Remove extraenous instantiations of managers

There were cases where a number of the API managers were being instantiated more than one time. This could cause a number of odd edge cases where the managers would have different configurations and/or different dependency injection results. The managers should now be properly instantiated only once unless explicitly required (e.g. testing the token provider manager raises an exception in badly configured states). Conflicts: keystone/auth/plugins/token.py Closes-Bug: #1294994 Change-Id: I1babb065065cb5b06899f59568020a1c38f1156c (cherry-picked from commit 0a1cb0e20247a3c7856b409452b01ad6db8069f0)
author: Morgan Fainberg <morgan.fainberg@gmail.com> 2014-09-11 15:28:16 -0700
committer: Morgan Fainberg <morgan.fainberg@gmail.com> 2014-09-11 15:28:16 -0700
commit: a391713b6216ad13a1aa6e1e9fbf947923fed433 (patch)
tree: ca7ae991b81921f72f383d586fe9457cf08dd225
parent: 7c2bee76936461043671adc6d100f20775c4212f (diff)
download: keystone-a391713b6216ad13a1aa6e1e9fbf947923fed433.tar.gz
6 files changed, 25 insertions, 44 deletions
diff --git a/keystone/auth/plugins/token.py b/keystone/auth/plugins/token.py
index 6c39b6c7b..a12f3d741 100644
--- a/keystone/auth/plugins/token.py
+++ b/keystone/auth/plugins/token.py
@@ -13,32 +13,30 @@
 # under the License.
 
 from keystone import auth
+from keystone.common import dependency
 from keystone.common import wsgi
 from keystone import exception
 from keystone.openstack.common import log
 from keystone.openstack.common import timeutils
-from keystone.token import provider
 
 
 LOG = log.getLogger(__name__)
 
 
+@dependency.requires('token_provider_api')
 class Token(auth.AuthMethodHandler):
 
     method = 'token'
 
-    def __init__(self):
-        self.provider = provider.Manager()
-
     def authenticate(self, context, auth_payload, user_context):
         try:
             if 'id' not in auth_payload:
                 raise exception.ValidationError(attribute='id',
                                                 target=self.method)
             token_id = auth_payload['id']
-            response = self.provider.validate_token(token_id)
-            #for V3 tokens, the essential data is under  the 'token' value.
-            #For V2, the comparable data was nested under 'access'
+            response = self.token_provider_api.validate_token(token_id)
+            # For V3 tokens, the essential data is under the 'token' value.
+            # For V2, the comparable data was nested under 'access'.
             token_ref = response.get('token', response.get('access'))
 
             #Do not allow tokens used for delegation to
diff --git a/keystone/tests/test_auth.py b/keystone/tests/test_auth.py
index 4d9d9daea..4c2459b07 100644
--- a/keystone/tests/test_auth.py
+++ b/keystone/tests/test_auth.py
@@ -73,9 +73,6 @@ class AuthTest(tests.TestCase):
         self.load_backends()
         self.load_fixtures(default_fixtures)
 
-        # need to register the token provider first because auth controller
-        # depends on it
-        token.provider.Manager()
         self.context_with_remote_user = {'environment':
                                          {'REMOTE_USER': 'FOO',
                                           'AUTH_TYPE': 'Negotiate'}}
@@ -645,7 +642,6 @@ class AuthWithTrust(AuthTest):
     def setUp(self):
         super(AuthWithTrust, self).setUp()
 
-        trust.Manager()
         self.trust_controller = trust.controllers.TrustV3()
         self.auth_v3_controller = auth.controllers.Auth()
         self.trustor = self.user_foo
diff --git a/keystone/tests/test_auth_plugin.py b/keystone/tests/test_auth_plugin.py
index 98040f73a..698210c82 100644
--- a/keystone/tests/test_auth_plugin.py
+++ b/keystone/tests/test_auth_plugin.py
@@ -18,7 +18,6 @@ from keystone import auth
 from keystone.common import config
 from keystone import exception
 from keystone import tests
-from keystone import token
 
 
 # for testing purposes only
@@ -59,10 +58,6 @@ class TestAuthPlugin(tests.SQLDriverOverrides, tests.TestCase):
         super(TestAuthPlugin, self).setUp()
         self.load_backends()
 
-        # need to register the token provider first because auth controller
-        # depends on it
-        token.provider.Manager()
-
         self.api = auth.controllers.Auth()
 
