3 files changed, 71 insertions, 8 deletions

diff --git a/keystoneclient/contrib/auth/v3/oidc.py b/keystoneclient/contrib/auth/v3/oidc.py
index 6105e06..0c94519 100644
--- a/keystoneclient/contrib/auth/v3/oidc.py
+++ b/keystoneclient/contrib/auth/v3/oidc.py
@@ -87,14 +87,34 @@ class OidcPassword(federated.FederatedBaseAuth):
         """
         super(OidcPassword, self).__init__(auth_url, identity_provider,
                                            protocol)
-        self.username = username
-        self.password = password
+        self._username = username
+        self._password = password
         self.client_id = client_id
         self.client_secret = client_secret
         self.access_token_endpoint = access_token_endpoint
         self.scope = scope
         self.grant_type = grant_type
 
+    @property
+    def username(self):
+        # Override to remove deprecation.
+        return self._username
+
+    @username.setter
+    def username(self, value):
+        # Override to remove deprecation.
+        self._username = value
+
+    @property
+    def password(self):
+        # Override to remove deprecation.
+        return self._password
+
+    @password.setter
+    def password(self, value):
+        # Override to remove deprecation.
+        self._password = value
+
     def get_unscoped_auth_ref(self, session):
         """Authenticate with OpenID Connect and get back claims.
 
diff --git a/keystoneclient/contrib/auth/v3/saml2.py b/keystoneclient/contrib/auth/v3/saml2.py
index f3bb105..fc85f49 100644
--- a/keystoneclient/contrib/auth/v3/saml2.py
+++ b/keystoneclient/contrib/auth/v3/saml2.py
@@ -170,7 +170,27 @@ class Saml2UnscopedToken(_BaseSAMLPlugin):
         super(Saml2UnscopedToken, self).__init__(auth_url=auth_url, **kwargs)
         self.identity_provider = identity_provider
         self.identity_provider_url = identity_provider_url
-        self.username, self.password = username, password
+        self._username, self._password = username, password
+
+    @property
+    def username(self):
+        # Override to remove deprecation.
+        return self._username
+
+    @username.setter
+    def username(self, value):
+        # Override to remove deprecation.
+        self._username = value
+
+    @property
+    def password(self):
+        # Override to remove deprecation.
+        return self._password
+
+    @password.setter
+    def password(self, value):
+        # Override to remove deprecation.
+        self._password = value
 
     def _handle_http_302_ecp_redirect(self, session, response, method,
                                       **kwargs):
@@ -490,7 +510,27 @@ class ADFSUnscopedToken(_BaseSAMLPlugin):
         self.identity_provider = identity_provider
         self.identity_provider_url = identity_provider_url
         self.service_provider_endpoint = service_provider_endpoint
-        self.username, self.password = username, password
+        self._username, self._password = username, password
+
+    @property
+    def username(self):
+        # Override to remove deprecation.
+        return self._username
+
+    @username.setter
+    def username(self, value):
+        # Override to remove deprecation.
+        self._username = value
+
+    @property
+    def password(self):
+        # Override to remove deprecation.
+        return self._password
+
+    @password.setter
+    def password(self, value):
+        # Override to remove deprecation.
+        self._password = value
 
     @classmethod
     def get_options(cls):
diff --git a/keystoneclient/contrib/revoke/model.py b/keystoneclient/contrib/revoke/model.py
index bb62840..5c17680 100644
--- a/keystoneclient/contrib/revoke/model.py
+++ b/keystoneclient/contrib/revoke/model.py
@@ -12,6 +12,9 @@
 
 from oslo_utils import timeutils
 
+from keystoneclient import utils
+
+
 # The set of attributes common between the RevokeEvent
 # and the dictionaries created from the token Data.
 _NAMES = ['trust_id',
@@ -75,11 +78,11 @@ class RevokeEvent(object):
         if self.consumer_id is not None:
             event['OS-OAUTH1:access_token_id'] = self.access_token_id
         if self.expires_at is not None:
-            event['expires_at'] = timeutils.isotime(self.expires_at,
-                                                    subsecond=True)
+            event['expires_at'] = utils.isotime(self.expires_at,
+                                                subsecond=True)
         if self.issued_before is not None:
-            event['issued_before'] = timeutils.isotime(self.issued_before,
-                                                       subsecond=True)
+            event['issued_before'] = utils.isotime(self.issued_before,
+                                                   subsecond=True)
         return event
 
     def key_for_name(self, name):