moves default keystone API to v3

v2.0 of the keystone API was deprecated in icehouse-2, moving to support v3 by default. This also fixes a bug in Horizon where if you specify v3 for the API version and v2.0 is still the auth url, login fails. Implements blueprint keystone-v3-default Partial-bug: #1267636 Change-Id: Ibc4872f24125fa74230eab781b002dffdba5f5da
2014-01-21 17:24:06 -07:00
parent b2eab841d9
commit 537fd8c7b2
6 changed files with 15 additions and 6 deletions
--- a/doc/source/installation.rst
+++ b/doc/source/installation.rst
@@ -18,7 +18,7 @@ Installing is quick and easy:

 #. Configure your API endpoint(s) in ``settings.py``::

-        OPENSTACK_KEYSTONE_URL = "http://example.com:5000/v2.0"
+        OPENSTACK_KEYSTONE_URL = "http://example.com:5000/v3"

 #. Include ``'keystone_auth.urls'`` somewhere in your ``urls.py`` file.

@@ -29,4 +29,4 @@ Running The Tests

 Download the repository and run::

-    python setup.py test
+    python setup.py test
--- a/openstack_auth/backend.py
+++ b/openstack_auth/backend.py
@@ -78,6 +78,10 @@ class KeystoneBackend(object):
        endpoint_type = getattr(
            settings, 'OPENSTACK_ENDPOINT_TYPE', 'publicURL')

+        # keystone client v3 does not support logging in on the v2 url any more
+        if get_keystone_version() >= 3:
+            auth_url = auth_url.replace('v2.0', 'v3')
+
        keystone_client = get_keystone_client()
        try:
            client = keystone_client.Client(
--- a/openstack_auth/tests/settings.py
+++ b/openstack_auth/tests/settings.py
@@ -31,7 +31,7 @@ MIDDLEWARE_CLASSES = [

 AUTHENTICATION_BACKENDS = ['openstack_auth.backend.KeystoneBackend']

-OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0"
+OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v3"

 ROOT_URLCONF = 'openstack_auth.tests.urls'

@@ -40,7 +40,7 @@ LOGIN_REDIRECT_URL = '/'
 SECRET_KEY = 'badcafe'

 OPENSTACK_API_VERSIONS = {
-    "identity": 2.0
+    "identity": 3
 }

 USE_TZ = True
--- a/openstack_auth/tests/tests.py
+++ b/openstack_auth/tests/tests.py
@@ -43,6 +43,8 @@ class OpenStackAuthTestsV2(test.TestCase):
        self.keystone_client_scoped = self.ks_client_module.Client(
            endpoint=endpoint,
            auth_ref=self.data.scoped_access_info)
+        settings.OPENSTACK_API_VERSIONS['identity'] = 2.0
+        settings.OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0"

    def tearDown(self):
        self.mox.UnsetStubs()
--- a/openstack_auth/utils.py
+++ b/openstack_auth/utils.py
@@ -141,7 +141,7 @@ def is_safe_url(url, host=None):
 # Helper for figuring out keystone version
 # Implementation will change when API version discovery is available
 def get_keystone_version():
-    return getattr(settings, 'OPENSTACK_API_VERSIONS', {}).get('identity', 2.0)
+    return getattr(settings, 'OPENSTACK_API_VERSIONS', {}).get('identity', 3)


 def get_keystone_client():
@@ -153,6 +153,8 @@ def get_keystone_client():

 def get_project_list(*args, **kwargs):
    if get_keystone_version() < 3:
+        auth_url = kwargs.get('auth_url', '').replace('v3', 'v2.0')
+        kwargs['auth_url'] = auth_url
        client = get_keystone_client().Client(*args, **kwargs)
        return client.tenants.list()
    else:
--- a/openstack_auth/views.py
+++ b/openstack_auth/views.py
@@ -136,7 +136,8 @@ def switch(request, tenant_id, redirect_field_name=REDIRECT_FIELD_NAME):
    endpoint = request.user.endpoint
    try:
        if get_keystone_version() >= 3:
-            endpoint = endpoint.replace('v2.0', 'v3')
+            if 'v3' not in endpoint:
+                endpoint = endpoint.replace('v2.0', 'v3')
        client = get_keystone_client().Client(tenant_id=tenant_id,
                                              token=request.user.token.id,
                                              auth_url=endpoint,