Deprecate auth plugins from keystoneclient

Deprecate auth plugins in favour of those from keystoneauth.

Change-Id: I8963ded9b68569717d7a6e30623ee78301b59a4a
Implements: bp deprecate-to-ksa

keystoneclient/auth/base.py

@@ -12,6 +12,7 @@
 
 import os
 
+from debtcollector import removals
 from keystoneauth1 import plugin
 import six
 import stevedore
@@ -28,6 +29,11 @@ PLUGIN_NAMESPACE = 'keystoneclient.auth.plugin'
 IDENTITY_AUTH_HEADER_NAME = 'X-Auth-Token'
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 def get_available_plugin_names():
     """Get the names of all the plugins that are available on the system.
 
@@ -42,6 +48,11 @@ def get_available_plugin_names():
     return frozenset(mgr.names())
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 def get_available_plugin_classes():
     """Retrieve all the plugin classes available on the system.
 
@@ -56,6 +67,11 @@ def get_available_plugin_classes():
     return dict(mgr.map(lambda ext: (ext.entry_point.name, ext.plugin)))
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 def get_plugin_class(name):
     """Retrieve a plugin class by its entrypoint name.
 

keystoneclient/auth/cli.py

@@ -13,11 +13,17 @@
 import argparse
 import os
 
+from debtcollector import removals
 from positional import positional
 
 from keystoneclient.auth import base
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 @positional()
 def register_argparse_arguments(parser, argv, default=None):
     """Register CLI options needed to create a plugin.
@@ -61,6 +67,11 @@ def register_argparse_arguments(parser, argv, default=None):
     return plugin
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 def load_from_argparse_arguments(namespace, **kwargs):
     """Retrieve the created plugin from the completed argparse results.
 

keystoneclient/auth/conf.py

@@ -10,6 +10,7 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
+from debtcollector import removals
 from oslo_config import cfg
 
 from keystoneclient.auth import base
@@ -20,6 +21,11 @@ _section_help = 'Config Section from which to load plugin specific options'
 _AUTH_SECTION_OPT = cfg.StrOpt('auth_section', help=_section_help)
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 def get_common_conf_options():
     """Get the oslo_config options common for all auth plugins.
 
@@ -35,6 +41,11 @@ def get_common_conf_options():
     return [_AUTH_PLUGIN_OPT, _AUTH_SECTION_OPT]
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 def get_plugin_options(name):
     """Get the oslo_config options for a specific plugin.
 
@@ -46,6 +57,11 @@ def get_plugin_options(name):
     return base.get_plugin_class(name).get_options()
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 def register_conf_options(conf, group):
     """Register the oslo_config options that are needed for a plugin.
 
@@ -77,6 +93,11 @@ def register_conf_options(conf, group):
     conf.register_opt(_AUTH_PLUGIN_OPT, group=group)
 
 
+@removals.remove(
+    message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
+    version='2.1.0',
+    removal_version='3.0.0'
+)
 def load_from_conf_options(conf, group, **kwargs):
     """Load a plugin from an oslo_config CONF object.
 

keystoneclient/auth/identity/base.py

@@ -50,6 +50,11 @@ class BaseIdentityPlugin(base.BaseAuthPlugin):
 
         super(BaseIdentityPlugin, self).__init__()
 
+        warnings.warn(
+            'keystoneclient auth plugins are deprecated as of the 2.1.0 '
+            'release in favor of keystoneauth1 plugins. They will be removed '
+            'in future releases.', DeprecationWarning)
+
         self.auth_url = auth_url
         self.auth_ref = None
         self.reauthenticate = reauthenticate

keystoneclient/auth/token_endpoint.py

@@ -10,6 +10,8 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
+import warnings
+
 from oslo_config import cfg
 
 from keystoneclient.auth import base
@@ -25,6 +27,12 @@ class Token(base.BaseAuthPlugin):
     def __init__(self, endpoint, token):
         # NOTE(jamielennox): endpoint is reserved for when plugins
         # can be used to provide that information
+        warnings.warn(
+            'TokenEndpoint plugin is deprecated as of the 2.1.0 release in '
+            'favor of keystoneauth1.token_endpoint.Token. It will be removed '
+            'in future releases.',
+            DeprecationWarning)
+
         self.endpoint = endpoint
         self.token = token
 

