From 792aa823a463bc7165d1f15a2b460e874726457e Mon Sep 17 00:00:00 2001
From: Ed Warnicke <eaw@cisco.com>
Date: Mon, 9 Feb 2015 10:44:14 -0700
Subject: [PATCH] Use HTTP BASIC AUTH exclusively (no longer use JSESSIONID)

It also fixes an issue about the former auth implementation when ODL
restarts. It implies the use of OpenDaylight Helium SR2.

Closes-Bug: 1376169
Closes-Bug: 1419499

Conflicts:
	networking_odl/common/client.py

Change-Id: I97c610578fe489b25697394fa33f5410f0bfbe1b
Signed-off-by: Ed Warnicke <eaw@cisco.com>
(cherry picked from commit f25f85eaeca1deeada6c7fd70abf83b31046c89e)
---
 neutron/plugins/ml2/drivers/mechanism_odl.py | 56 +-------------------
 neutron/tests/unit/ml2/test_mechanism_odl.py | 11 ++--
 2 files changed, 4 insertions(+), 63 deletions(-)

diff --git a/neutron/plugins/ml2/drivers/mechanism_odl.py b/neutron/plugins/ml2/drivers/mechanism_odl.py
index e2fb229c6f3..7356c02c419 100644
--- a/neutron/plugins/ml2/drivers/mechanism_odl.py
+++ b/neutron/plugins/ml2/drivers/mechanism_odl.py
@@ -13,8 +13,6 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
-import time
-
 from oslo.config import cfg
 import requests
 
@@ -63,58 +61,6 @@ class OpendaylightAuthError(n_exc.NeutronException):
     message = '%(msg)s'
 
 
-class JsessionId(requests.auth.AuthBase):
-
-    """Attaches the JSESSIONID and JSESSIONIDSSO cookies to an HTTP Request.
-
-    If the cookies are not available or when the session expires, a new
-    set of cookies are obtained.
-    """
-
-    def __init__(self, url, username, password):
-        """Initialization function for JsessionId."""
-
-        # NOTE(kmestery) The 'limit' paramater is intended to limit how much
-        # data is returned from ODL. This is not implemented in the Hydrogen
-        # release of OpenDaylight, but will be implemented in the Helium
-        # timeframe. Hydrogen will silently ignore this value.
-        self.url = str(url) + '/' + ODL_NETWORKS + '?limit=1'
-        self.username = username
-        self.password = password
-        self.auth_cookies = None
-        self.last_request = None
-        self.expired = None
-        self.session_timeout = cfg.CONF.ml2_odl.session_timeout * 60
-        self.session_deadline = 0
-
-    def obtain_auth_cookies(self):
-        """Make a REST call to obtain cookies for ODL authenticiation."""
-
-        try:
-            r = requests.get(self.url, auth=(self.username, self.password))
-            r.raise_for_status()
-        except requests.exceptions.HTTPError as e:
-            raise OpendaylightAuthError(msg="Failed to authenticate with "
-                                        "OpenDaylight: %s" % e)
-        except requests.exceptions.Timeout as e:
-            raise OpendaylightAuthError(msg="Authentication Timed Out: %s" % e)
-
-        jsessionid = r.cookies.get('JSESSIONID')
-        jsessionidsso = r.cookies.get('JSESSIONIDSSO')
-        if jsessionid and jsessionidsso:
-            self.auth_cookies = dict(JSESSIONID=jsessionid,
-                                     JSESSIONIDSSO=jsessionidsso)
-
-    def __call__(self, r):
-        """Verify timestamp for Tomcat session timeout."""
-
-        if time.time() > self.session_deadline:
-            self.obtain_auth_cookies()
-        self.session_deadline = time.time() + self.session_timeout
-        r.prepare_cookies(self.auth_cookies)
-        return r
-
-
 class OpenDaylightMechanismDriver(api.MechanismDriver):
 
     """Mechanism Driver for OpenDaylight.
@@ -135,7 +81,7 @@ class OpenDaylightMechanismDriver(api.MechanismDriver):
         for opt in required_opts:
             if not getattr(self, opt):
                 raise cfg.RequiredOptError(opt, 'ml2_odl')
-        self.auth = JsessionId(self.url, self.username, self.password)
+        self.auth = (self.username, self.password)
         self.vif_type = portbindings.VIF_TYPE_OVS
         self.vif_details = {portbindings.CAP_PORT_FILTER: True}
 
diff --git a/neutron/tests/unit/ml2/test_mechanism_odl.py b/neutron/tests/unit/ml2/test_mechanism_odl.py
index 5a93429f5a4..22d030c5910 100644
--- a/neutron/tests/unit/ml2/test_mechanism_odl.py
+++ b/neutron/tests/unit/ml2/test_mechanism_odl.py
@@ -121,13 +121,6 @@ class OpenDaylightMechanismTestPortsV2(test_plugin.TestPortsV2,
     pass
 
 
-class AuthMatcher(object):
-
-    def __eq__(self, obj):
-        return (obj.username == config.cfg.CONF.ml2_odl.username and
-                obj.password == config.cfg.CONF.ml2_odl.password)
-
-
 class DataMatcher(object):
 
     def __init__(self, operation, object_type, context):
@@ -251,7 +244,9 @@ class OpenDaylightMechanismDriverTestCase(base.BaseTestCase):
             else:
                 method(context)
         mock_method.assert_called_once_with(
-            headers={'Content-Type': 'application/json'}, auth=AuthMatcher(),
+            headers={'Content-Type': 'application/json'},
+            auth=(config.cfg.CONF.ml2_odl.username,
+                  config.cfg.CONF.ml2_odl.password),
             timeout=config.cfg.CONF.ml2_odl.timeout, *args, **kwargs)
 
     def _test_create_resource_postcommit(self, object_type, status_code,