From 30a7147db6bb710a47f13ba2888b2f6e9520f3f2 Mon Sep 17 00:00:00 2001
From: rahu3180 <rahul.bardia@rackspace.com>
Date: Wed, 5 Dec 2018 04:57:23 -0800
Subject: [PATCH] change otter to not use identity API v1.1

otter uses an identity v1.1 API. They will remove
this on Mar 4, 2019.

Currently v1.1 API version is used to make query for main user
for the tenant.

JIRA => AS-546
URL  => https://jira.rax.io/browse/AS-546
---
 otter/auth.py           | 18 +++++++++---------
 otter/test/test_auth.py | 21 +++++++++++----------
 2 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/otter/auth.py b/otter/auth.py
index 720b9a8d3..0e964d55a 100644
--- a/otter/auth.py
+++ b/otter/auth.py
@@ -261,10 +261,10 @@ def authenticate_tenant(self, tenant_id, log=None):
         see :meth:`IAuthenticator.authenticate_tenant`
         """
         auth = partial(self._auth_me, log=log)
-
+        # Update the user_for_tenant function to
+        #  use v2.0 API version only
         d = user_for_tenant(self._admin_url,
-                            self._identity_admin_user,
-                            self._identity_admin_password,
+                            self._token,
                             tenant_id, log=log)
 
         def impersonate(user):
@@ -371,7 +371,7 @@ def endpoints_for_token(auth_endpoint, identity_admin_token, user_token,
     return d
 
 
-def user_for_tenant(auth_endpoint, username, password, tenant_id, log=None):
+def user_for_tenant(auth_endpoint, token, tenant_id, log=None):
     """
     Use a super secret API to get the special actual username for a tenant id.
 
@@ -383,14 +383,14 @@ def user_for_tenant(auth_endpoint, username, password, tenant_id, log=None):
     :return: Username of the magical identity:user-admin user for the tenantid.
     """
     d = treq.get(
-        append_segments(auth_endpoint.replace('v2.0', 'v1.1'), 'mosso', str(tenant_id)),
-        auth=(username, password),
+        append_segments(auth_endpoint, 'users'),
+        headers=headers(token),
         allow_redirects=False,
         log=log)
-    d.addCallback(check_success, [301])
-    d.addErrback(wrap_upstream_error, 'identity', 'mosso', auth_endpoint)
+    d.addCallback(check_success, [200, 203])
+    d.addErrback(wrap_upstream_error, 'identity', 'users', auth_endpoint)
     d.addCallback(treq.json_content)
-    d.addCallback(lambda user: user['user']['id'])
+    d.addCallback(lambda user: user['users'][0]['username'])
     return d
 
 
diff --git a/otter/test/test_auth.py b/otter/test/test_auth.py
index e80dbfe5c..9c41126c9 100644
--- a/otter/test/test_auth.py
+++ b/otter/test/test_auth.py
@@ -36,7 +36,7 @@
 )
 from otter.effect_dispatcher import get_simple_dispatcher
 from otter.test.utils import SameJSON, iMock, mock_log, patch
-from otter.util.http import APIError, UpstreamError
+from otter.util.http import APIError, UpstreamError, headers
 
 
 expected_headers = {'accept': ['application/json'],
@@ -299,18 +299,18 @@ def test_user_for_tenant(self):
         the list of users for a given tenant.
         """
         response = mock.Mock(code=200)
-        response_body = {'user': {'id': 'ausername'}}
+        response_body = {'users': [{'username': 'ausername'}]}
         self.treq.json_content.return_value = succeed(response_body)
         self.treq.get.return_value = succeed(response)
 
-        d = user_for_tenant('http://identity/v2.0', 'username', 'password',
+        d = user_for_tenant('http://identity/v2.0', 'auth-token',
                             111111, log=self.log)
 
         self.assertEqual(self.successResultOf(d), 'ausername')
 
         self.treq.get.assert_called_once_with(
-            'http://identity/v1.1/mosso/111111',
-            auth=('username', 'password'),
+            'http://identity/v2.0/users',
+            headers=headers('auth-token'),
             allow_redirects=False, log=self.log)
 
     def test_user_for_tenant_propagates_errors(self):
@@ -453,6 +453,7 @@ def setUp(self):
         self.admin_url = 'http://identity_admin/v2.0'
         self.user = 'service_user'
         self.password = 'service_password'
+        self.token = 'auth-token'
         self.ia = ImpersonatingAuthenticator(self.user, self.password,
                                              self.url, self.admin_url)
         self.log = mock.Mock()
@@ -508,16 +509,16 @@ def test_authenticate_tenant_gets_user_for_specified_tenant(self):
         endpoint.
         """
         self.successResultOf(self.ia.authenticate_tenant(111111))
-        self.user_for_tenant.assert_called_once_with(self.admin_url, self.user,
-                                                     self.password, 111111,
+        self.user_for_tenant.assert_called_once_with(self.admin_url,
+                                                     None,
+                                                     111111,
                                                      log=None)
-
         self.user_for_tenant.reset_mock()
 
         self.successResultOf(self.ia.authenticate_tenant(111111, log=self.log))
 
-        self.user_for_tenant.assert_called_once_with(self.admin_url, self.user,
-                                                     self.password, 111111,
+        self.user_for_tenant.assert_called_once_with(self.admin_url,
+                                                     None, 111111,
                                                      log=self.log)
 
     def test_authenticate_tenant_impersonates_first_user(self):