From 224dfff570da664cf0bc97ad58f9c851f1e2b07c Mon Sep 17 00:00:00 2001
From: Lance Bragstad <lbragstad@gmail.com>
Date: Wed, 27 Dec 2017 16:50:46 +0000
Subject: [PATCH] Use keystone.common.provider_api for credential APIs

This change converts the usage of self.<provider_api> to
keystone.common.providers_api.ProviderAPIs.<provider_api> in manager
and controller logic. This is the correct way to reference
providers from other managers and controllers now that dependency
injection has been eliminated.

Change-Id: I84ec240922c85d616aa0b15b1fa7dcad5455e6eb
---
 keystone/credential/controllers.py | 18 ++++++++++++------
 keystone/credential/core.py        | 18 ++++++++++++------
 2 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/keystone/credential/controllers.py b/keystone/credential/controllers.py
index 93e215742f..f9f6f9911e 100644
--- a/keystone/credential/controllers.py
+++ b/keystone/credential/controllers.py
@@ -17,19 +17,23 @@ import hashlib
 from oslo_serialization import jsonutils
 
 from keystone.common import controller
+from keystone.common import provider_api
 from keystone.common import validation
 from keystone.credential import schema
 from keystone import exception
 from keystone.i18n import _
 
 
+PROVIDERS = provider_api.ProviderAPIs
+
+
 class CredentialV3(controller.V3Controller):
     collection_name = 'credentials'
     member_name = 'credential'
 
     def __init__(self):
         super(CredentialV3, self).__init__()
-        self.get_member_from_driver = self.credential_api.get_credential
+        self.get_member_from_driver = PROVIDERS.credential_api.get_credential
 
     def _assign_unique_id(self, ref, trust_id=None):
         # Generates and assigns a unique identifier to
@@ -64,7 +68,7 @@ class CredentialV3(controller.V3Controller):
         validation.lazy_validate(schema.credential_create, credential)
         ref = self._assign_unique_id(self._normalize_dict(credential),
                                      request.context.trust_id)
-        ref = self.credential_api.create_credential(ref['id'], ref)
+        ref = PROVIDERS.credential_api.create_credential(ref['id'], ref)
         return CredentialV3.wrap_member(request.context_dict, ref)
 
     @staticmethod
@@ -82,14 +86,14 @@ class CredentialV3(controller.V3Controller):
     @controller.filterprotected('user_id', 'type')
     def list_credentials(self, request, filters):
         hints = CredentialV3.build_driver_hints(request, filters)
-        refs = self.credential_api.list_credentials(hints)
+        refs = PROVIDERS.credential_api.list_credentials(hints)
         ret_refs = [self._blob_to_json(r) for r in refs]
         return CredentialV3.wrap_collection(request.context_dict, ret_refs,
                                             hints=hints)
 
     @controller.protected()
     def get_credential(self, request, credential_id):
-        ref = self.credential_api.get_credential(credential_id)
+        ref = PROVIDERS.credential_api.get_credential(credential_id)
         ret_ref = self._blob_to_json(ref)
         return CredentialV3.wrap_member(request.context_dict, ret_ref)
 
@@ -98,9 +102,11 @@ class CredentialV3(controller.V3Controller):
         validation.lazy_validate(schema.credential_update, credential)
         self._require_matching_id(credential_id, credential)
 
-        ref = self.credential_api.update_credential(credential_id, credential)
+        ref = PROVIDERS.credential_api.update_credential(
+            credential_id, credential
+        )
         return CredentialV3.wrap_member(request.context_dict, ref)
 
     @controller.protected()
     def delete_credential(self, request, credential_id):
-        return self.credential_api.delete_credential(credential_id)
+        return PROVIDERS.credential_api.delete_credential(credential_id)
diff --git a/keystone/credential/core.py b/keystone/credential/core.py
index b849cf1613..cb28b314e0 100644
--- a/keystone/credential/core.py
+++ b/keystone/credential/core.py
@@ -18,11 +18,13 @@ import json
 
 from keystone.common import driver_hints
 from keystone.common import manager
+from keystone.common import provider_api
 import keystone.conf
 from keystone import exception
 
 
 CONF = keystone.conf.CONF
+PROVIDERS = provider_api.ProviderAPIs
 
 
 class Manager(manager.Manager):
@@ -43,12 +45,12 @@ class Manager(manager.Manager):
         """Return a decrypted credential reference."""
         if credential['type'] == 'ec2':
             decrypted_blob = json.loads(
-                self.credential_provider_api.decrypt(
+                PROVIDERS.credential_provider_api.decrypt(
                     credential['encrypted_blob'],
                 )
             )
         else:
-            decrypted_blob = self.credential_provider_api.decrypt(
+            decrypted_blob = PROVIDERS.credential_provider_api.decrypt(
                 credential['encrypted_blob']
             )
         credential['blob'] = decrypted_blob
@@ -63,12 +65,16 @@ class Manager(manager.Manager):
             # NOTE(lbragstad): When dealing with ec2 credentials, it's possible
             # for the `blob` to be a dictionary. Let's make sure we are
             # encrypting a string otherwise encryption will fail.
-            encrypted_blob, key_hash = self.credential_provider_api.encrypt(
-                json.dumps(credential['blob'])
+            encrypted_blob, key_hash = (
+                PROVIDERS.credential_provider_api.encrypt(
+                    json.dumps(credential['blob'])
+                )
             )
         else:
-            encrypted_blob, key_hash = self.credential_provider_api.encrypt(
-                credential['blob']
+            encrypted_blob, key_hash = (
+                PROVIDERS.credential_provider_api.encrypt(
+                    credential['blob']
+                )
             )
         credential_copy['encrypted_blob'] = encrypted_blob
         credential_copy['key_hash'] = key_hash