Merge "Surface the user_id and project_id beyond the plugin"

3 files changed, 103 insertions, 19 deletions

diff --git a/keystoneclient/adapter.py b/keystoneclient/adapter.py
index ea0d342..e14ce7d 100644
--- a/keystoneclient/adapter.py
+++ b/keystoneclient/adapter.py
@@ -126,6 +126,40 @@ class Adapter(object):
         """Invalidate an authentication plugin."""
         return self.session.invalidate(auth or self.auth)
 
+    def get_user_id(self, auth=None):
+        """Return the authenticated user_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns: Current `user_id` or None if not supported by plugin.
+        :rtype: string
+        """
+        return self.session.get_user_id(auth or self.auth)
+
+    def get_project_id(self, auth=None):
+        """Return the authenticated project_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns: Current `project_id` or None if not supported by plugin.
+        :rtype: string
+        """
+        return self.session.get_project_id(auth or self.auth)
+
     def get(self, url, **kwargs):
         return self.request(url, 'GET', **kwargs)
 
diff --git a/keystoneclient/session.py b/keystoneclient/session.py
index 1f606e4..0c3edbb 100644
--- a/keystoneclient/session.py
+++ b/keystoneclient/session.py
@@ -549,6 +549,16 @@ class Session(object):
 
         return cls(verify=verify, cert=cert, **kwargs)
 
+    def _auth_required(self, auth, msg):
+        if not auth:
+            auth = self.auth
+
+        if not auth:
+            msg_fmt = _('An auth plugin is required to %s')
+            raise exceptions.MissingAuthPlugin(msg_fmt % msg)
+
+        return auth
+
     def get_token(self, auth=None):
         """Return a token as provided by the auth plugin.
 
@@ -564,11 +574,7 @@ class Session(object):
         :returns: A valid token.
         :rtype: string
         """
-        if not auth:
-            auth = self.auth
-
-        if not auth:
-            raise exceptions.MissingAuthPlugin(_("Token Required"))
+        auth = self._auth_required(auth, 'fetch a token')
 
         try:
             return auth.get_token(self)
@@ -589,14 +595,7 @@ class Session(object):
         :returns: An endpoint if available or None.
         :rtype: string
         """
-        if not auth:
-            auth = self.auth
-
-        if not auth:
-            raise exceptions.MissingAuthPlugin(
-                _('An auth plugin is required to determine the endpoint '
-                  'URL.'))
-
+        auth = self._auth_required(auth, 'determine endpoint URL')
         return auth.get_endpoint(self, **kwargs)
 
     def invalidate(self, auth=None):
@@ -607,14 +606,42 @@ class Session(object):
         :type auth: :py:class:`keystoneclient.auth.base.BaseAuthPlugin`
 
         """
-        if not auth:
-            auth = self.auth
+        auth = self._auth_required(auth, 'validate')
+        return auth.invalidate()
 
-        if not auth:
-            msg = _('Auth plugin not available to invalidate')
-            raise exceptions.MissingAuthPlugin(msg)
+    def get_user_id(self, auth=None):
+        """Return the authenticated user_id as provided by the auth plugin.
 
-        return auth.invalidate()
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns string: Current user_id or None if not supported by plugin.
+        """
+        auth = self._auth_required(auth, 'get user_id')
+        return auth.get_user_id(self)
+
+    def get_project_id(self, auth=None):
+        """Return the authenticated project_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns string: Current project_id or None if not supported by plugin.
+        """
+        auth = self._auth_required(auth, 'get project_id')
+        return auth.get_project_id(self)
 
     @utils.positional.classmethod()
     def get_conf_options(cls, deprecated_opts=None):
diff --git a/keystoneclient/tests/test_session.py b/keystoneclient/tests/test_session.py
index 1b68487..d3d964c 100644
--- a/keystoneclient/tests/test_session.py
+++ b/keystoneclient/tests/test_session.py
@@ -321,6 +321,8 @@ class AuthPlugin(base.BaseAuthPlugin):
     """
 
     TEST_TOKEN = 'aToken'
+    TEST_USER_ID = 'aUser'
+    TEST_PROJECT_ID = 'aProject'
 
     SERVICE_URLS = {
         'identity': {'public': 'http://identity-public:1111/v2.0',
@@ -348,6 +350,12 @@ class AuthPlugin(base.BaseAuthPlugin):
     def invalidate(self):
         return self._invalidate
 
+    def get_user_id(self, session):
+        return self.TEST_USER_ID
+
+    def get_project_id(self, session):
+        return self.TEST_PROJECT_ID
+
 
 class CalledAuthPlugin(base.BaseAuthPlugin):
 
@@ -580,6 +588,13 @@ class SessionAuthTests(utils.TestCase):
         self.assertTrue(auth.get_token_called)
         self.assertFalse(auth.get_endpoint_called)
 
+    def test_user_and_project_id(self):
+        auth = AuthPlugin()
+        sess = client_session.Session(auth=auth)
+
+        self.assertEqual(auth.TEST_USER_ID, sess.get_user_id())
+        self.assertEqual(auth.TEST_PROJECT_ID, sess.get_project_id())
+
 
 class AdapterTest(utils.TestCase):
 
@@ -735,6 +750,14 @@ class AdapterTest(utils.TestCase):
         self.assertThat(self.requests.request_history,
                         matchers.HasLength(retries + 1))
 
+    def test_user_and_project_id(self):
+        auth = AuthPlugin()
+        sess = client_session.Session()
+        adpt = adapter.Adapter(sess, auth=auth)
+
+        self.assertEqual(auth.TEST_USER_ID, adpt.get_user_id())
+        self.assertEqual(auth.TEST_PROJECT_ID, adpt.get_project_id())
+
 
 class ConfLoadingTests(utils.TestCase):