keystoneclient/tests/unit/auth/test_access.py

@@ -35,7 +35,8 @@ class AccessInfoPluginTests(utils.TestCase):
 
         auth_ref = access.AccessInfo.factory(body=token,
                                              auth_token=self.auth_token)
-        return access_plugin.AccessInfoPlugin(auth_ref, **kwargs)
+        with self.deprecations.expect_deprecations_here():
+            return access_plugin.AccessInfoPlugin(auth_ref, **kwargs)
 
     def test_auth_ref(self):
         plugin = self._plugin()

keystoneclient/tests/unit/auth/test_auth.py

@@ -18,14 +18,16 @@ from keystoneclient.tests.unit.auth import utils
 class AuthTests(utils.TestCase):
 
     def test_plugin_names_in_available(self):
-        plugins = auth.get_available_plugin_names()
+        with self.deprecations.expect_deprecations_here():
+            plugins = auth.get_available_plugin_names()
 
         for p in ('password', 'v2password', 'v3password',
                   'token', 'v2token', 'v3token'):
             self.assertIn(p, plugins)
 
     def test_plugin_classes_in_available(self):
-        plugins = auth.get_available_plugin_classes()
+        with self.deprecations.expect_deprecations_here():
+            plugins = auth.get_available_plugin_classes()
 
         self.assertIs(plugins['password'], identity.Password)
         self.assertIs(plugins['v2password'], identity.V2Password)

keystoneclient/tests/unit/auth/test_cli.py

@@ -42,6 +42,7 @@ class CliTests(utils.TestCase):
 
     def setUp(self):
         super(CliTests, self).setUp()
+        self.deprecations.expect_deprecations()
         self.p = argparse.ArgumentParser()
 
     def env(self, name, value=None):

keystoneclient/tests/unit/auth/test_conf.py

@@ -29,6 +29,7 @@ class ConfTests(utils.TestCase):
 
     def setUp(self):
         super(ConfTests, self).setUp()
+        self.deprecations.expect_deprecations()
         self.conf_fixture = self.useFixture(config.Config())
 
         # NOTE(jamielennox): we register the basic config options first because

keystoneclient/tests/unit/auth/test_default_cli.py

@@ -22,6 +22,10 @@ from keystoneclient.tests.unit import utils
 
 class DefaultCliTests(utils.TestCase):
 
+    def setUp(self):
+        super(DefaultCliTests, self).setUp()
+        self.deprecations.expect_deprecations()
+
     def new_plugin(self, argv):
         parser = argparse.ArgumentParser()
         cli.DefaultCLI.register_argparse_arguments(parser)

keystoneclient/tests/unit/auth/test_identity_v3_federated.py

@@ -35,6 +35,8 @@ class V3FederatedPlugin(utils.TestCase):
     def setUp(self):
         super(V3FederatedPlugin, self).setUp()
 
+        self.deprecations.expect_deprecations()
+
         self.unscoped_token = fixture.V3Token()
         self.unscoped_token_id = uuid.uuid4().hex
         self.scoped_token = copy.deepcopy(self.unscoped_token)
@@ -75,18 +77,16 @@ class V3FederatedPlugin(utils.TestCase):
         self.assertEqual(self.token_url, plugin.federated_token_url)
 
     def test_unscoped_behaviour(self):
-        with self.deprecations.expect_deprecations_here():
-            sess = session.Session(auth=self.get_plugin())
-            self.assertEqual(self.unscoped_token_id, sess.get_token())
+        sess = session.Session(auth=self.get_plugin())
+        self.assertEqual(self.unscoped_token_id, sess.get_token())
 
         self.assertTrue(self.unscoped_mock.called)
         self.assertFalse(self.scoped_mock.called)
 
     def test_scoped_behaviour(self):
         auth = self.get_plugin(project_id=self.scoped_token.project_id)
-        with self.deprecations.expect_deprecations_here():
-            sess = session.Session(auth=auth)
-            self.assertEqual(self.scoped_token_id, sess.get_token())
+        sess = session.Session(auth=auth)
+        self.assertEqual(self.scoped_token_id, sess.get_token())
 
         self.assertTrue(self.unscoped_mock.called)
         self.assertTrue(self.scoped_mock.called)

keystoneclient/tests/unit/auth/utils.py

@@ -107,8 +107,8 @@ class GenericPluginTestCase(utils.TestCase):
         self.token_v3 = fixture.V3Token()
         self.token_v3_id = uuid.uuid4().hex
 
