Secret payload should also be fetched by UUIDqueens-em4.6.1

We changed the client to fetch containers and secrets via their UUID
from the API, rather than by HREF, so that the endpoint URLs set in the
keystone client would be respected. Unfortunately, we (I) missed
updating the payload fetch function to do the same. This brings it into
line with the other fetches.

Change-Id: Ic71cf6771563d669a2fa37a56d4b40c637db1511
Story: 2004653
Task: 28608
(cherry picked from commit 4eec7121b39de3849b469c56d85b95520aab7bad)

2 files changed, 11 insertions, 7 deletions

diff --git a/barbicanclient/tests/v1/test_secrets.py b/barbicanclient/tests/v1/test_secrets.py
index a0300a5..748ec61 100644
--- a/barbicanclient/tests/v1/test_secrets.py
+++ b/barbicanclient/tests/v1/test_secrets.py
@@ -371,9 +371,11 @@ class WhenTestingSecrets(test_client.BaseEntityResource):
         # Verify the correct URL was used to make the call.
         self.assertEqual(self.entity_payload_href, m.last_request.url)
 
-    def test_should_decrypt(self):
+    def test_should_decrypt(self, secret_ref=None):
+        secret_ref = secret_ref or self.entity_href
+
         content_types_dict = {'default': 'application/octet-stream'}
-        json = self.secret.get_dict(self.entity_href, content_types_dict)
+        json = self.secret.get_dict(secret_ref, content_types_dict)
         metadata_response = self.responses.get(
             self.entity_href,
             request_headers={'Accept': 'application/json'},
@@ -386,7 +388,7 @@ class WhenTestingSecrets(test_client.BaseEntityResource):
             request_headers=request_headers,
             content=decrypted)
 
-        secret = self.manager.get(secret_ref=self.entity_href)
+        secret = self.manager.get(secret_ref=secret_ref)
         secret_payload = secret.payload
         self.assertEqual(decrypted, secret_payload)
 
@@ -397,6 +399,10 @@ class WhenTestingSecrets(test_client.BaseEntityResource):
         self.assertEqual(self.entity_payload_href,
                          decryption_response.last_request.url)
 
+    def test_should_decrypt_using_stripped_uuid(self):
+        bad_href = "http://badsite.com/" + self.entity_id
+        self.test_should_decrypt(bad_href)
+
     def test_should_delete_from_manager(self, secret_ref=None):
         secret_ref = secret_ref or self.entity_href
 
diff --git a/barbicanclient/v1/secrets.py b/barbicanclient/v1/secrets.py
index 5b0c4a1..a604160 100644
--- a/barbicanclient/v1/secrets.py
+++ b/barbicanclient/v1/secrets.py
@@ -266,10 +266,8 @@ class Secret(SecretFormatter):
                              "content-type.")
         headers = {'Accept': self.payload_content_type}
 
-        if self._secret_ref[-1] != "/":
-            payload_url = self._secret_ref + '/payload'
-        else:
-            payload_url = self._secret_ref + 'payload'
+        uuid_ref = base.calculate_uuid_ref(self._secret_ref, self._entity)
+        payload_url = uuid_ref + '/payload'
         payload = self._api._get_raw(payload_url, headers=headers)
         if self.payload_content_type == u'text/plain':
             self._payload = payload.decode('UTF-8')