Accept token and tenant_id for authenticating against KS

Allow swiftclient to authenticate against keystone using tenant name/id and token only. Without this patch, the password is required, which may not always be available. Authentication against keystone is required to get the service catalog, which includes the endpoints for swift. Change-Id: I4477af445474c5fa97ff864c4942f1330b59e5d6 Closes-Bug: #1476002
2015-04-12 22:33:57 -05:00 · 2015-04-12 22:33:57 -05:00 · a175689418
parent e52df5d8a5
commit a175689418
3 changed files with 11 additions and 5 deletions
--- a/swiftclient/client.py
+++ b/swiftclient/client.py
@ -366,6 +366,7 @@ def get_auth_keystone(auth_url, user, key, os_options, **kwargs):
        _ksclient = ksclient.Client(
            username=user,
            password=key,
+            token=os_options.get('auth_token'),
            tenant_name=os_options.get('tenant_name'),
            tenant_id=os_options.get('tenant_id'),
            user_id=os_options.get('user_id'),
--- a/tests/unit/test_swiftclient.py
+++ b/tests/unit/test_swiftclient.py
@ -1534,9 +1534,10 @@ class TestConnection(MockHttpTest):

        # v2 auth
        timeouts = []
+        os_options = {'tenant_name': 'tenant', 'auth_token': 'meta-token'}
        conn = c.Connection(
            'http://auth.example.com', 'user', 'password', timeout=33.0,
-            os_options=dict(tenant_name='tenant'), auth_version=2.0)
+            os_options=os_options, auth_version=2.0)
        fake_ks = FakeKeystone(endpoint='http://some_url', token='secret')
        with mock.patch('swiftclient.client._import_keystone_client',
                        _make_fake_import_keystone_client(fake_ks)):
@ -1552,6 +1553,10 @@ class TestConnection(MockHttpTest):
        # check timeout passed to HEAD for account
        self.assertEqual(timeouts, [33.0])

+        # check token passed to keystone client
+        self.assertIn('token', fake_ks.calls[0])
+        self.assertEqual('meta-token', fake_ks.calls[0].get('token'))
+
    def test_reset_stream(self):

        class LocalContents(object):
--- a/tests/unit/utils.py
+++ b/tests/unit/utils.py
@ -504,8 +504,8 @@ class FakeKeystone(object):
        self.token = token

    class _Client(object):
-        def __init__(self, endpoint, token, **kwargs):
-            self.auth_token = token
+        def __init__(self, endpoint, auth_token, **kwargs):
+            self.auth_token = auth_token
            self.endpoint = endpoint
            self.service_catalog = self.ServiceCatalog(endpoint)

@ -520,8 +520,8 @@ class FakeKeystone(object):

    def Client(self, **kwargs):
        self.calls.append(kwargs)
-        self.client = self._Client(endpoint=self.endpoint, token=self.token,
-                                   **kwargs)
+        self.client = self._Client(
+            endpoint=self.endpoint, auth_token=self.token, **kwargs)
        return self.client

    class Unauthorized(Exception):