From e3a0556e5663a7374adb2321463d9396c64d7c5e Mon Sep 17 00:00:00 2001
From: "Derrick J. Wippler" <thrawn01@gmail.com>
Date: Thu, 12 Feb 2015 16:28:35 -0600
Subject: [PATCH] Avoid _get_keystone_session() if auth_plugin

Avoid calling _get_keystone_session() if auth_plugin is provided by the
user

Closes-Bug: 1421433
Change-Id: I37a7139107c357caf1a25ac3d0a3457afade0f83
---
 cinderclient/shell.py                        |  7 ++-
 cinderclient/tests/unit/test_auth_plugins.py |  6 +--
 cinderclient/tests/unit/test_shell.py        | 52 +++++++++++++++++++-
 3 files changed, 59 insertions(+), 6 deletions(-)

diff --git a/cinderclient/shell.py b/cinderclient/shell.py
index da562e10f..75d990c0a 100644
--- a/cinderclient/shell.py
+++ b/cinderclient/shell.py
@@ -680,8 +680,11 @@ class OpenStackCinderShell(object):
                 "You must provide an authentication URL "
                 "through --os-auth-url or env[OS_AUTH_URL].")
 
-        auth_session = self._get_keystone_session()
-        if not service_type_input or not api_version_input:
+        auth_session = None
+        if not auth_plugin:
+            auth_session = self._get_keystone_session()
+
+        if auth_session and (not service_type_input or not api_version_input):
             # NOTE(thingee): Unfortunately the v2 shell is tied to volumev2
             # service_type. If the service_catalog just contains service_type
             # volume with x.x.x.x:8776 for discovery, and the user sets version
diff --git a/cinderclient/tests/unit/test_auth_plugins.py b/cinderclient/tests/unit/test_auth_plugins.py
index 91adfa9e2..8c41d52d1 100644
--- a/cinderclient/tests/unit/test_auth_plugins.py
+++ b/cinderclient/tests/unit/test_auth_plugins.py
@@ -47,9 +47,9 @@ def mock_http_request(resp=None):
                         "endpoints": [
                             {
                                 "region": "RegionOne",
-                                "adminURL": "http://localhost:8774/v1.1",
-                                "internalURL": "http://localhost:8774/v1.1",
-                                "publicURL": "http://localhost:8774/v1.1/",
+                                "adminURL": "http://localhost:8774/v1",
+                                "internalURL": "http://localhost:8774/v1",
+                                "publicURL": "http://localhost:8774/v1/",
                             },
                         ],
                     },
diff --git a/cinderclient/tests/unit/test_shell.py b/cinderclient/tests/unit/test_shell.py
index 964c3d87f..ac1367be3 100644
--- a/cinderclient/tests/unit/test_shell.py
+++ b/cinderclient/tests/unit/test_shell.py
@@ -18,12 +18,17 @@ import sys
 import fixtures
 from keystoneclient import fixture as keystone_client_fixture
 import mock
+import pkg_resources
 import requests_mock
+import requests
 from six import moves
 from testtools import matchers
 
 from cinderclient import exceptions
+from cinderclient import auth_plugin
 from cinderclient import shell
+from cinderclient.tests.unit.test_auth_plugins import mock_http_request
+from cinderclient.tests.unit.test_auth_plugins import requested_headers
 from cinderclient.tests.unit.fixture_data import base as fixture_base
 from cinderclient.tests.unit.fixture_data import keystone_client
 from cinderclient.tests.unit import utils
@@ -41,8 +46,9 @@ class ShellTest(utils.TestCase):
     }
 
     # Patch os.environ to avoid required auth info.
-    def make_env(self, exclude=None):
+    def make_env(self, exclude=None, include=None):
         env = dict((k, v) for k, v in self.FAKE_ENV.items() if k != exclude)
+        env.update(include or {})
         self.useFixture(fixtures.MonkeyPatch('os.environ', env))
 
     def setUp(self):
@@ -324,6 +330,50 @@ class ShellTest(utils.TestCase):
         # Make sure we are actually prompted.
         mock_getpass.assert_called_with('OS Password: ')
 
+    @mock.patch.object(requests, "request")
+    @mock.patch.object(pkg_resources, "iter_entry_points")
+    def test_auth_system_not_keystone(self, mock_iter_entry_points,
+                                      mock_request):
+        """Test that we can authenticate using the auth plugin system."""
+        non_keystone_auth_url = "http://non-keystone-url.com/v2.0"
+
+        class MockEntrypoint(pkg_resources.EntryPoint):
+            def load(self):
+                return FakePlugin
+
+        class FakePlugin(auth_plugin.BaseAuthPlugin):
+            def authenticate(self, cls, auth_url):
+                cls._authenticate(auth_url, {"fake": "me"})
+
+            def get_auth_url(self):
+                return non_keystone_auth_url
+
+        mock_iter_entry_points.side_effect = lambda _t: [
+            MockEntrypoint("fake", "fake", ["FakePlugin"])]
+
+        mock_request.side_effect = mock_http_request()
+
+        # Tell the shell we wish to use our 'fake' auth instead of keystone
+        # and the auth plugin will provide the auth url
+        self.make_env(exclude="OS_AUTH_URL",
+                      include={'OS_AUTH_SYSTEM': 'fake'})
+        # This should fail as we have not setup a mock response for 'list',
+        # however auth should have been called
+        _shell = shell.OpenStackCinderShell()
+        self.assertRaises(KeyError, _shell.main, ['list'])
+
+        headers = requested_headers(_shell.cs)
+        token_url = _shell.cs.client.auth_url + "/tokens"
+        self.assertEqual(non_keystone_auth_url + "/tokens", token_url)
+
+        mock_request.assert_any_called(
+            "POST",
+            token_url,
+            headers=headers,
+            data='{"fake": "me"}',
+            allow_redirects=True,
+            **self.TEST_REQUEST_BASE)
+
 
 class CinderClientArgumentParserTest(utils.TestCase):