Don't use keystoneclient for auth_ref
We seem to be unnecessarily using keystone client for auth_ref. Use get_access from auth_plugin instead. This removes the properties auth_token and auth_ref from keystone client wrapper. Change-Id: I99cc89b6013a98dca4fcbf3840d5bb83afa6e3d5
This commit is contained in:
parent
9703437348
commit
1962988446
|
@ -297,7 +297,7 @@ class RequestContext(context.RequestContext):
|
|||
class StoredContext(RequestContext):
|
||||
def _load_keystone_data(self):
|
||||
self._keystone_loaded = True
|
||||
auth_ref = self.clients.client('keystone').auth_ref
|
||||
auth_ref = self.auth_plugin.get_access(self.keystone_session)
|
||||
|
||||
self.roles = auth_ref.role_names
|
||||
self.user_domain = auth_ref.user_domain_id
|
||||
|
|
|
@ -540,14 +540,6 @@ class KsClientWrapper(object):
|
|||
self._check_stack_domain_user(user_id, project_id, 'enable')
|
||||
self.domain_admin_client.users.update(user=user_id, enabled=True)
|
||||
|
||||
@property
|
||||
def auth_token(self):
|
||||
return self.context.auth_plugin.get_token(self.session)
|
||||
|
||||
@property
|
||||
def auth_ref(self):
|
||||
return self.context.auth_plugin.get_access(self.session)
|
||||
|
||||
|
||||
class KeystoneClient(object):
|
||||
"""Keystone Auth Client.
|
||||
|
|
|
@ -130,14 +130,13 @@ class ClientsTest(common.HeatTestCase):
|
|||
con.tenant_id = "b363706f891f48019483f8bd6503c54b"
|
||||
con.auth_token = None
|
||||
con.auth_plugin = fakes.FakeAuth(auth_token='anewtoken')
|
||||
self.stub_keystoneclient(context=con)
|
||||
c = clients.Clients(con)
|
||||
con.clients = c
|
||||
|
||||
obj = c.client_plugin('heat')
|
||||
obj.url_for = mock.Mock(name="url_for")
|
||||
obj.url_for.return_value = "url_from_keystone"
|
||||
self.assertEqual('anewtoken', c.client('keystone').auth_token)
|
||||
self.assertEqual('url_from_keystone', obj.get_heat_url())
|
||||
|
||||
@mock.patch.object(heatclient, 'Client')
|
||||
def test_clients_heat_cached(self, mock_call):
|
||||
|
|
|
@ -91,16 +91,17 @@ class FakeAuth(plugin.BaseAuthPlugin):
|
|||
return 'http://example.com:1234/v1'
|
||||
|
||||
def get_auth_ref(self, session):
|
||||
auth_ref = mock.Mock()
|
||||
return auth_ref
|
||||
return mock.Mock()
|
||||
|
||||
def get_access(self, sesssion):
|
||||
return FakeAccessInfo([], None, None)
|
||||
|
||||
|
||||
class FakeKeystoneClient(object):
|
||||
def __init__(self, username='test_username', password='password',
|
||||
user_id='1234', access='4567', secret='8901',
|
||||
credential_id='abcdxyz', auth_token='abcd1234',
|
||||
context=None, stack_domain_id='4321', roles=None,
|
||||
user_domain_id=None, project_domain_id=None, client=None):
|
||||
context=None, stack_domain_id='4321', client=None):
|
||||
self.username = username
|
||||
self.password = password
|
||||
self.user_id = user_id
|
||||
|
@ -112,9 +113,6 @@ class FakeKeystoneClient(object):
|
|||
self.context = context
|
||||
self.v3_endpoint = 'http://localhost:5000/v3'
|
||||
self.stack_domain_id = stack_domain_id
|
||||
self.roles = roles or []
|
||||
self.user_domain_id = user_domain_id
|
||||
self.project_domain_id = project_domain_id
|
||||
self.client = client
|
||||
|
||||
class FakeCred(object):
|
||||
|
@ -194,19 +192,6 @@ class FakeKeystoneClient(object):
|
|||
def stack_domain_user_token(self, user_id, project_id, password):
|
||||
return 'adomainusertoken'
|
||||
|
||||
@property
|
||||
def auth_token(self):
|
||||
if self.context is not None:
|
||||
return self.context.auth_plugin.get_token(self.session)
|
||||
else:
|
||||
return self.token
|
||||
|
||||
@property
|
||||
def auth_ref(self):
|
||||
return FakeAccessInfo(roles=self.roles,
|
||||
user_domain=self.user_domain_id,
|
||||
project_domain=self.project_domain_id)
|
||||
|
||||
|
||||
class FakeAccessInfo(object):
|
||||
def __init__(self, roles, user_domain, project_domain):
|
||||
|
|
|
@ -62,6 +62,7 @@ class StackTest(common.HeatTestCase):
|
|||
|
||||
self.tmpl = template.Template(copy.deepcopy(empty_template))
|
||||
self.ctx = utils.dummy_context()
|
||||
self.stub_auth()
|
||||
|
||||
def test_stack_reads_tenant(self):
|
||||
self.stack = stack.Stack(self.ctx, 'test_stack', self.tmpl,
|
||||
|
@ -175,14 +176,10 @@ class StackTest(common.HeatTestCase):
|
|||
def test_no_auth_token(self):
|
||||
ctx = utils.dummy_context()
|
||||
ctx.auth_token = None
|
||||
self.stub_auth()
|
||||
|
||||
self.m.ReplayAll()
|
||||
self.stack = stack.Stack(ctx, 'test_stack', self.tmpl)
|
||||
self.assertEqual('abcd1234',
|
||||
self.stack.clients.client('keystone').auth_token)
|
||||
|
||||
self.m.VerifyAll()
|
||||
ctx.auth_plugin.auth_token)
|
||||
|
||||
def test_state_deleted(self):
|
||||
self.stack = stack.Stack(self.ctx, 'test_stack', self.tmpl,
|
||||
|
@ -1483,6 +1480,11 @@ class StackTest(common.HeatTestCase):
|
|||
self.assertEqual('atrust', user_creds.get('trust_id'))
|
||||
self.assertEqual('auser123', user_creds.get('trustor_user_id'))
|
||||
|
||||
auth = self.patchobject(context.RequestContext,
|
||||
'trusts_auth_plugin')
|
||||
self.patchobject(auth, 'get_access',
|
||||
return_value=fakes.FakeAccessInfo([], None, None))
|
||||
|
||||
# Check the stored_context is as expected
|
||||
expected_context = context.RequestContext(
|
||||
trust_id='atrust', trustor_user_id='auser123',
|
||||
|
|
Loading…
Reference in New Issue