From c2c6e166c8afc1eec9c030cf4dcdf58c9891eddb Mon Sep 17 00:00:00 2001
From: Renat Akhmerov <renat.akhmerov@gmail.com>
Date: Thu, 12 Jan 2017 16:15:41 +0700
Subject: [PATCH] Add user and project domain name parameters for target cloud

Closes-Bug: #1655277
Change-Id: I576050f241f870779e54928bd1d247e9a6673568
---
 mistralclient/api/httpclient.py             | 24 ++++++++++---
 mistralclient/auth/keystone.py              | 37 +++++++++++++--------
 mistralclient/shell.py                      | 18 ++++++++++
 mistralclient/tests/unit/test_httpclient.py | 31 ++++++++++-------
 4 files changed, 80 insertions(+), 30 deletions(-)

diff --git a/mistralclient/api/httpclient.py b/mistralclient/api/httpclient.py
index ea89ca20..32abf82f 100644
--- a/mistralclient/api/httpclient.py
+++ b/mistralclient/api/httpclient.py
@@ -29,13 +29,16 @@ CERT_FILE = 'cert'
 CERT_KEY = 'key'
 INSECURE = 'insecure'
 PROJECT_ID = 'project_id'
+USER_ID = 'user_id'
+
 TARGET_AUTH_TOKEN = 'target_auth_token'
 TARGET_AUTH_URI = 'target_auth_url'
 TARGET_PROJECT_ID = 'target_project_id'
 TARGET_USER_ID = 'target_user_id'
 TARGET_SERVICE_CATALOG = 'target_service_catalog'
 TARGET_REGION_NAME = 'target_region_name'
-USER_ID = 'user_id'
+TARGET_USER_DOMAIN_NAME = 'target_user_domain_name'
+TARGET_PROJECT_DOMAIN_NAME = 'target_project_domain_name'
 
 osprofiler_web = importutils.try_import("osprofiler.web")
 
@@ -57,15 +60,20 @@ class HTTPClient(object):
         self.auth_token = kwargs.get(AUTH_TOKEN)
         self.project_id = kwargs.get(PROJECT_ID)
         self.user_id = kwargs.get(USER_ID)
+        self.cacert = kwargs.get(CACERT)
+        self.insecure = kwargs.get(INSECURE, False)
+        self.ssl_options = {}
+
         self.target_auth_token = kwargs.get(TARGET_AUTH_TOKEN)
         self.target_auth_uri = kwargs.get(TARGET_AUTH_URI)
         self.target_user_id = kwargs.get(TARGET_USER_ID)
         self.target_project_id = kwargs.get(TARGET_PROJECT_ID)
         self.target_service_catalog = kwargs.get(TARGET_SERVICE_CATALOG)
         self.target_region_name = kwargs.get(TARGET_REGION_NAME)
-        self.cacert = kwargs.get(CACERT)
-        self.insecure = kwargs.get(INSECURE, False)
-        self.ssl_options = {}
+        self.target_user_domain_name = kwargs.get(TARGET_USER_DOMAIN_NAME)
+        self.target_project_domain_name = kwargs.get(
+            TARGET_PROJECT_DOMAIN_NAME
+        )
 
         if self.base_url.startswith('https'):
             if self.cacert and not os.path.exists(self.cacert):
@@ -153,6 +161,14 @@ class HTTPClient(object):
         if self.target_region_name:
             headers['X-Target-Region-Name'] = self.target_region_name
 
+        if self.target_user_domain_name:
+            headers['X-Target-User-Domain-Name'] = self.target_user_domain_name
+
+        if self.target_project_domain_name:
+            h_name = 'X-Target-Project-Domain-Name'
+
+            headers[h_name] = self.target_project_domain_name
+
         if self.target_service_catalog:
             headers['X-Target-Service-Catalog'] = base64.b64encode(
                 self.target_service_catalog.encode('utf-8')
diff --git a/mistralclient/auth/keystone.py b/mistralclient/auth/keystone.py
index ff2694dd..bb06ddea 100644
--- a/mistralclient/auth/keystone.py
+++ b/mistralclient/auth/keystone.py
@@ -39,31 +39,38 @@ class KeystoneAuthHandler(auth.AuthHandler):
         if not isinstance(req, dict):
             raise TypeError('The input "req" is not typeof dict.')
 
