openstack/python-keystoneclient
Code Issues Proposed changes

Deprecate auth plugins from keystoneclient

Browse Source 
Deprecate auth plugins in favour of those from keystoneauth.

Change-Id: I8963ded9b68569717d7a6e30623ee78301b59a4a
Implements: bp deprecate-to-ksa
This commit is contained in:
Jamie Lennox
2015-12-16 18:14:33 +11:00
parent c1c2043da9
commit 03e209fd6f
20 changed files with 117 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
keystoneclient/auth/base.py
View File

@@ -12,6 +12,7 @@
import os import os
from debtcollector import removals
from keystoneauth1 import plugin from keystoneauth1 import plugin
import six import six
import stevedore import stevedore
@@ -28,6 +29,11 @@ PLUGIN_NAMESPACE = 'keystoneclient.auth.plugin'
IDENTITY_AUTH_HEADER_NAME = 'X-Auth-Token' IDENTITY_AUTH_HEADER_NAME = 'X-Auth-Token'
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
def get_available_plugin_names(): def get_available_plugin_names():
"""Get the names of all the plugins that are available on the system. """Get the names of all the plugins that are available on the system.
@@ -42,6 +48,11 @@ def get_available_plugin_names():
return frozenset(mgr.names()) return frozenset(mgr.names())
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
def get_available_plugin_classes(): def get_available_plugin_classes():
"""Retrieve all the plugin classes available on the system. """Retrieve all the plugin classes available on the system.
@@ -56,6 +67,11 @@ def get_available_plugin_classes():
return dict(mgr.map(lambda ext: (ext.entry_point.name, ext.plugin))) return dict(mgr.map(lambda ext: (ext.entry_point.name, ext.plugin)))
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
def get_plugin_class(name): def get_plugin_class(name):
"""Retrieve a plugin class by its entrypoint name. """Retrieve a plugin class by its entrypoint name.

11
keystoneclient/auth/cli.py
View File

@@ -13,11 +13,17 @@
import argparse import argparse
import os import os
from debtcollector import removals
from positional import positional from positional import positional
from keystoneclient.auth import base from keystoneclient.auth import base
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
@positional() @positional()
def register_argparse_arguments(parser, argv, default=None): def register_argparse_arguments(parser, argv, default=None):
"""Register CLI options needed to create a plugin. """Register CLI options needed to create a plugin.
@@ -61,6 +67,11 @@ def register_argparse_arguments(parser, argv, default=None):
return plugin return plugin
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
def load_from_argparse_arguments(namespace, **kwargs): def load_from_argparse_arguments(namespace, **kwargs):
"""Retrieve the created plugin from the completed argparse results. """Retrieve the created plugin from the completed argparse results.

21
keystoneclient/auth/conf.py
View File

@@ -10,6 +10,7 @@
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
from debtcollector import removals
from oslo_config import cfg from oslo_config import cfg
from keystoneclient.auth import base from keystoneclient.auth import base
@@ -20,6 +21,11 @@ _section_help = 'Config Section from which to load plugin specific options'
_AUTH_SECTION_OPT = cfg.StrOpt('auth_section', help=_section_help) _AUTH_SECTION_OPT = cfg.StrOpt('auth_section', help=_section_help)
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
def get_common_conf_options(): def get_common_conf_options():
"""Get the oslo_config options common for all auth plugins. """Get the oslo_config options common for all auth plugins.
@@ -35,6 +41,11 @@ def get_common_conf_options():
return [_AUTH_PLUGIN_OPT, _AUTH_SECTION_OPT] return [_AUTH_PLUGIN_OPT, _AUTH_SECTION_OPT]
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
def get_plugin_options(name): def get_plugin_options(name):
"""Get the oslo_config options for a specific plugin. """Get the oslo_config options for a specific plugin.
@@ -46,6 +57,11 @@ def get_plugin_options(name):
return base.get_plugin_class(name).get_options() return base.get_plugin_class(name).get_options()
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
def register_conf_options(conf, group): def register_conf_options(conf, group):
"""Register the oslo_config options that are needed for a plugin. """Register the oslo_config options that are needed for a plugin.
@@ -77,6 +93,11 @@ def register_conf_options(conf, group):
conf.register_opt(_AUTH_PLUGIN_OPT, group=group) conf.register_opt(_AUTH_PLUGIN_OPT, group=group)
@removals.remove(
message='keystoneclient auth plugins are deprecated. Use keystoneauth.',
version='2.1.0',
removal_version='3.0.0'
)
def load_from_conf_options(conf, group, **kwargs): def load_from_conf_options(conf, group, **kwargs):
"""Load a plugin from an oslo_config CONF object. """Load a plugin from an oslo_config CONF object.

