Allow federation to work with unversioned auth_url

while e.g. V3Password works perfectly fine with unversioned auth_url
like 'http://keystone', everything based on FederationBaseAuth
does not and only requires versioned v3 auth_url.

Since OS_FEDERATION is implemented only in v3, this patch
makes sure that federated_token_url has v3 in it, thus allowing
for unversoned auth_url as well.

Closes-Bug: #1998366
Change-Id: I1f0b00b6f721c53bb5308e03223d0c1564ca81b3

keystoneauth1/identity/v3/federation.py

@@ -103,8 +103,11 @@ class FederationBaseAuth(_Rescoped):
     @property
     def federated_token_url(self):
         """Full URL where authorization data is sent."""
+        host = self.auth_url.rstrip('/')
+        if not host.endswith('v3'):
+            host += '/v3'
         values = {
-            'host': self.auth_url.rstrip('/'),
+            'host': host,
             'identity_provider': self.identity_provider,
             'protocol': self.protocol
         }

keystoneauth1/tests/unit/identity/test_identity_v3_federation.py

@@ -79,6 +79,10 @@ class V3FederatedPlugin(utils.TestCase):
         plugin = self.get_plugin()
         self.assertEqual(self.token_url, plugin.federated_token_url)
 
+    def test_federated_url_unversioned(self):
+        plugin = self.get_plugin(auth_url="http://keystone/")
+        self.assertEqual(self.token_url, plugin.federated_token_url)
+
     def test_unscoped_behaviour(self):
         sess = session.Session(auth=self.get_plugin())
         self.assertEqual(self.unscoped_token_id, sess.get_token())

releasenotes/notes/bug-1998366-27cd486b46fb56b0.yaml

@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    [`bug 1998366 <https://bugs.launchpad.net/keystoneauth/+bug/1998366>`_]
+    Federated auth plugins now can work with unversioned auth url
+    (e.g. "http://keystone").