-        auth_url = req.get('auth_url')
         mistral_url = req.get('mistral_url')
         endpoint_type = req.get('endpoint_type', 'publicURL')
         service_type = req.get('service_type', 'workflow2')
+
+        auth_url = req.get('auth_url')
         username = req.get('username')
         user_id = req.get('user_id')
         api_key = req.get('api_key')
         auth_token = req.get('auth_token')
         project_name = req.get('project_name')
         project_id = req.get('project_id')
-        cacert = req.get('cacert')
         region_name = req.get('region_name')
-        insecure = req.get('insecure', False)
-        target_username = req.get('target_username')
-        target_api_key = req.get('target_api_key')
-        target_project_name = req.get('target_project_name')
-        target_auth_url = req.get('target_auth_url')
-        target_project_id = req.get('target_project_id')
-        target_auth_token = req.get('target_auth_token')
-        target_user_id = req.get('target_user_id')
-        target_cacert = req.get('target_cacert')
-        target_region_name = req.get('target_region_name')
-        target_insecure = req.get('target_insecure')
         user_domain_name = req.get('user_domain_name', 'Default')
         project_domain_name = req.get('project_domain_name', 'Default')
+        cacert = req.get('cacert')
+        insecure = req.get('insecure', False)
+
+        target_auth_url = req.get('target_auth_url')
+        target_username = req.get('target_username')
+        target_user_id = req.get('target_user_id')
+        target_api_key = req.get('target_api_key')
+        target_auth_token = req.get('target_auth_token')
+        target_project_name = req.get('target_project_name')
+        target_project_id = req.get('target_project_id')
+        target_region_name = req.get('target_region_name')
+        target_user_domain_name = req.get('target_user_domain_name', 'Default')
+        target_project_domain_name = req.get(
+            'target_project_domain_name',
+            'Default'
+        )
+        target_cacert = req.get('target_cacert')
+        target_insecure = req.get('target_insecure')
 
         if project_name and project_id:
             raise RuntimeError(
@@ -129,7 +136,9 @@ class KeystoneAuthHandler(auth.AuthHandler):
                 endpoint=target_auth_url,
                 cacert=target_cacert,
                 insecure=target_insecure,
-                region_name=target_region_name
+                region_name=target_region_name,
+                user_domain_name=target_user_domain_name,
+                project_domain_name=target_project_domain_name
             )
 
             target_keystone.authenticate()
diff --git a/mistralclient/shell.py b/mistralclient/shell.py
index 54f44db1..eae5599d 100644
--- a/mistralclient/shell.py
+++ b/mistralclient/shell.py
@@ -449,6 +449,24 @@ class MistralShell(app.App):
                  '(Env: OS_TARGET_REGION_NAME)'
         )
 
+        parser.add_argument(
+            '--os-target-user-domain-name',
+            action='store',
+            dest='target_user_domain_name',
+            default=env('OS_TARGET_USER_DOMAIN_NAME'),
+            help='User domain name for target cloud'
+                 '(Env: OS_TARGET_USER_DOMAIN_NAME)'
+        )
+
+        parser.add_argument(
+            '--os-target-project-domain-name',
+            action='store',
+            dest='target_project_domain_name',
+            default=env('OS_TARGET_PROJECT_DOMAIN_NAME'),
+            help='Project domain name for target cloud'
+                 '(Env: OS_TARGET_PROJECT_DOMAIN_NAME)'
+        )
+
         parser.add_argument(
             '--target_insecure',
             action='store_true',
diff --git a/mistralclient/tests/unit/test_httpclient.py b/mistralclient/tests/unit/test_httpclient.py
index 23845a8a..6744233f 100644
--- a/mistralclient/tests/unit/test_httpclient.py
+++ b/mistralclient/tests/unit/test_httpclient.py
@@ -140,6 +140,8 @@ class HTTPClientTest(base.BaseTestCase):
         target_project_id = 'target_project'
         target_service_catalog = 'this should be there'
         target_region = 'target region name'
+        target_user_domain_name = 'target user domain name'
+        target_project_domain_name = 'target project domain name'
 
         target_client = httpclient.HTTPClient(
             API_BASE_URL,
@@ -151,24 +153,29 @@ class HTTPClientTest(base.BaseTestCase):
             target_project_id=target_project_id,
             target_user_id=target_user_id,
             target_service_catalog=target_service_catalog,
-            target_region_name=target_region
+            target_region_name=target_region,
+            target_user_domain_name=target_user_domain_name,
+            target_project_domain_name=target_project_domain_name
         )
 
         target_client.get(API_URL)
 
         expected_options = copy.deepcopy(EXPECTED_REQ_OPTIONS)
-        expected_options["headers"]["X-Target-Auth-Uri"] = target_auth_url
-        expected_options["headers"]["X-Target-Auth-Token"] = target_auth_token
-        expected_options["headers"]["X-Target-User-Id"] = target_user_id
-        expected_options["headers"]["X-Target-Project-Id"] = target_project_id
-        expected_options["headers"]["X-Target-Region-Name"] = target_region
-        catalog = base64.b64encode(target_service_catalog.encode('utf-8'))
-        expected_options["headers"]["X-Target-Service-Catalog"] = catalog
 
-        requests.get.assert_called_with(
-            EXPECTED_URL,
-            **expected_options
-        )
+        headers = expected_options["headers"]
+
+        headers["X-Target-Auth-Uri"] = target_auth_url
+        headers["X-Target-Auth-Token"] = target_auth_token
+        headers["X-Target-User-Id"] = target_user_id
+        headers["X-Target-Project-Id"] = target_project_id
+        headers["X-Target-Region-Name"] = target_region
+        headers["X-Target-User-Domain-Name"] = target_user_domain_name
+        headers["X-Target-Project-Domain-Name"] = target_project_domain_name
+
+        catalog = base64.b64encode(target_service_catalog.encode('utf-8'))
+        headers["X-Target-Service-Catalog"] = catalog
+
+        requests.get.assert_called_with(EXPECTED_URL, **expected_options)
 
     @mock.patch.object(
         requests,