5
keystoneclient/auth/identity/base.py
View File

@@ -50,6 +50,11 @@ class BaseIdentityPlugin(base.BaseAuthPlugin):
super(BaseIdentityPlugin, self).__init__() super(BaseIdentityPlugin, self).__init__()
warnings.warn(
'keystoneclient auth plugins are deprecated as of the 2.1.0 '
'release in favor of keystoneauth1 plugins. They will be removed '
'in future releases.', DeprecationWarning)
self.auth_url = auth_url self.auth_url = auth_url
self.auth_ref = None self.auth_ref = None
self.reauthenticate = reauthenticate self.reauthenticate = reauthenticate

8
keystoneclient/auth/token_endpoint.py
View File

@@ -10,6 +10,8 @@
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import warnings
from oslo_config import cfg from oslo_config import cfg
from keystoneclient.auth import base from keystoneclient.auth import base
@@ -25,6 +27,12 @@ class Token(base.BaseAuthPlugin):
def __init__(self, endpoint, token): def __init__(self, endpoint, token):
# NOTE(jamielennox): endpoint is reserved for when plugins # NOTE(jamielennox): endpoint is reserved for when plugins
# can be used to provide that information # can be used to provide that information
warnings.warn(
'TokenEndpoint plugin is deprecated as of the 2.1.0 release in '
'favor of keystoneauth1.token_endpoint.Token. It will be removed '
'in future releases.',
DeprecationWarning)
self.endpoint = endpoint self.endpoint = endpoint
self.token = token self.token = token

3
keystoneclient/tests/unit/auth/test_access.py
View File

@@ -35,7 +35,8 @@ class AccessInfoPluginTests(utils.TestCase):
auth_ref = access.AccessInfo.factory(body=token, auth_ref = access.AccessInfo.factory(body=token,
auth_token=self.auth_token) auth_token=self.auth_token)
return access_plugin.AccessInfoPlugin(auth_ref, **kwargs) with self.deprecations.expect_deprecations_here():
return access_plugin.AccessInfoPlugin(auth_ref, **kwargs)
def test_auth_ref(self): def test_auth_ref(self):
plugin = self._plugin() plugin = self._plugin()

6
keystoneclient/tests/unit/auth/test_auth.py
View File

@@ -18,14 +18,16 @@ from keystoneclient.tests.unit.auth import utils
class AuthTests(utils.TestCase): class AuthTests(utils.TestCase):
def test_plugin_names_in_available(self): def test_plugin_names_in_available(self):
plugins = auth.get_available_plugin_names() with self.deprecations.expect_deprecations_here():
plugins = auth.get_available_plugin_names()
for p in ('password', 'v2password', 'v3password', for p in ('password', 'v2password', 'v3password',
'token', 'v2token', 'v3token'): 'token', 'v2token', 'v3token'):
self.assertIn(p, plugins) self.assertIn(p, plugins)
def test_plugin_classes_in_available(self): def test_plugin_classes_in_available(self):
plugins = auth.get_available_plugin_classes() with self.deprecations.expect_deprecations_here():
plugins = auth.get_available_plugin_classes()
self.assertIs(plugins['password'], identity.Password) self.assertIs(plugins['password'], identity.Password)
self.assertIs(plugins['v2password'], identity.V2Password) self.assertIs(plugins['v2password'], identity.V2Password)

1
keystoneclient/tests/unit/auth/test_cli.py
View File

@@ -42,6 +42,7 @@ class CliTests(utils.TestCase):
def setUp(self): def setUp(self):
super(CliTests, self).setUp() super(CliTests, self).setUp()
self.deprecations.expect_deprecations()
self.p = argparse.ArgumentParser() self.p = argparse.ArgumentParser()
def env(self, name, value=None): def env(self, name, value=None):

1
keystoneclient/tests/unit/auth/test_conf.py
View File

@@ -29,6 +29,7 @@ class ConfTests(utils.TestCase):
def setUp(self): def setUp(self):
super(ConfTests, self).setUp() super(ConfTests, self).setUp()
self.deprecations.expect_deprecations()
self.conf_fixture = self.useFixture(config.Config()) self.conf_fixture = self.useFixture(config.Config())
# NOTE(jamielennox): we register the basic config options first because # NOTE(jamielennox): we register the basic config options first because

