From 90012355b4ea24a7321f66b329b543f306d2cefe Mon Sep 17 00:00:00 2001
From: Andrea Frittoli <andrea.frittoli@hp.com>
Date: Wed, 25 Feb 2015 21:58:02 +0000
Subject: [PATCH] Prepare token clients for migration to tempest-lib

Prepare token clients for migration to tempest-lib together
with auth.py. Removing all the dependencies from CONF, and thus
introducing new parameters in auth providers as well.

Change-Id: I7c03b07ec1b9268fea68125b5bbfa8fe0ff75b71
---
 .../admin/v3/test_default_project_id.py       |  4 +--
 tempest/auth.py                               | 15 ++++++--
 tempest/clients.py                            |  7 ++--
 tempest/cmd/javelin.py                        |  9 ++++-
 tempest/manager.py                            | 35 +++++++++++--------
 .../services/identity/json/token_client.py    | 11 ++++--
 .../services/identity/v3/json/token_client.py | 11 ++++--
 7 files changed, 64 insertions(+), 28 deletions(-)

diff --git a/tempest/api/identity/admin/v3/test_default_project_id.py b/tempest/api/identity/admin/v3/test_default_project_id.py
index 649ca34c06..b7b78da61a 100644
--- a/tempest/api/identity/admin/v3/test_default_project_id.py
+++ b/tempest/api/identity/admin/v3/test_default_project_id.py
@@ -15,6 +15,7 @@ from tempest import auth
 from tempest import clients
 from tempest.common.utils import data_utils
 from tempest import config
+from tempest import manager
 from tempest import test
 
 CONF = config.CONF
@@ -74,8 +75,7 @@ class TestDefaultProjectId (base.BaseIdentityV3AdminTest):
         creds = auth.KeystoneV3Credentials(username=user_name,
                                            password=user_name,
                                            domain_name=dom_name)
-        auth_provider = auth.KeystoneV3AuthProvider(creds,
-                                                    CONF.identity.uri_v3)
+        auth_provider = manager.get_auth_provider(creds)
         creds = auth_provider.fill_credentials()
         admin_client = clients.Manager(credentials=creds)
 
diff --git a/tempest/auth.py b/tempest/auth.py
index 7b00f2add3..5e76a88e60 100644
--- a/tempest/auth.py
+++ b/tempest/auth.py
@@ -186,8 +186,13 @@ class KeystoneAuthProvider(AuthProvider):
 
     token_expiry_threshold = datetime.timedelta(seconds=60)
 
-    def __init__(self, credentials, auth_url):
+    def __init__(self, credentials, auth_url,
+                 disable_ssl_certificate_validation=None,
+                 ca_certs=None, trace_requests=None):
         super(KeystoneAuthProvider, self).__init__(credentials)
+        self.dsvm = disable_ssl_certificate_validation
+        self.ca_certs = ca_certs
+        self.trace_requests = trace_requests
         self.auth_client = self._auth_client(auth_url)
 
     def _decorate_request(self, filters, method, url, headers=None, body=None,
@@ -237,7 +242,9 @@ class KeystoneV2AuthProvider(KeystoneAuthProvider):
     EXPIRY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%SZ'
 
     def _auth_client(self, auth_url):
-        return json_id.TokenClientJSON(auth_url)
+        return json_id.TokenClientJSON(
+            auth_url, disable_ssl_certificate_validation=self.dsvm,
+            ca_certs=self.ca_certs, trace_requests=self.trace_requests)
 
     def _auth_params(self):
         return dict(
@@ -315,7 +322,9 @@ class KeystoneV3AuthProvider(KeystoneAuthProvider):
     EXPIRY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ'
 
     def _auth_client(self, auth_url):
-        return json_v3id.V3TokenClientJSON(auth_url)
+        return json_v3id.V3TokenClientJSON(
+            auth_url, disable_ssl_certificate_validation=self.dsvm,
+            ca_certs=self.ca_certs, trace_requests=self.trace_requests)
 
     def _auth_params(self):
         return dict(
diff --git a/tempest/clients.py b/tempest/clients.py
index fa3f65e702..7a41f32bf7 100644
--- a/tempest/clients.py
+++ b/tempest/clients.py
@@ -320,9 +320,12 @@ class Manager(manager.Manager):
         self.region_client = RegionClientJSON(self.auth_provider, **params)
         self.credentials_client = CredentialsClientJSON(self.auth_provider,
                                                         **params)
-        self.token_client = TokenClientJSON(CONF.identity.uri)
+        # Token clients do not use the catalog. They only need default_params.
+        self.token_client = TokenClientJSON(CONF.identity.uri,
+                                            **self.default_params)
         if CONF.identity_feature_enabled.api_v3:
-            self.token_v3_client = V3TokenClientJSON(CONF.identity.uri_v3)
+            self.token_v3_client = V3TokenClientJSON(CONF.identity.uri_v3,
+                                                     **self.default_params)
 
