From cc5931e7e4f1095bf431178b195d949c04a2da43 Mon Sep 17 00:00:00 2001
From: zengchen <chenzeng2@huawei.com>
Date: Thu, 17 Dec 2015 10:47:54 +0800
Subject: [PATCH] Authentication fails by keystonemiddleware

In order to make the access to Smaug by APIs pass througth the
authentication of keystonemiddleware, I add a function named
"create_smaug_accounts" in the plugin.sh, which will create an
account in Keystone.

There are 4 steps in "create_smaug_accounts":
1. create a user "smaug".
2. bind the user with the project "service" and grant the role
   "service" to the user.
3. create a service "smaug".
4. create an endpoint of service.

Closes-Bug: #1526638
Change-Id:  I7644e568a8912f48e54b15cf897afe67a81c2e4a
---
 devstack/plugin.sh | 25 +++++++++++++++++++++++++
 devstack/settings  |  2 +-
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/devstack/plugin.sh b/devstack/plugin.sh
index 4b5840f0..76aedfec 100644
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@@ -16,6 +16,27 @@ function _create_smaug_conf_dir {
 
 }
 
+# create_smaug_accounts() - Set up common required smaug accounts
+# Tenant               User       Roles
+# ------------------------------------------------------------------
+# service              smaug      service
+function create_smaug_accounts {
+
+    if is_service_enabled smaug-api; then
+
+        create_service_user "smaug"
+
+        if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
+
+            get_or_create_service "smaug" "data-protect" "Application Data Protection Service"
+            get_or_create_endpoint "data-protect" "$REGION_NAME" \
+                "$SMAUG_API_PROTOCOL://$SMAUG_API_HOST:$SMAUG_API_PORT/v1/\$(tenant_id)s" \
+                "$SMAUG_API_PROTOCOL://$SMAUG_API_HOST:$SMAUG_API_PORT/v1/\$(tenant_id)s" \
+                "$SMAUG_API_PROTOCOL://$SMAUG_API_HOST:$SMAUG_API_PORT/v1/\$(tenant_id)s"
+        fi
+    fi
+}
+
 function configure_smaug_api {
     if is_service_enabled smaug-api ; then
         echo "Configuring Smaug API"
@@ -75,6 +96,10 @@ if [[ "$Q_ENABLE_SMAUG" == "True" ]]; then
         echo export PYTHONPATH=\$PYTHONPATH:$SMAUG_DIR >> $RC_DIR/.localrc.auto
 
     elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
+
+        echo_summary "Creating Smaug entities for auth service"
+        create_smaug_accounts
+
         echo_summary "Initializing Smaug Service"
         SMAUG_BIN_DIR=$(get_python_exec_prefix)
         if is_service_enabled smaug-api; then
diff --git a/devstack/settings b/devstack/settings
index 1d20eecd..a10db76b 100644
--- a/devstack/settings
+++ b/devstack/settings
@@ -12,7 +12,7 @@ SMAUG_API_CONF=$SMAUG_CONF_DIR/smaug.conf
 
 SMAUG_API_LISTEN_ADDRESS=${SMAUG_API_LISTEN_ADDRESS:-0.0.0.0}
 SMAUG_API_HOST=${SMAUG_API_HOST:-$SERVICE_HOST}
-SMAUG_API_PORT=${SMAUG_API_PORT:-19999}
+SMAUG_API_PORT=${SMAUG_API_PORT:-8799}
 SMAUG_API_PROTOCOL=${SMAUG_API_PROTOCOL:-$SERVICE_PROTOCOL}
 
 SMAUG_AUTH_CACHE_DIR=${SMAUG_AUTH_CACHE_DIR:-/var/cache/smaug}