4
keystoneclient/tests/unit/auth/test_default_cli.py
View File

@@ -22,6 +22,10 @@ from keystoneclient.tests.unit import utils
class DefaultCliTests(utils.TestCase): class DefaultCliTests(utils.TestCase):
def setUp(self):
super(DefaultCliTests, self).setUp()
self.deprecations.expect_deprecations()
def new_plugin(self, argv): def new_plugin(self, argv):
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
cli.DefaultCLI.register_argparse_arguments(parser) cli.DefaultCLI.register_argparse_arguments(parser)

12
keystoneclient/tests/unit/auth/test_identity_v3_federated.py
View File

@@ -35,6 +35,8 @@ class V3FederatedPlugin(utils.TestCase):
def setUp(self): def setUp(self):
super(V3FederatedPlugin, self).setUp() super(V3FederatedPlugin, self).setUp()
self.deprecations.expect_deprecations()
self.unscoped_token = fixture.V3Token() self.unscoped_token = fixture.V3Token()
self.unscoped_token_id = uuid.uuid4().hex self.unscoped_token_id = uuid.uuid4().hex
self.scoped_token = copy.deepcopy(self.unscoped_token) self.scoped_token = copy.deepcopy(self.unscoped_token)
@@ -75,18 +77,16 @@ class V3FederatedPlugin(utils.TestCase):
self.assertEqual(self.token_url, plugin.federated_token_url) self.assertEqual(self.token_url, plugin.federated_token_url)
def test_unscoped_behaviour(self): def test_unscoped_behaviour(self):
with self.deprecations.expect_deprecations_here(): sess = session.Session(auth=self.get_plugin())
sess = session.Session(auth=self.get_plugin()) self.assertEqual(self.unscoped_token_id, sess.get_token())
self.assertEqual(self.unscoped_token_id, sess.get_token())
self.assertTrue(self.unscoped_mock.called) self.assertTrue(self.unscoped_mock.called)
self.assertFalse(self.scoped_mock.called) self.assertFalse(self.scoped_mock.called)
def test_scoped_behaviour(self): def test_scoped_behaviour(self):
auth = self.get_plugin(project_id=self.scoped_token.project_id) auth = self.get_plugin(project_id=self.scoped_token.project_id)
with self.deprecations.expect_deprecations_here(): sess = session.Session(auth=auth)
sess = session.Session(auth=auth) self.assertEqual(self.scoped_token_id, sess.get_token())
self.assertEqual(self.scoped_token_id, sess.get_token())
self.assertTrue(self.unscoped_mock.called) self.assertTrue(self.unscoped_mock.called)
self.assertTrue(self.scoped_mock.called) self.assertTrue(self.scoped_mock.called)

4
keystoneclient/tests/unit/auth/utils.py
View File

@@ -107,8 +107,8 @@ class GenericPluginTestCase(utils.TestCase):
self.token_v3 = fixture.V3Token() self.token_v3 = fixture.V3Token()
self.token_v3_id = uuid.uuid4().hex self.token_v3_id = uuid.uuid4().hex
with self.deprecations.expect_deprecations_here(): self.deprecations.expect_deprecations()
self.session = session.Session() self.session = session.Session()
self.stub_url('POST', ['v2.0', 'tokens'], json=self.token_v2) self.stub_url('POST', ['v2.0', 'tokens'], json=self.token_v2)
self.stub_url('POST', ['v3', 'auth', 'tokens'], self.stub_url('POST', ['v3', 'auth', 'tokens'],

