From 496a0efc43c40fb030b62f3ed632ee50659a9b41 Mon Sep 17 00:00:00 2001
From: Jamie Lennox <jamielennox@redhat.com>
Date: Thu, 30 Oct 2014 15:12:05 +0100
Subject: [PATCH] Surface the user_id and project_id beyond the plugin

Having the user_id and project_id exposed in the plugin is a good first
step however we don't really expect the user to be interacting with the
plugins directly often - particularly as you need to pass session to the
methods.

Exposing get_user_id and get_project_id on the session and the adapter
in this way is very similar to the way we expose get_token and
get_endpoint on the session and adapter for use higher up.

Related-Bug: #1364724
Change-Id: If2f868c3ddc19133f18446e74f8e1b560a4798fa
---
 keystoneclient/adapter.py            | 34 ++++++++++++++
 keystoneclient/session.py            | 67 +++++++++++++++++++---------
 keystoneclient/tests/test_session.py | 23 ++++++++++
 3 files changed, 104 insertions(+), 20 deletions(-)

diff --git a/keystoneclient/adapter.py b/keystoneclient/adapter.py
index ea0d342aa..e14ce7df6 100644
--- a/keystoneclient/adapter.py
+++ b/keystoneclient/adapter.py
@@ -126,6 +126,40 @@ class Adapter(object):
         """Invalidate an authentication plugin."""
         return self.session.invalidate(auth or self.auth)
 
+    def get_user_id(self, auth=None):
+        """Return the authenticated user_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns: Current `user_id` or None if not supported by plugin.
+        :rtype: string
+        """
+        return self.session.get_user_id(auth or self.auth)
+
+    def get_project_id(self, auth=None):
+        """Return the authenticated project_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns: Current `project_id` or None if not supported by plugin.
+        :rtype: string
+        """
+        return self.session.get_project_id(auth or self.auth)
+
     def get(self, url, **kwargs):
         return self.request(url, 'GET', **kwargs)
 
diff --git a/keystoneclient/session.py b/keystoneclient/session.py
index 1f606e43e..0c3edbba1 100644
--- a/keystoneclient/session.py
+++ b/keystoneclient/session.py
@@ -549,6 +549,16 @@ class Session(object):
 
         return cls(verify=verify, cert=cert, **kwargs)
 
+    def _auth_required(self, auth, msg):
+        if not auth:
+            auth = self.auth
+
+        if not auth:
+            msg_fmt = _('An auth plugin is required to %s')
+            raise exceptions.MissingAuthPlugin(msg_fmt % msg)
+
+        return auth
+
     def get_token(self, auth=None):
         """Return a token as provided by the auth plugin.
 
@@ -564,11 +574,7 @@ class Session(object):
         :returns: A valid token.
         :rtype: string
         """
-        if not auth:
-            auth = self.auth
-
-        if not auth:
-            raise exceptions.MissingAuthPlugin(_("Token Required"))
+        auth = self._auth_required(auth, 'fetch a token')
 
         try:
             return auth.get_token(self)
@@ -589,14 +595,7 @@ class Session(object):
         :returns: An endpoint if available or None.
         :rtype: string
         """
-        if not auth:
-            auth = self.auth
-
-        if not auth:
-            raise exceptions.MissingAuthPlugin(
-                _('An auth plugin is required to determine the endpoint '
-                  'URL.'))
-
+        auth = self._auth_required(auth, 'determine endpoint URL')
         return auth.get_endpoint(self, **kwargs)
 
     def invalidate(self, auth=None):
@@ -607,15 +606,43 @@ class Session(object):
         :type auth: :py:class:`keystoneclient.auth.base.BaseAuthPlugin`
 
         """
-        if not auth:
-            auth = self.auth
-
-        if not auth:
-            msg = _('Auth plugin not available to invalidate')
-            raise exceptions.MissingAuthPlugin(msg)
-
+        auth = self._auth_required(auth, 'validate')
         return auth.invalidate()
 
+    def get_user_id(self, auth=None):
+        """Return the authenticated user_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns string: Current user_id or None if not supported by plugin.
+        """
+        auth = self._auth_required(auth, 'get user_id')
+        return auth.get_user_id(self)
+
+    def get_project_id(self, auth=None):
+        """Return the authenticated project_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns string: Current project_id or None if not supported by plugin.
+        """
+        auth = self._auth_required(auth, 'get project_id')
+        return auth.get_project_id(self)
+
     @utils.positional.classmethod()
     def get_conf_options(cls, deprecated_opts=None):
         """Get the oslo.config options that are needed for a
diff --git a/keystoneclient/tests/test_session.py b/keystoneclient/tests/test_session.py
index 3cd7ae5f6..33dda0834 100644
--- a/keystoneclient/tests/test_session.py
+++ b/keystoneclient/tests/test_session.py
@@ -321,6 +321,8 @@ class AuthPlugin(base.BaseAuthPlugin):
     """
 
     TEST_TOKEN = 'aToken'
+    TEST_USER_ID = 'aUser'
+    TEST_PROJECT_ID = 'aProject'
 
     SERVICE_URLS = {
         'identity': {'public': 'http://identity-public:1111/v2.0',
@@ -348,6 +350,12 @@ class AuthPlugin(base.BaseAuthPlugin):
     def invalidate(self):
         return self._invalidate
 
+    def get_user_id(self, session):
+        return self.TEST_USER_ID
+
+    def get_project_id(self, session):
+        return self.TEST_PROJECT_ID
+
 
 class CalledAuthPlugin(base.BaseAuthPlugin):
 
@@ -582,6 +590,13 @@ class SessionAuthTests(utils.TestCase):
         self.assertTrue(auth.get_token_called)
         self.assertFalse(auth.get_endpoint_called)
 
+    def test_user_and_project_id(self):
+        auth = AuthPlugin()
+        sess = client_session.Session(auth=auth)
+
+        self.assertEqual(auth.TEST_USER_ID, sess.get_user_id())
+        self.assertEqual(auth.TEST_PROJECT_ID, sess.get_project_id())
+
 
 class AdapterTest(utils.TestCase):
 
@@ -737,6 +752,14 @@ class AdapterTest(utils.TestCase):
         self.assertThat(self.requests.request_history,
                         matchers.HasLength(retries + 1))
 
+    def test_user_and_project_id(self):
+        auth = AuthPlugin()
+        sess = client_session.Session()
+        adpt = adapter.Adapter(sess, auth=auth)
+
+        self.assertEqual(auth.TEST_USER_ID, adpt.get_user_id())
+        self.assertEqual(auth.TEST_PROJECT_ID, adpt.get_project_id())
+
 
 class ConfLoadingTests(utils.TestCase):