Switch to keystoneauth

This patch migrates designateclient to using keystoneauth Session
instead of deprecated keystoneclient's Session and plugins.

Also, this patch removes the old designateclient.auth module as it is
not used anywhere else in the code base and its purpose is overridden by
the fact that keystoneauth acts as an abstraction layer for
authentication (handling requests and reauthentication internally).

Change-Id: Ic3cc0fbb76977a04bab322ebcb1c818e75646772

8 files changed, 12 insertions, 107 deletions

diff --git a/designateclient/auth.py b/designateclient/auth.py
deleted file mode 100644
index 623a7a6..0000000
--- a/designateclient/auth.py
+++ /dev/null
@@ -1,95 +0,0 @@
-# Copyright 2012 Managed I.T.
-#
-# Author: Kiall Mac Innes <kiall@managedit.ie>
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from keystoneclient.v2_0.client import Client
-from requests.auth import AuthBase
-from six.moves.urllib.parse import urlparse
-
-
-class KeystoneAuth(AuthBase):
-    def __init__(self, auth_url, username=None, password=None, tenant_id=None,
-                 tenant_name=None, token=None, service_type=None,
-                 endpoint_type=None, region_name=None, sudo_tenant_id=None):
-        self.auth_url = str(auth_url).rstrip('/')
-        self.username = username
-        self.password = password
-        self.tenant_id = tenant_id
-        self.tenant_name = tenant_name
-        self.token = token
-        self.sudo_tenant_id = sudo_tenant_id
-
-        if (not username and not password) and not token:
-            raise ValueError('A username and password, or token is required')
-
-        if not service_type or not endpoint_type:
-            raise ValueError("Need service_type and/or endpoint_type")
-
-        self.service_type = service_type
-        self.endpoint_type = endpoint_type
-        self.region_name = region_name
-
-        self.refresh_auth()
-
-    def __call__(self, request):
-        if not self.token:
-            self.refresh_auth()
-
-        request.headers['X-Auth-Token'] = self.token
-
-        if self.sudo_tenant_id:
-            request.headers['X-Designate-Sudo-Tenant-ID'] = self.sudo_tenant_id
-
-        return request
-
-    def get_ksclient(self):
-        insecure = urlparse(self.auth_url).scheme != 'https'
-
-        return Client(username=self.username,
-                      password=self.password,
-                      tenant_id=self.tenant_id,
-                      tenant_name=self.tenant_name,
-                      auth_url=self.auth_url,
-                      insecure=insecure)
-
-    def get_endpoints(self, service_type=None, endpoint_type=None,
-                      region_name=None):
-        return self.service_catalog.get_endpoints(
-            service_type=service_type,
-            endpoint_type=endpoint_type,
-            region_name=region_name)
-
-    def get_url(self, service_type=None, endpoint_type=None, region_name=None):
-        service_type = service_type or self.service_type
-        endpoint_type = endpoint_type or self.endpoint_type
-        region_name = region_name or self.region_name
-
-        endpoints = self.get_endpoints(service_type, endpoint_type,
-                                       region_name)
-
-        url = endpoints[service_type][0][endpoint_type]
-
-        # NOTE(kiall): The Version 1 API is the only API that has ever included
-        #              the version number in the endpoint. Thus, it's safe to
-        #              simply remove it if present.
-        url = url.rstrip('/')
-        if url.endswith('/v1'):
-            url = url[:-3]
-        return url
-
-    def refresh_auth(self):
-        ks = self.get_ksclient()
-        self.token = ks.auth_token
-        self.service_catalog = ks.service_catalog
diff --git a/designateclient/cli/base.py b/designateclient/cli/base.py
index 3cebb2f..bf5a894 100644
--- a/designateclient/cli/base.py
+++ b/designateclient/cli/base.py
@@ -18,7 +18,7 @@ import abc
 from cliff.command import Command as CliffCommand
 from cliff.lister import Lister
 from cliff.show import ShowOne
-from keystoneclient import exceptions as ks_exceptions
+from keystoneauth1 import exceptions as ks_exceptions
 import six
 
 from designateclient import exceptions
diff --git a/designateclient/tests/base.py b/designateclient/tests/base.py
index c0f923c..34f0c7b 100644
--- a/designateclient/tests/base.py
+++ b/designateclient/tests/base.py
@@ -18,7 +18,7 @@ import json as json_
 import os
 
 import fixtures
-from keystoneclient import session as keystone_session
+from keystoneauth1 import session as keystone_session
 from oslotest import base as test
 from requests_mock.contrib import fixture as req_fixture
 import six
diff --git a/designateclient/tests/test_v1/test_client.py b/designateclient/tests/test_v1/test_client.py
index 0cf45b2..f46f64d 100644
--- a/designateclient/tests/test_v1/test_client.py
+++ b/designateclient/tests/test_v1/test_client.py
@@ -18,7 +18,7 @@ from designateclient.tests import test_v1
 from designateclient import utils
 from designateclient import v1
 
-from keystoneclient import session as keystone_session
+from keystoneauth1 import session as keystone_session
 
 
 class TestClient(test_v1.APIV1TestCase):
diff --git a/designateclient/tests/v2/test_client.py b/designateclient/tests/v2/test_client.py
index aa2526f..e3ae683 100644
--- a/designateclient/tests/v2/test_client.py
+++ b/designateclient/tests/v2/test_client.py
@@ -14,8 +14,8 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-from keystoneclient import adapter
-from keystoneclient import session as keystone_session
+from keystoneauth1 import adapter
+from keystoneauth1 import session as keystone_session
 
 from designateclient.tests.base import TestCase
 from designateclient.v2.client import Client
diff --git a/designateclient/tests/v2/test_timeout.py b/designateclient/tests/v2/test_timeout.py
index ab8c3ff..446841c 100644
--- a/designateclient/tests/v2/test_timeout.py
+++ b/designateclient/tests/v2/test_timeout.py
@@ -14,8 +14,8 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-from keystoneclient.auth.identity import generic
-from keystoneclient import session as keystone_session
+from keystoneauth1.identity import generic
+from keystoneauth1 import session as keystone_session
 from mock import Mock
 
 from designateclient.tests import v2
diff --git a/designateclient/utils.py b/designateclient/utils.py
index 1576b9f..b7bccf3 100644
--- a/designateclient/utils.py
+++ b/designateclient/utils.py
@@ -19,10 +19,10 @@ import os
 import uuid
 
 from debtcollector import removals
-from keystoneclient import adapter
-from keystoneclient.auth.identity import generic
-from keystoneclient.auth import token_endpoint
-from keystoneclient import session as ks_session
+from keystoneauth1 import adapter
+from keystoneauth1.identity import generic
+from keystoneauth1 import session as ks_session
+from keystoneauth1 import token_endpoint
 import pkg_resources
 import six
 
diff --git a/designateclient/v2/client.py b/designateclient/v2/client.py
index 911b6ef..df8aebb 100644
--- a/designateclient/v2/client.py
+++ b/designateclient/v2/client.py
@@ -13,7 +13,7 @@
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.
-from keystoneclient import adapter
+from keystoneauth1 import adapter
 
 from designateclient import exceptions
 from designateclient.v2.blacklists import BlacklistController