = keystone.assignment.backends.ldap:Assignment
+    ldap = keystone.assignment.backends.ldap:Assignment
-    keystone.assignment.backends.sql.Assignment = keystone.assignment.backends.sql:Assignment
+    sql = keystone.assignment.backends.sql:Assignment
 
 keystone.catalog =
-    keystone.catalog.backends.kvs.Catalog = keystone.catalog.backends.kvs:Catalog
+    kvs = keystone.catalog.backends.kvs:Catalog
-    keystone.catalog.backends.sql.Catalog = keystone.catalog.backends.sql:Catalog
+    sql = keystone.catalog.backends.sql:Catalog
-    keystone.catalog.backends.templated.Catalog = keystone.catalog.backends.templated:Catalog
+    templated = keystone.catalog.backends.templated:Catalog
-    keystone.contrib.endpoint_filter.backends.catalog_sql.EndpointFilterCatalog = keystone.contrib.endpoint_filter.backends.catalog_sql:EndpointFilterCatalog
+    endpoint_filter.sql = keystone.contrib.endpoint_filter.backends.catalog_sql:EndpointFilterCatalog
 
 keystone.credential =
-    keystone.credential.backends.sql.Credential = keystone.credential.backends.sql:Credential
+    sql = keystone.credential.backends.sql:Credential
 
 keystone.identity =
-    keystone.identity.backends.ldap.Identity = keystone.identity.backends.ldap:Identity
+    ldap = keystone.identity.backends.ldap:Identity
-    keystone.identity.backends.sql.Identity = keystone.identity.backends.sql:Identity
+    sql = keystone.identity.backends.sql:Identity
 
 keystone.identity.id_generator =
-    keystone.identity.id_generators.sha256.Generator = keystone.identity.id_generators.sha256:Generator
+    sha256 = keystone.identity.id_generators.sha256:Generator
 
 keystone.identity.id_mapping =
-    keystone.identity.mapping_backends.sql.Mapping = keystone.identity.mapping_backends.sql:Mapping
+    sql = keystone.identity.mapping_backends.sql:Mapping
 
 keystone.policy =
-    keystone.policy.backends.rules.Policy = keystone.policy.backends.rules:Policy
+    rules = keystone.policy.backends.rules:Policy
-    keystone.policy.backends.sql.Policy = keystone.policy.backends.sql:Policy
+    sql = keystone.policy.backends.sql:Policy
 
 keystone.resource =
-    keystone.resource.backends.ldap.Resource = keystone.resource.backends.ldap:Resource
+    ldap = keystone.resource.backends.ldap:Resource
-    keystone.resource.backends.sql.Resource = keystone.resource.backends.sql:Resource
+    sql = keystone.resource.backends.sql:Resource
 
 keystone.resource.domain_config =
-    keystone.resource.config_backends.sql.DomainConfig = keystone.resource.config_backends.sql:DomainConfig
+    sql = keystone.resource.config_backends.sql:DomainConfig
 
 keystone.role =
-    keystone.assignment.role_backends.ldap.Role = keystone.assignment.role_backends.ldap:Role
+    ldap = keystone.assignment.role_backends.ldap:Role
-    keystone.assignment.role_backends.sql.Role = keystone.assignment.role_backends.sql:Role
+    sql = keystone.assignment.role_backends.sql:Role
 
 keystone.token.persistence =
-    keystone.token.persistence.backends.kvs.Token = keystone.token.persistence.backends.kvs:Token
+    kvs = keystone.token.persistence.backends.kvs:Token
-    keystone.token.persistence.backends.memcache.Token = keystone.token.persistence.backends.memcache:Token
+    memcache = keystone.token.persistence.backends.memcache:Token
-    keystone.token.persistence.backends.memcache_pool.Token = keystone.token.persistence.backends.memcache_pool:Token
+    memcache_pool = keystone.token.persistence.backends.memcache_pool:Token
-    keystone.token.persistence.backends.sql.Token = keystone.token.persistence.backends.sql:Token
+    sql = keystone.token.persistence.backends.sql:Token
 
 keystone.token.provider =
-    keystone.token.providers.fernet.Provider = keystone.token.providers.fernet:Provider
+    fernet = keystone.token.providers.fernet:Provider
-    keystone.token.providers.uuid.Provider = keystone.token.providers.uuid:Provider
+    uuid = keystone.token.providers.uuid:Provider
-    keystone.token.providers.pki.Provider = keystone.token.providers.pki:Provider
+    pki = keystone.token.providers.pki:Provider
-    keystone.token.providers.pkiz.Provider = keystone.token.providers.pkiz:Provider
+    pkiz = keystone.token.providers.pkiz:Provider
 
 keystone.trust =
-    keystone.trust.backends.sql.Trust = keystone.trust.backends.sql:Trust
+    sql = keystone.trust.backends.sql:Trust
 
 keystone.endpoint_filter =
-    keystone.contrib.endpoint_filter.backends.sql.EndpointFilter = keystone.contrib.endpoint_filter.backends.sql:EndpointFilter
+    sql = keystone.contrib.endpoint_filter.backends.sql:EndpointFilter
 
 keystone.endpoint_policy =
-    keystone.contrib.endpoint_policy.backends.sql.EndpointPolicy = keystone.contrib.endpoint_policy.backends.sql:EndpointPolicy
+    sql = keystone.contrib.endpoint_policy.backends.sql:EndpointPolicy
 
 keystone.federation =
-    keystone.contrib.federation.backends.sql.Federation = keystone.contrib.federation.backends.sql:Federation
+    sql = keystone.contrib.federation.backends.sql:Federation
 
 keystone.oauth1 =
-    keystone.contrib.oauth1.backends.sql.OAuth1 = keystone.contrib.oauth1.backends.sql:OAuth1
+    sql = keystone.contrib.oauth1.backends.sql:OAuth1
 
 keystone.revoke =
-    keystone.contrib.revoke.backends.kvs.Revoke = keystone.contrib.revoke.backends.kvs:Revoke
+    kvs = keystone.contrib.revoke.backends.kvs:Revoke
-    keystone.contrib.revoke.backends.sql.Revoke = keystone.contrib.revoke.backends.sql:Revoke
+    sql = keystone.contrib.revoke.backends.sql:Revoke
 
 oslo.config.opts =
     keystone = keystone.common.config:list_opts