diff --git a/heat/api/aws/ec2token.py b/heat/api/aws/ec2token.py
index 67f5c807e6..b2cdcdd3ac 100644
--- a/heat/api/aws/ec2token.py
+++ b/heat/api/aws/ec2token.py
@@ -20,7 +20,6 @@ import requests
 import webob
 
 from heat.api.aws import exception
-from heat.api.aws.exception import HeatAPIException
 from heat.common.i18n import _
 from heat.common.i18n import _LE
 from heat.common.i18n import _LI
@@ -127,7 +126,7 @@ class EC2Token(wsgi.Middleware):
                 try:
                     LOG.debug("Attempt authorize on %s" % auth_uri)
                     return self._authorize(req, auth_uri)
-                except HeatAPIException as e:
+                except exception.HeatAPIException as e:
                     LOG.debug("Authorize failed: %s" % e.__class__)
                     last_failure = e
             raise last_failure or exception.HeatAccessDeniedError()
diff --git a/heat/api/cfn/__init__.py b/heat/api/cfn/__init__.py
index 3fb8f16a06..44a6eac45b 100644
--- a/heat/api/cfn/__init__.py
+++ b/heat/api/cfn/__init__.py
@@ -12,9 +12,9 @@
 #    under the License.
 
 from heat.api.cfn import versions
-from heat.api.middleware.version_negotiation import VersionNegotiationFilter
+from heat.api.middleware import version_negotiation as vn
 
 
 def version_negotiation_filter(app, conf, **local_conf):
-    return VersionNegotiationFilter(versions.Controller, app,
-                                    conf, **local_conf)
+    return vn.VersionNegotiationFilter(versions.Controller, app, conf,
+                                       **local_conf)
diff --git a/heat/api/cfn/v1/__init__.py b/heat/api/cfn/v1/__init__.py
index 5ccd6ca3a2..1581d914fd 100644
--- a/heat/api/cfn/v1/__init__.py
+++ b/heat/api/cfn/v1/__init__.py
@@ -12,7 +12,7 @@
 #    under the License.
 
 import routes
-from webob import Request
+import webob
 
 from heat.api.cfn.v1 import signal
 from heat.api.cfn.v1 import stacks
@@ -54,7 +54,7 @@ class API(wsgi.Router):
             api_action = self._actions[action]
 
             def action_match(environ, result):
-                req = Request(environ)
+                req = webob.Request(environ)
                 env_action = req.params.get("Action")
                 return env_action == api_action
 
diff --git a/heat/api/cloudwatch/__init__.py b/heat/api/cloudwatch/__init__.py
index be340e7cec..1ab2c4fd12 100644
--- a/heat/api/cloudwatch/__init__.py
+++ b/heat/api/cloudwatch/__init__.py
@@ -12,11 +12,11 @@
 #    under the License.
 
 import routes
-from webob import Request
+import webob
 
 from heat.api.cloudwatch import versions
 from heat.api.cloudwatch import watch
-from heat.api.middleware.version_negotiation import VersionNegotiationFilter
+from heat.api.middleware import version_negotiation as vn
 from heat.common import wsgi
 
 
@@ -49,7 +49,7 @@ class API(wsgi.Router):
             api_action = self._actions[action]
 
             def action_match(environ, result):
-                req = Request(environ)
+                req = webob.Request(environ)
                 env_action = req.params.get("Action")
                 return env_action == api_action
 
@@ -65,5 +65,5 @@ class API(wsgi.Router):
 
 
 def version_negotiation_filter(app, conf, **local_conf):
-    return VersionNegotiationFilter(versions.Controller, app,
-                                    conf, **local_conf)
+    return vn.VersionNegotiationFilter(versions.Controller, app,
+                                       conf, **local_conf)
diff --git a/heat/api/openstack/__init__.py b/heat/api/openstack/__init__.py
index e90b07df2f..cd5343c663 100644
--- a/heat/api/openstack/__init__.py
+++ b/heat/api/openstack/__init__.py
@@ -11,20 +11,20 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
-from heat.api.middleware.fault import FaultWrapper
-from heat.api.middleware.ssl import SSLMiddleware
-from heat.api.middleware.version_negotiation import VersionNegotiationFilter
+from heat.api.middleware import fault
+from heat.api.middleware import ssl
+from heat.api.middleware import version_negotiation as vn
 from heat.api.openstack import versions
 
 
 def version_negotiation_filter(app, conf, **local_conf):
-    return VersionNegotiationFilter(versions.Controller, app,
-                                    conf, **local_conf)
+    return vn.VersionNegotiationFilter(versions.Controller, app,
+                                       conf, **local_conf)
 
 
 def faultwrap_filter(app, conf, **local_conf):
-    return FaultWrapper(app)
+    return fault.FaultWrapper(app)
 
 
 def sslmiddleware_filter(app, conf, **local_conf):
-    return SSLMiddleware(app)
+    return ssl.SSLMiddleware(app)
diff --git a/heat/api/openstack/v1/util.py b/heat/api/openstack/v1/util.py
index a165541212..83aa0917b3 100644
--- a/heat/api/openstack/v1/util.py
+++ b/heat/api/openstack/v1/util.py
@@ -11,7 +11,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
-from functools import wraps
+import functools
 
 import six
 from webob import exc
@@ -28,7 +28,7 @@ def policy_enforce(handler):
 
     This is a handler method decorator.
     """
-    @wraps(handler)
+    @functools.wraps(handler)
     def handle_stack_method(controller, req, tenant_id, **kwargs):
         if req.context.tenant_id != tenant_id:
             raise exc.HTTPForbidden()
@@ -48,7 +48,7 @@ def identified_stack(handler):
     This is a handler method decorator.
     """
     @policy_enforce
-    @wraps(handler)
+    @functools.wraps(handler)
     def handle_stack_method(controller, req, stack_name, stack_id, **kwargs):
         stack_identity = identifier.HeatIdentifier(req.context.tenant_id,
                                                    stack_name,