     def config_files(self):
diff --git a/keystone/tests/test_sql_upgrade.py b/keystone/tests/test_sql_upgrade.py
index ddcab070d..bcee7e33f 100644
--- a/keystone/tests/test_sql_upgrade.py
+++ b/keystone/tests/test_sql_upgrade.py
@@ -43,7 +43,6 @@ from keystone.common.sql import migration_helpers
 from keystone.common import utils
 from keystone import config
 from keystone.contrib import federation
-from keystone import credential
 from keystone import exception
 from keystone.openstack.common.db import exception as db_exception
 from keystone.openstack.common.db.sqlalchemy import migration
@@ -1406,11 +1405,9 @@ class SqlUpgradeTests(SqlMigrateBase):
             id=expected_credential_id).one()
         self.assertEqual(cred.user_id, ec2_credential['user_id'])
         self.assertEqual(cred.project_id, ec2_credential['tenant_id'])
-        # test list credential using credential manager.
-        credential_api = credential.Manager()
-        self.assertNotEmpty(credential_api.
-                            list_credentials(
-                                user_id=ec2_credential['user_id']))
+        credential_list = session.query(cred_table).filter_by(
+            user_id=ec2_credential['user_id']).all()
+        self.assertNotEmpty(credential_list)
         self.downgrade(32)
         session.commit()
         self.assertTableExists('ec2_credential')
diff --git a/keystone/tests/test_token_provider.py b/keystone/tests/test_token_provider.py
index 926c09dd4..a017f985c 100644
--- a/keystone/tests/test_token_provider.py
+++ b/keystone/tests/test_token_provider.py
@@ -729,22 +729,12 @@ class TestTokenProvider(tests.TestCase):
         self.config_fixture.config(group='signing', token_format='UUID')
         self.config_fixture.config(group='token',
                                    provider=token.provider.PKI_PROVIDER)
-        try:
-            token.provider.Manager()
-            raise Exception(
-                'expecting ValueError on token provider misconfiguration')
-        except exception.UnexpectedError:
-            pass
+        self.assertRaises(exception.UnexpectedError, token.provider.Manager)
 
         self.config_fixture.config(group='signing', token_format='PKI')
         self.config_fixture.config(group='token',
                                    provider=token.provider.UUID_PROVIDER)
-        try:
-            token.provider.Manager()
-            raise Exception(
-                'expecting ValueError on token provider misconfiguration')
-        except exception.UnexpectedError:
-            pass
+        self.assertRaises(exception.UnexpectedError, token.provider.Manager)
 
         # should be OK as token_format and provider aligns
         self.config_fixture.config(group='signing', token_format='PKI')
@@ -828,14 +818,22 @@ class TestTokenProvider(tests.TestCase):
             None,
             self.token_provider_api._is_valid_token(create_v3_token()))
 
-    def test_uuid_provider_no_oauth_fails_oauth(self):
-        self.load_fixtures(default_fixtures)
+
+class TestTokenProviderOAuth1(tests.TestCase):
+    def setUp(self):
+        super(TestTokenProviderOAuth1, self).setUp()
+        self.load_backends()
+
+    def config_overrides(self):
+        super(TestTokenProviderOAuth1, self).config_overrides()
         self.config_fixture.config(group='token',
                                    provider=token.provider.UUID_PROVIDER)
-        driver = token.provider.Manager().driver
-        driver.oauth_api = None
+
+    def test_uuid_provider_no_oauth_fails_oauth(self):
+        self.load_fixtures(default_fixtures)
+        self.token_provider_api.driver.oauth_api = None
         self.assertRaises(exception.Forbidden,
-                          driver.issue_v3_token,
+                          self.token_provider_api.driver.issue_v3_token,
                           self.user_foo['id'], ['oauth1'])
 
 
diff --git a/keystone/token/providers/common.py b/keystone/token/providers/common.py
index 8df228807..10b01aa18 100644
--- a/keystone/token/providers/common.py
+++ b/keystone/token/providers/common.py
@@ -25,7 +25,6 @@ from keystone import exception
 from keystone.openstack.common.gettextutils import _
 from keystone import token
 from keystone.token import provider
-from keystone import trust
 
 
 from keystone.openstack.common import log
@@ -136,8 +135,8 @@ class V2TokenDataHelper(object):
 class V3TokenDataHelper(object):
     """Token data helper."""
     def __init__(self):
-        if CONF.trust.enabled:
-            self.trust_api = trust.Manager()
+        # Keep __init__ around to ensure dependency injection works.
+        super(V3TokenDataHelper, self).__init__()
 
     def _get_filtered_domain(self, domain_id):
         domain_ref = self.assignment_api.get_domain(domain_id)
@@ -364,8 +363,6 @@ class V3TokenDataHelper(object):
 class BaseProvider(provider.Provider):
     def __init__(self, *args, **kwargs):
         super(BaseProvider, self).__init__(*args, **kwargs)
-        if CONF.trust.enabled:
-            self.trust_api = trust.Manager()
         self.v3_token_data_helper = V3TokenDataHelper()
         self.v2_token_data_helper = V2TokenDataHelper()
author	Morgan Fainberg <morgan.fainberg@gmail.com>	2014-09-11 15:28:16 -0700
committer	Morgan Fainberg <morgan.fainberg@gmail.com>	2014-09-11 15:28:16 -0700
commit	a391713b6216ad13a1aa6e1e9fbf947923fed433 (patch)
tree	ca7ae991b81921f72f383d586fe9457cf08dd225
parent	7c2bee76936461043671adc6d100f20775c4212f (diff)
download	keystone-a391713b6216ad13a1aa6e1e9fbf947923fed433.tar.gz