Merge "Support client generate literal ipv6 auth_uri base on auth_host"

keystoneclient/middleware/auth_token.py

@@ -153,6 +153,7 @@ import tempfile
 import time
 import urllib
 
+import netaddr
 import six
 
 from keystoneclient.common import cms
@@ -375,11 +376,16 @@ class AuthProtocol(object):
                 'Configuring auth_uri to point to the public identity '
                 'endpoint is required; clients may not be able to '
                 'authenticate against an admin endpoint')
-
+            host = self.auth_host
+            if netaddr.valid_ipv6(host):
+                # Note(dzyu) it is an IPv6 address, so it needs to be wrapped
+                # with '[]' to generate a valid IPv6 URL, based on
+                # http://www.ietf.org/rfc/rfc2732.txt
+                host = '[%s]' % host
             # FIXME(dolph): drop support for this fallback behavior as
             # documented in bug 1207517
             self.auth_uri = '%s://%s:%s' % (self.auth_protocol,
-                                            self.auth_host,
+                                            host,
                                             self.auth_port)
 
         # SSL

tests/test_auth_token_middleware.py

@@ -397,6 +397,16 @@ class CommonAuthTokenMiddlewareTest(object):
         self.set_middleware(conf=conf)
         self.assertLastPath(None)
 
+    def test_init_by_ipv6Addr_auth_host(self):
+        conf = {
+            'auth_host': '2001:2013:1:f101::1',
+            'auth_port': 1234,
+            'auth_protocol': 'http',
+        }
+        self.set_middleware(conf=conf)
+        expected_auth_uri = 'http://[2001:2013:1:f101::1]:1234'
+        self.assertEqual(expected_auth_uri, self.middleware.auth_uri)
+
     def assert_valid_request_200(self, token, with_catalog=True):
         req = webob.Request.blank('/')
         req.headers['X-Auth-Token'] = token