-        with self.deprecations.expect_deprecations_here():
-            self.session = session.Session()
+        self.deprecations.expect_deprecations()
+        self.session = session.Session()
 
         self.stub_url('POST', ['v2.0', 'tokens'], json=self.token_v2)
         self.stub_url('POST', ['v3', 'auth', 'tokens'],

keystoneclient/tests/unit/client_fixtures.py

@@ -92,11 +92,11 @@ class KscSessionV2(BaseV2):
         self.requests.register_uri('GET', self.TEST_ROOT_URL,
                                    json={'version': d})
 
-        a = ksc_identity.V2Password(username=uuid.uuid4().hex,
-                                    password=uuid.uuid4().hex,
-                                    auth_url=self.TEST_URL)
-
         with self.deprecations.expect_deprecations_here():
+            a = ksc_identity.V2Password(username=uuid.uuid4().hex,
+                                        password=uuid.uuid4().hex,
+                                        auth_url=self.TEST_URL)
+
             s = ksc_session.Session(auth=a)
 
         return v2_client.Client(session=s)
@@ -165,12 +165,12 @@ class KscSessionV3(BaseV3):
                                    json=t)
         self.requests.register_uri('GET', self.TEST_URL, json={'version': d})
 
-        a = ksc_identity.V3Password(username=uuid.uuid4().hex,
-                                    password=uuid.uuid4().hex,
-                                    user_domain_id=uuid.uuid4().hex,
-                                    auth_url=self.TEST_URL)
-
         with self.deprecations.expect_deprecations_here():
+            a = ksc_identity.V3Password(username=uuid.uuid4().hex,
+                                        password=uuid.uuid4().hex,
+                                        user_domain_id=uuid.uuid4().hex,
+                                        auth_url=self.TEST_URL)
+
             s = ksc_session.Session(auth=a)
 
         return v3_client.Client(session=s)

keystoneclient/tests/unit/test_discovery.py

@@ -550,9 +550,9 @@ class ClientDiscoveryTests(utils.TestCase):
             token = uuid.uuid4().hex
 
         url = 'http://testurl'
-        a = token_endpoint.Token(url, token)
 
         with self.deprecations.expect_deprecations_here():
+            a = token_endpoint.Token(url, token)
             s = session.Session(auth=a)
 
         # will default to true as there is a plugin on the session

keystoneclient/tests/unit/v2_0/test_auth.py

@@ -79,7 +79,8 @@ class AuthenticateAgainstKeystoneTests(utils.TestCase):
                          self.TEST_RESPONSE_DICT["access"]["serviceCatalog"][3]
                          ['endpoints'][0]["adminURL"])
 
-        self.assertEqual(cs.auth_token, TEST_TOKEN)
+        with self.deprecations.expect_deprecations_here():
+            self.assertEqual(cs.auth_token, TEST_TOKEN)
         self.assertRequestBodyIs(json=self.TEST_REQUEST_BODY)
 
     def test_authenticate_failure(self):

keystoneclient/tests/unit/v2_0/test_client.py

@@ -153,7 +153,8 @@ class KeystoneClientTest(utils.TestCase):
                                auth_url=self.TEST_URL)
         self.assertEqual(cl.management_url, admin_url)
 
-        cl.authenticate()
+        with self.deprecations.expect_deprecations_here():
+            cl.authenticate()
         self.assertEqual(cl.management_url, second_url)
 
     def test_client_with_region_name_passes_to_service_catalog(self):
@@ -192,8 +193,9 @@ class KeystoneClientTest(utils.TestCase):
     def test_client_params(self):
         with self.deprecations.expect_deprecations_here():
             sess = session.Session()
+            auth = token_endpoint.Token('a', 'b')
 