18
keystoneclient/tests/unit/client_fixtures.py
View File

@@ -92,11 +92,11 @@ class KscSessionV2(BaseV2):
self.requests.register_uri('GET', self.TEST_ROOT_URL, self.requests.register_uri('GET', self.TEST_ROOT_URL,
json={'version': d}) json={'version': d})
a = ksc_identity.V2Password(username=uuid.uuid4().hex,
password=uuid.uuid4().hex,
auth_url=self.TEST_URL)
with self.deprecations.expect_deprecations_here(): with self.deprecations.expect_deprecations_here():
a = ksc_identity.V2Password(username=uuid.uuid4().hex,
password=uuid.uuid4().hex,
auth_url=self.TEST_URL)
s = ksc_session.Session(auth=a) s = ksc_session.Session(auth=a)
return v2_client.Client(session=s) return v2_client.Client(session=s)
@@ -165,12 +165,12 @@ class KscSessionV3(BaseV3):
json=t) json=t)
self.requests.register_uri('GET', self.TEST_URL, json={'version': d}) self.requests.register_uri('GET', self.TEST_URL, json={'version': d})
a = ksc_identity.V3Password(username=uuid.uuid4().hex,
password=uuid.uuid4().hex,
user_domain_id=uuid.uuid4().hex,
auth_url=self.TEST_URL)
with self.deprecations.expect_deprecations_here(): with self.deprecations.expect_deprecations_here():
a = ksc_identity.V3Password(username=uuid.uuid4().hex,
password=uuid.uuid4().hex,
user_domain_id=uuid.uuid4().hex,
auth_url=self.TEST_URL)
s = ksc_session.Session(auth=a) s = ksc_session.Session(auth=a)
return v3_client.Client(session=s) return v3_client.Client(session=s)

2
keystoneclient/tests/unit/test_discovery.py
View File

@@ -550,9 +550,9 @@ class ClientDiscoveryTests(utils.TestCase):
token = uuid.uuid4().hex token = uuid.uuid4().hex
url = 'http://testurl' url = 'http://testurl'
a = token_endpoint.Token(url, token)
with self.deprecations.expect_deprecations_here(): with self.deprecations.expect_deprecations_here():
a = token_endpoint.Token(url, token)
s = session.Session(auth=a) s = session.Session(auth=a)
# will default to true as there is a plugin on the session # will default to true as there is a plugin on the session

3
keystoneclient/tests/unit/v2_0/test_auth.py
View File

@@ -79,7 +79,8 @@ class AuthenticateAgainstKeystoneTests(utils.TestCase):
self.TEST_RESPONSE_DICT["access"]["serviceCatalog"][3] self.TEST_RESPONSE_DICT["access"]["serviceCatalog"][3]
['endpoints'][0]["adminURL"]) ['endpoints'][0]["adminURL"])
self.assertEqual(cs.auth_token, TEST_TOKEN) with self.deprecations.expect_deprecations_here():
self.assertEqual(cs.auth_token, TEST_TOKEN)
self.assertRequestBodyIs(json=self.TEST_REQUEST_BODY) self.assertRequestBodyIs(json=self.TEST_REQUEST_BODY)
def test_authenticate_failure(self): def test_authenticate_failure(self):

6
keystoneclient/tests/unit/v2_0/test_client.py
View File

@@ -153,7 +153,8 @@ class KeystoneClientTest(utils.TestCase):
auth_url=self.TEST_URL) auth_url=self.TEST_URL)
self.assertEqual(cl.management_url, admin_url) self.assertEqual(cl.management_url, admin_url)
cl.authenticate() with self.deprecations.expect_deprecations_here():
cl.authenticate()
self.assertEqual(cl.management_url, second_url) self.assertEqual(cl.management_url, second_url)
def test_client_with_region_name_passes_to_service_catalog(self): def test_client_with_region_name_passes_to_service_catalog(self):
@@ -192,8 +193,9 @@ class KeystoneClientTest(utils.TestCase):
def test_client_params(self): def test_client_params(self):
with self.deprecations.expect_deprecations_here(): with self.deprecations.expect_deprecations_here():
sess = session.Session() sess = session.Session()
auth = token_endpoint.Token('a', 'b')
opts = {'auth': token_endpoint.Token('a', 'b'), opts = {'auth': auth,
'connect_retries': 50, 'connect_retries': 50,
'endpoint_override': uuid.uuid4().hex, 'endpoint_override': uuid.uuid4().hex,
'interface': uuid.uuid4().hex, 'interface': uuid.uuid4().hex,

5
keystoneclient/tests/unit/v3/test_auth_oidc.py
View File

@@ -61,11 +61,12 @@ class AuthenticateOIDCTests(utils.TestCase):
def setUp(self): def setUp(self):
super(AuthenticateOIDCTests, self).setUp() super(AuthenticateOIDCTests, self).setUp()
self.deprecations.expect_deprecations()
self.conf_fixture = self.useFixture(config.Config()) self.conf_fixture = self.useFixture(config.Config())
conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP)
with self.deprecations.expect_deprecations_here(): self.session = session.Session()
self.session = session.Session()
self.IDENTITY_PROVIDER = 'bluepages' self.IDENTITY_PROVIDER = 'bluepages'
self.PROTOCOL = 'oidc' self.PROTOCOL = 'oidc'

