Replaces pipelines with flag for auth strategy

Forcing deployers to modify a paste config file to change auth
 strategies is very fragile. This simplifies things by keying
 pipeline construction off of a single flag. Note that this will
 require a small change to devstack.

Change-Id: I49728c356266e6084ecafb6c59542390137f89e9

nova/auth/manager.py

@@ -40,9 +40,6 @@ from nova.auth import signer
 
 
 auth_opts = [
-    cfg.BoolOpt('use_deprecated_auth',
-                default=False,
-                help='This flag must be set to use old style auth'),
     cfg.ListOpt('allowed_roles',
                 default=[
                   'cloudadmin',
@@ -830,7 +827,7 @@ class AuthManager(object):
         rc = open(FLAGS.credentials_template).read()
         # NOTE(vish): Deprecated auth uses an access key, no auth uses a
         #             the user_id in place of it.
-        if FLAGS.use_deprecated_auth:
+        if FLAGS.auth_strategy == 'deprecated':
             access = user.access
         else:
             access = user.id

nova/flags.py

@@ -462,6 +462,10 @@ global_opts = [
     cfg.StrOpt('default_access_ip_network_name',
                default=None,
                help='Name of network to use to set access ips for instances'),
+    cfg.StrOpt('auth_strategy',
+               default='noauth',
+               help='The strategy to use for auth. Supports noauth, keystone, '
+                    'and deprecated.'),
 ]
 
 FLAGS.register_opts(global_opts)

nova/tests/test_auth.py

@@ -155,7 +155,7 @@ class _AuthManagerBaseTestCase(test.TestCase):
                         '/services/Cloud'))
 
     def test_can_get_credentials(self):
-        self.flags(use_deprecated_auth=True)
+        self.flags(auth_strategy='deprecated')
         st = {'access': 'access', 'secret': 'secret'}
         with user_and_project_generator(self.manager, user_state=st) as (u, p):
             credentials = self.manager.get_environment_rc(u, p)