-        opts = {'auth': token_endpoint.Token('a', 'b'),
+        opts = {'auth': auth,
                 'connect_retries': 50,
                 'endpoint_override': uuid.uuid4().hex,
                 'interface': uuid.uuid4().hex,

keystoneclient/tests/unit/v3/test_auth_oidc.py

@@ -61,11 +61,12 @@ class AuthenticateOIDCTests(utils.TestCase):
     def setUp(self):
         super(AuthenticateOIDCTests, self).setUp()
 
+        self.deprecations.expect_deprecations()
+
         self.conf_fixture = self.useFixture(config.Config())
         conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP)
 
-        with self.deprecations.expect_deprecations_here():
-            self.session = session.Session()
+        self.session = session.Session()
 
         self.IDENTITY_PROVIDER = 'bluepages'
         self.PROTOCOL = 'oidc'

keystoneclient/tests/unit/v3/test_auth_saml2.py

@@ -63,11 +63,12 @@ class AuthenticateviaSAML2Tests(utils.TestCase):
     def setUp(self):
         super(AuthenticateviaSAML2Tests, self).setUp()
 
+        self.deprecations.expect_deprecations()
+
         self.conf_fixture = self.useFixture(config.Config())
         conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP)
 
-        with self.deprecations.expect_deprecations_here():
-            self.session = session.Session()
+        self.session = session.Session()
 
         self.ECP_SP_EMPTY_REQUEST_HEADERS = {
             'Accept': 'text/html; application/vnd.paos+xml',
@@ -439,11 +440,12 @@ class AuthenticateviaADFSTests(utils.TestCase):
     def setUp(self):
         super(AuthenticateviaADFSTests, self).setUp()
 
+        self.deprecations.expect_deprecations()
+
         self.conf_fixture = self.useFixture(config.Config())
         conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP)
 
-        with self.deprecations.expect_deprecations_here():
-            self.session = session.Session(session=requests.Session())
+        self.session = session.Session(session=requests.Session())
 
         self.IDENTITY_PROVIDER = 'adfs'
         self.IDENTITY_PROVIDER_URL = ('http://adfs.local/adfs/service/trust/13'

keystoneclient/tests/unit/v3/test_client.py

@@ -197,7 +197,8 @@ class KeystoneClientTest(utils.TestCase):
                                **kwargs)
         self.assertEqual(cl.management_url, first_url)
 
-        cl.authenticate()
+        with self.deprecations.expect_deprecations_here():
+            cl.authenticate()
         self.assertEqual(cl.management_url, second_url % 35357)
 
     def test_management_url_is_updated_with_project(self):
@@ -240,7 +241,11 @@ class KeystoneClientTest(utils.TestCase):
                               auth_url=self.TEST_URL)
 
     def test_client_params(self):
-        opts = {'auth': token_endpoint.Token('a', 'b'),
+        with self.deprecations.expect_deprecations_here():
+            sess = session.Session()
+            auth = token_endpoint.Token('a', 'b')
+
+        opts = {'auth': auth,
                 'connect_retries': 50,
                 'endpoint_override': uuid.uuid4().hex,
                 'interface': uuid.uuid4().hex,
@@ -249,9 +254,6 @@ class KeystoneClientTest(utils.TestCase):
                 'user_agent': uuid.uuid4().hex,
                 }
 
-        with self.deprecations.expect_deprecations_here():
-            sess = session.Session()
-
         cl = client.Client(session=sess, **opts)
 
         for k, v in six.iteritems(opts):

keystoneclient/tests/unit/v3/test_oauth1.py

@@ -247,11 +247,11 @@ class AuthenticateWithOAuthTests(utils.TestCase, TokenTests):
                                     "access_token_id": access_key}
         self.stub_auth(json=oauth_token)
 
-        a = auth.OAuth(self.TEST_URL, consumer_key=consumer_key,
-                       consumer_secret=consumer_secret,
-                       access_key=access_key,
-                       access_secret=access_secret)
         with self.deprecations.expect_deprecations_here():
+            a = auth.OAuth(self.TEST_URL, consumer_key=consumer_key,
+                           consumer_secret=consumer_secret,
+                           access_key=access_key,
+                           access_secret=access_secret)
             s = session.Session(auth=a)
             t = s.get_token()
         self.assertEqual(self.TEST_TOKEN, t)