10
keystoneclient/tests/unit/v3/test_auth_saml2.py
View File

@@ -63,11 +63,12 @@ class AuthenticateviaSAML2Tests(utils.TestCase):
def setUp(self): def setUp(self):
super(AuthenticateviaSAML2Tests, self).setUp() super(AuthenticateviaSAML2Tests, self).setUp()
self.deprecations.expect_deprecations()
self.conf_fixture = self.useFixture(config.Config()) self.conf_fixture = self.useFixture(config.Config())
conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP)
with self.deprecations.expect_deprecations_here(): self.session = session.Session()
self.session = session.Session()
self.ECP_SP_EMPTY_REQUEST_HEADERS = { self.ECP_SP_EMPTY_REQUEST_HEADERS = {
'Accept': 'text/html; application/vnd.paos+xml', 'Accept': 'text/html; application/vnd.paos+xml',
@@ -439,11 +440,12 @@ class AuthenticateviaADFSTests(utils.TestCase):
def setUp(self): def setUp(self):
super(AuthenticateviaADFSTests, self).setUp() super(AuthenticateviaADFSTests, self).setUp()
self.deprecations.expect_deprecations()
self.conf_fixture = self.useFixture(config.Config()) self.conf_fixture = self.useFixture(config.Config())
conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP)
with self.deprecations.expect_deprecations_here(): self.session = session.Session(session=requests.Session())
self.session = session.Session(session=requests.Session())
self.IDENTITY_PROVIDER = 'adfs' self.IDENTITY_PROVIDER = 'adfs'
self.IDENTITY_PROVIDER_URL = ('http://adfs.local/adfs/service/trust/13' self.IDENTITY_PROVIDER_URL = ('http://adfs.local/adfs/service/trust/13'

12
keystoneclient/tests/unit/v3/test_client.py
View File

@@ -197,7 +197,8 @@ class KeystoneClientTest(utils.TestCase):
**kwargs) **kwargs)
self.assertEqual(cl.management_url, first_url) self.assertEqual(cl.management_url, first_url)
cl.authenticate() with self.deprecations.expect_deprecations_here():
cl.authenticate()
self.assertEqual(cl.management_url, second_url % 35357) self.assertEqual(cl.management_url, second_url % 35357)
def test_management_url_is_updated_with_project(self): def test_management_url_is_updated_with_project(self):
@@ -240,7 +241,11 @@ class KeystoneClientTest(utils.TestCase):
auth_url=self.TEST_URL) auth_url=self.TEST_URL)
def test_client_params(self): def test_client_params(self):
opts = {'auth': token_endpoint.Token('a', 'b'), with self.deprecations.expect_deprecations_here():
sess = session.Session()
auth = token_endpoint.Token('a', 'b')
opts = {'auth': auth,
'connect_retries': 50, 'connect_retries': 50,
'endpoint_override': uuid.uuid4().hex, 'endpoint_override': uuid.uuid4().hex,
'interface': uuid.uuid4().hex, 'interface': uuid.uuid4().hex,
@@ -249,9 +254,6 @@ class KeystoneClientTest(utils.TestCase):
'user_agent': uuid.uuid4().hex, 'user_agent': uuid.uuid4().hex,
} }
with self.deprecations.expect_deprecations_here():
sess = session.Session()
cl = client.Client(session=sess, **opts) cl = client.Client(session=sess, **opts)
for k, v in six.iteritems(opts): for k, v in six.iteritems(opts):

8
keystoneclient/tests/unit/v3/test_oauth1.py
View File

@@ -247,11 +247,11 @@ class AuthenticateWithOAuthTests(utils.TestCase, TokenTests):
"access_token_id": access_key} "access_token_id": access_key}
self.stub_auth(json=oauth_token) self.stub_auth(json=oauth_token)
a = auth.OAuth(self.TEST_URL, consumer_key=consumer_key,
consumer_secret=consumer_secret,
access_key=access_key,
access_secret=access_secret)
with self.deprecations.expect_deprecations_here(): with self.deprecations.expect_deprecations_here():
a = auth.OAuth(self.TEST_URL, consumer_key=consumer_key,
consumer_secret=consumer_secret,
access_key=access_key,
access_secret=access_secret)
s = session.Session(auth=a) s = session.Session(auth=a)
t = s.get_token() t = s.get_token()
self.assertEqual(self.TEST_TOKEN, t) self.assertEqual(self.TEST_TOKEN, t)