Don't use keystoneclient for auth_ref

We seem to be unnecessarily using keystone client for
auth_ref. Use get_access from auth_plugin instead.

This removes the properties auth_token and auth_ref from
keystone client wrapper.

Change-Id: I99cc89b6013a98dca4fcbf3840d5bb83afa6e3d5

heat/common/context.py

@@ -297,7 +297,7 @@ class RequestContext(context.RequestContext):
 class StoredContext(RequestContext):
     def _load_keystone_data(self):
         self._keystone_loaded = True
-        auth_ref = self.clients.client('keystone').auth_ref
+        auth_ref = self.auth_plugin.get_access(self.keystone_session)
 
         self.roles = auth_ref.role_names
         self.user_domain = auth_ref.user_domain_id

heat/engine/clients/os/keystone/heat_keystoneclient.py

@@ -540,14 +540,6 @@ class KsClientWrapper(object):
         self._check_stack_domain_user(user_id, project_id, 'enable')
         self.domain_admin_client.users.update(user=user_id, enabled=True)
 
-    @property
-    def auth_token(self):
-        return self.context.auth_plugin.get_token(self.session)
-
-    @property
-    def auth_ref(self):
-        return self.context.auth_plugin.get_access(self.session)
-
 
 class KeystoneClient(object):
     """Keystone Auth Client.

heat/tests/clients/test_clients.py

@@ -130,14 +130,13 @@ class ClientsTest(common.HeatTestCase):
         con.tenant_id = "b363706f891f48019483f8bd6503c54b"
         con.auth_token = None
         con.auth_plugin = fakes.FakeAuth(auth_token='anewtoken')
-        self.stub_keystoneclient(context=con)
         c = clients.Clients(con)
         con.clients = c
 
         obj = c.client_plugin('heat')
         obj.url_for = mock.Mock(name="url_for")
         obj.url_for.return_value = "url_from_keystone"
-        self.assertEqual('anewtoken', c.client('keystone').auth_token)
+        self.assertEqual('url_from_keystone', obj.get_heat_url())
 
     @mock.patch.object(heatclient, 'Client')
     def test_clients_heat_cached(self, mock_call):

heat/tests/fakes.py

@@ -91,16 +91,17 @@ class FakeAuth(plugin.BaseAuthPlugin):
         return 'http://example.com:1234/v1'
 
     def get_auth_ref(self, session):
-        auth_ref = mock.Mock()
-        return auth_ref
+        return mock.Mock()
+
+    def get_access(self, sesssion):
+        return FakeAccessInfo([], None, None)
 
 
 class FakeKeystoneClient(object):
     def __init__(self, username='test_username', password='password',
                  user_id='1234', access='4567', secret='8901',
                  credential_id='abcdxyz', auth_token='abcd1234',
-                 context=None, stack_domain_id='4321', roles=None,
-                 user_domain_id=None, project_domain_id=None, client=None):
+                 context=None, stack_domain_id='4321', client=None):
         self.username = username
         self.password = password
         self.user_id = user_id
@@ -112,9 +113,6 @@ class FakeKeystoneClient(object):
         self.context = context
         self.v3_endpoint = 'http://localhost:5000/v3'
         self.stack_domain_id = stack_domain_id
-        self.roles = roles or []
-        self.user_domain_id = user_domain_id
-        self.project_domain_id = project_domain_id
         self.client = client
 
         class FakeCred(object):
@@ -194,19 +192,6 @@ class FakeKeystoneClient(object):
     def stack_domain_user_token(self, user_id, project_id, password):
         return 'adomainusertoken'
 
-    @property
-    def auth_token(self):
-        if self.context is not None:
-            return self.context.auth_plugin.get_token(self.session)
-        else:
-            return self.token
-
-    @property
-    def auth_ref(self):
-        return FakeAccessInfo(roles=self.roles,
-                              user_domain=self.user_domain_id,
-                              project_domain=self.project_domain_id)
-
 
 class FakeAccessInfo(object):
     def __init__(self, roles, user_domain, project_domain):

heat/tests/test_stack.py

@@ -62,6 +62,7 @@ class StackTest(common.HeatTestCase):
 
         self.tmpl = template.Template(copy.deepcopy(empty_template))
         self.ctx = utils.dummy_context()
+        self.stub_auth()
 
     def test_stack_reads_tenant(self):
         self.stack = stack.Stack(self.ctx, 'test_stack', self.tmpl,
@@ -175,14 +176,10 @@ class StackTest(common.HeatTestCase):
     def test_no_auth_token(self):
         ctx = utils.dummy_context()
         ctx.auth_token = None
-        self.stub_auth()
 
-        self.m.ReplayAll()
         self.stack = stack.Stack(ctx, 'test_stack', self.tmpl)
         self.assertEqual('abcd1234',
-                         self.stack.clients.client('keystone').auth_token)
-
-        self.m.VerifyAll()
+                         ctx.auth_plugin.auth_token)
 
     def test_state_deleted(self):
         self.stack = stack.Stack(self.ctx, 'test_stack', self.tmpl,
@@ -1483,6 +1480,11 @@ class StackTest(common.HeatTestCase):
         self.assertEqual('atrust', user_creds.get('trust_id'))
         self.assertEqual('auser123', user_creds.get('trustor_user_id'))
 
+        auth = self.patchobject(context.RequestContext,
+                                'trusts_auth_plugin')
+        self.patchobject(auth, 'get_access',
+                         return_value=fakes.FakeAccessInfo([], None, None))
+
         # Check the stored_context is as expected
         expected_context = context.RequestContext(
             trust_id='atrust', trustor_user_id='auser123',