From 799e1faa505ac0c62d6db76ad68cdbb2d7148888 Mon Sep 17 00:00:00 2001 From: Brant Knudson Date: Fri, 24 Jul 2015 13:16:00 -0500 Subject: [PATCH] Proper deprecation for BaseIdentityPlugin username, password, token_id properties BaseIdentityPlugin's username, password, and token_id properties weren't properly deprecated since all they had was a comment in the code. Proper deprecation requires use of warnings and documentation. Where the plugins already provide their own properties, the properties need to be un-deprecated. bp deprecations Change-Id: Ic9fce89b8544d8c01f16e8f9c2f9dd2659d03c18 --- keystoneclient/auth/identity/base.py | 79 ++++++++++++++++++++++++- keystoneclient/auth/identity/v2.py | 36 ++++++++++- keystoneclient/contrib/auth/v3/oidc.py | 24 +++++++- keystoneclient/contrib/auth/v3/saml2.py | 44 +++++++++++++- 4 files changed, 173 insertions(+), 10 deletions(-) diff --git a/keystoneclient/auth/identity/base.py b/keystoneclient/auth/identity/base.py index f7851926b..b6ff4aea4 100644 --- a/keystoneclient/auth/identity/base.py +++ b/keystoneclient/auth/identity/base.py @@ -12,6 +12,7 @@ import abc import logging +import warnings from oslo_config import cfg import six @@ -54,13 +55,85 @@ class BaseIdentityPlugin(base.BaseAuthPlugin): self._endpoint_cache = {} + self._username = username + self._password = password + self._token = token # NOTE(jamielennox): DEPRECATED. The following should not really be set # here but handled by the individual auth plugin. - self.username = username - self.password = password - self.token = token self.trust_id = trust_id + @property + def username(self): + """Deprecated as of the 1.7.0 release and may be removed in the 2.0.0 + release. + """ + + warnings.warn( + 'username is deprecated as of the 1.7.0 release and may be ' + 'removed in the 2.0.0 release.', DeprecationWarning) + + return self._username + + @username.setter + def username(self, value): + """Deprecated as of the 1.7.0 release and may be removed in the 2.0.0 + release. + """ + + warnings.warn( + 'username is deprecated as of the 1.7.0 release and may be ' + 'removed in the 2.0.0 release.', DeprecationWarning) + + self._username = value + + @property + def password(self): + """Deprecated as of the 1.7.0 release and may be removed in the 2.0.0 + release. + """ + + warnings.warn( + 'password is deprecated as of the 1.7.0 release and may be ' + 'removed in the 2.0.0 release.', DeprecationWarning) + + return self._password + + @password.setter + def password(self, value): + """Deprecated as of the 1.7.0 release and may be removed in the 2.0.0 + release. + """ + + warnings.warn( + 'password is deprecated as of the 1.7.0 release and may be ' + 'removed in the 2.0.0 release.', DeprecationWarning) + + self._password = value + + @property + def token(self): + """Deprecated as of the 1.7.0 release and may be removed in the 2.0.0 + release. + """ + + warnings.warn( + 'token is deprecated as of the 1.7.0 release and may be ' + 'removed in the 2.0.0 release.', DeprecationWarning) + + return self._token + + @token.setter + def token(self, value): + """Deprecated as of the 1.7.0 release and may be removed in the 2.0.0 + release. + """ + + warnings.warn( + 'token is deprecated as of the 1.7.0 release and may be ' + 'removed in the 2.0.0 release.', DeprecationWarning) + + self._token = value + @abc.abstractmethod def get_auth_ref(self, session, **kwargs): """Obtain a token from an OpenStack Identity Service. diff --git a/keystoneclient/auth/identity/v2.py b/keystoneclient/auth/identity/v2.py index 3ea74b779..725da3b8d 100644 --- a/keystoneclient/auth/identity/v2.py +++ b/keystoneclient/auth/identity/v2.py @@ -131,8 +131,28 @@ class Password(Auth): user_id = None self.user_id = user_id - self.username = username - self.password = password + self._username = username + self._password = password + + @property + def username(self): + # Override to remove deprecation. + return self._username + + @username.setter + def username(self, value): + # Override to remove deprecation. + self._username = value + + @property + def password(self): + # Override to remove deprecation. + return self._password + + @password.setter + def password(self, value): + # Override to remove deprecation. + self._password = value def get_auth_data(self, headers=None): auth = {'password': self.password} @@ -182,7 +202,17 @@ class Token(Auth): def __init__(self, auth_url, token, **kwargs): super(Token, self).__init__(auth_url, **kwargs) - self.token = token + self._token = token + + @property + def token(self): + # Override to remove deprecation. + return self._token + + @token.setter + def token(self, value): + # Override to remove deprecation. + self._token = value def get_auth_data(self, headers=None): if headers is not None: diff --git a/keystoneclient/contrib/auth/v3/oidc.py b/keystoneclient/contrib/auth/v3/oidc.py index 6105e0687..0c9451920 100644 --- a/keystoneclient/contrib/auth/v3/oidc.py +++ b/keystoneclient/contrib/auth/v3/oidc.py @@ -87,14 +87,34 @@ class OidcPassword(federated.FederatedBaseAuth): """ super(OidcPassword, self).__init__(auth_url, identity_provider, protocol) - self.username = username - self.password = password + self._username = username + self._password = password self.client_id = client_id self.client_secret = client_secret self.access_token_endpoint = access_token_endpoint self.scope = scope self.grant_type = grant_type + @property + def username(self): + # Override to remove deprecation. + return self._username + + @username.setter + def username(self, value): + # Override to remove deprecation. + self._username = value + + @property + def password(self): + # Override to remove deprecation. + return self._password + + @password.setter + def password(self, value): + # Override to remove deprecation. + self._password = value + def get_unscoped_auth_ref(self, session): """Authenticate with OpenID Connect and get back claims. diff --git a/keystoneclient/contrib/auth/v3/saml2.py b/keystoneclient/contrib/auth/v3/saml2.py index f3bb1052c..fc85f49fd 100644 --- a/keystoneclient/contrib/auth/v3/saml2.py +++ b/keystoneclient/contrib/auth/v3/saml2.py @@ -170,7 +170,27 @@ class Saml2UnscopedToken(_BaseSAMLPlugin): super(Saml2UnscopedToken, self).__init__(auth_url=auth_url, **kwargs) self.identity_provider = identity_provider self.identity_provider_url = identity_provider_url - self.username, self.password = username, password + self._username, self._password = username, password + + @property + def username(self): + # Override to remove deprecation. + return self._username + + @username.setter + def username(self, value): + # Override to remove deprecation. + self._username = value + + @property + def password(self): + # Override to remove deprecation. + return self._password + + @password.setter + def password(self, value): + # Override to remove deprecation. + self._password = value def _handle_http_302_ecp_redirect(self, session, response, method, **kwargs): @@ -490,7 +510,27 @@ class ADFSUnscopedToken(_BaseSAMLPlugin): self.identity_provider = identity_provider self.identity_provider_url = identity_provider_url self.service_provider_endpoint = service_provider_endpoint - self.username, self.password = username, password + self._username, self._password = username, password + + @property + def username(self): + # Override to remove deprecation. + return self._username + + @username.setter + def username(self, value): + # Override to remove deprecation. + self._username = value + + @property + def password(self): + # Override to remove deprecation. + return self._password + + @password.setter + def password(self, value): + # Override to remove deprecation. + self._password = value @classmethod def get_options(cls):