     def _set_volume_clients(self):
         params = {
diff --git a/tempest/cmd/javelin.py b/tempest/cmd/javelin.py
index b06968e1e4..aff4087610 100755
--- a/tempest/cmd/javelin.py
+++ b/tempest/cmd/javelin.py
@@ -176,7 +176,14 @@ class OSClient(object):
             username=user,
             password=pw,
             tenant_name=tenant)
-        _auth = tempest.auth.KeystoneV2AuthProvider(_creds, CONF.identity.uri)
+        auth_provider_params = {
+            'disable_ssl_certificate_validation':
+                CONF.identity.disable_ssl_certificate_validation,
+            'ca_certs': CONF.identity.ca_certificates_file,
+            'trace_requests': CONF.debug.trace_requests
+        }
+        _auth = tempest.auth.KeystoneV2AuthProvider(
+            _creds, CONF.identity.uri, **auth_provider_params)
         self.identity = identity_client.IdentityClientJSON(
             _auth,
             CONF.identity.catalog_type,
diff --git a/tempest/manager.py b/tempest/manager.py
index 50f7e6eb77..a256f255a2 100644
--- a/tempest/manager.py
+++ b/tempest/manager.py
@@ -47,21 +47,28 @@ class Manager(object):
         if not self.credentials.is_valid():
             raise exceptions.InvalidCredentials()
         # Creates an auth provider for the credentials
-        self.auth_provider = self.get_auth_provider(self.credentials)
+        self.auth_provider = get_auth_provider(self.credentials)
         # FIXME(andreaf) unused
         self.client_attr_names = []
 
-    @classmethod
-    def get_auth_provider_class(cls, credentials):
-        if isinstance(credentials, auth.KeystoneV3Credentials):
-            return auth.KeystoneV3AuthProvider, CONF.identity.uri_v3
-        else:
-            return auth.KeystoneV2AuthProvider, CONF.identity.uri
 
-    def get_auth_provider(self, credentials):
-        if credentials is None:
-            raise exceptions.InvalidCredentials(
-                'Credentials must be specified')
-        auth_provider_class, auth_url = self.get_auth_provider_class(
-            credentials)
-        return auth_provider_class(credentials, auth_url)
+def get_auth_provider_class(credentials):
+    if isinstance(credentials, auth.KeystoneV3Credentials):
+        return auth.KeystoneV3AuthProvider, CONF.identity.uri_v3
+    else:
+        return auth.KeystoneV2AuthProvider, CONF.identity.uri
+
+
+def get_auth_provider(credentials):
+    default_params = {
+        'disable_ssl_certificate_validation':
+            CONF.identity.disable_ssl_certificate_validation,
+        'ca_certs': CONF.identity.ca_certificates_file,
+        'trace_requests': CONF.debug.trace_requests
+    }
+    if credentials is None:
+        raise exceptions.InvalidCredentials(
+            'Credentials must be specified')
+    auth_provider_class, auth_url = get_auth_provider_class(
+        credentials)
+    return auth_provider_class(credentials, auth_url, **default_params)
diff --git a/tempest/services/identity/json/token_client.py b/tempest/services/identity/json/token_client.py
index b28dabbf56..e61ac8467c 100644
--- a/tempest/services/identity/json/token_client.py
+++ b/tempest/services/identity/json/token_client.py
@@ -13,16 +13,21 @@
 #    under the License.
 
 import json
+from tempest_lib.common import rest_client
 from tempest_lib import exceptions as lib_exc
 
 from tempest.common import service_client
 from tempest import exceptions
 
 
-class TokenClientJSON(service_client.ServiceClient):
+class TokenClientJSON(rest_client.RestClient):
 
-    def __init__(self, auth_url):
-        super(TokenClientJSON, self).__init__(None, None, None)
+    def __init__(self, auth_url, disable_ssl_certificate_validation=None,
+                 ca_certs=None, trace_requests=None):
+        dscv = disable_ssl_certificate_validation
+        super(TokenClientJSON, self).__init__(
+            None, None, None, disable_ssl_certificate_validation=dscv,
+            ca_certs=ca_certs, trace_requests=trace_requests)
 
         # Normalize URI to ensure /tokens is in it.
         if 'tokens' not in auth_url:
diff --git a/tempest/services/identity/v3/json/token_client.py b/tempest/services/identity/v3/json/token_client.py
index 582897a6a5..b0824a7ded 100644
--- a/tempest/services/identity/v3/json/token_client.py
+++ b/tempest/services/identity/v3/json/token_client.py
@@ -13,16 +13,21 @@
 #    under the License.
 
 import json
+from tempest_lib.common import rest_client
 from tempest_lib import exceptions as lib_exc
 
 from tempest.common import service_client
 from tempest import exceptions
 
 
-class V3TokenClientJSON(service_client.ServiceClient):
+class V3TokenClientJSON(rest_client.RestClient):
 
-    def __init__(self, auth_url):
-        super(V3TokenClientJSON, self).__init__(None, None, None)
+    def __init__(self, auth_url, disable_ssl_certificate_validation=None,
+                 ca_certs=None, trace_requests=None):
+        dscv = disable_ssl_certificate_validation
+        super(V3TokenClientJSON, self).__init__(
+            None, None, None, disable_ssl_certificate_validation=dscv,
+            ca_certs=ca_certs, trace_requests=trace_requests)
         if not auth_url:
             raise exceptions.InvalidConfiguration('you must specify a v3 uri '
                                                   'if using the v3 identity '