Remove APIKey authentication from openstack/.
diff --git a/openstack/identity/v2/tokens/errors.go b/openstack/identity/v2/tokens/errors.go
index 244db1b..3a9172e 100644
--- a/openstack/identity/v2/tokens/errors.go
+++ b/openstack/identity/v2/tokens/errors.go
@@ -9,6 +9,9 @@
// ErrUserIDProvided is returned if you attempt to authenticate with a UserID.
ErrUserIDProvided = unacceptedAttributeErr("UserID")
+ // ErrAPIKeyProvided is returned if you attempt to authenticate with an APIKey.
+ ErrAPIKeyProvided = unacceptedAttributeErr("APIKey")
+
// ErrDomainIDProvided is returned if you attempt to authenticate with a DomainID.
ErrDomainIDProvided = unacceptedAttributeErr("DomainID")
@@ -18,8 +21,8 @@
// ErrUsernameRequired is returned if you attempt ot authenticate without a Username.
ErrUsernameRequired = errors.New("You must supply a Username in your AuthOptions.")
- // ErrPasswordOrAPIKey is returned if you provide both a password and an API key.
- ErrPasswordOrAPIKey = errors.New("Please supply exactly one of Password or APIKey in your AuthOptions.")
+ // ErrPasswordRequired is returned if you don't provide a password.
+ ErrPasswordRequired = errors.New("Please supply a Password in your AuthOptions.")
)
func unacceptedAttributeErr(attribute string) error {
diff --git a/openstack/identity/v2/tokens/requests.go b/openstack/identity/v2/tokens/requests.go
index 5bd5a70..346a149 100644
--- a/openstack/identity/v2/tokens/requests.go
+++ b/openstack/identity/v2/tokens/requests.go
@@ -15,15 +15,9 @@
Password string `json:"password"`
}
- type apiKeyCredentials struct {
- Username string `json:"username"`
- APIKey string `json:"apiKey"`
- }
-
var request struct {
Auth struct {
- PasswordCredentials *passwordCredentials `json:"passwordCredentials,omitempty"`
- APIKeyCredentials *apiKeyCredentials `json:"RAX-KSKEY:apiKeyCredentials,omitempty"`
+ PasswordCredentials *passwordCredentials `json:"passwordCredentials"`
TenantID string `json:"tenantId,omitempty"`
TenantName string `json:"tenantName,omitempty"`
} `json:"auth"`
@@ -33,6 +27,9 @@
if auth.UserID != "" {
return createErr(ErrUserIDProvided)
}
+ if auth.APIKey != "" {
+ return createErr(ErrAPIKeyProvided)
+ }
if auth.DomainID != "" {
return createErr(ErrDomainIDProvided)
}
@@ -40,38 +37,24 @@
return createErr(ErrDomainNameProvided)
}
- // Username is always required.
+ // Username and Password are always required.
if auth.Username == "" {
return createErr(ErrUsernameRequired)
}
-
- // Populate either PasswordCredentials or APIKeyCredentials
- if auth.Password != "" {
- if auth.APIKey != "" {
- return createErr(ErrPasswordOrAPIKey)
- }
-
- // Username + Password
- request.Auth.PasswordCredentials = &passwordCredentials{
- Username: auth.Username,
- Password: auth.Password,
- }
- } else if auth.APIKey != "" {
- // API key authentication.
- request.Auth.APIKeyCredentials = &apiKeyCredentials{
- Username: auth.Username,
- APIKey: auth.APIKey,
- }
- } else {
- return createErr(ErrPasswordOrAPIKey)
+ if auth.Password == "" {
+ return createErr(ErrPasswordRequired)
}
- // Populate the TenantName or TenantID, if provided.
+ // Populate the request.
+ request.Auth.PasswordCredentials = &passwordCredentials{
+ Username: auth.Username,
+ Password: auth.Password,
+ }
request.Auth.TenantID = auth.TenantID
request.Auth.TenantName = auth.TenantName
var result CreateResult
- _, result.Err = perigee.Request("POST", listURL(client), perigee.Options{
+ _, result.Err = perigee.Request("POST", CreateURL(client), perigee.Options{
ReqBody: &request,
Results: &result.Resp,
OkCodes: []int{200, 203},
diff --git a/openstack/identity/v2/tokens/requests_test.go b/openstack/identity/v2/tokens/requests_test.go
index 0e6269f..3b8e643 100644
--- a/openstack/identity/v2/tokens/requests_test.go
+++ b/openstack/identity/v2/tokens/requests_test.go
@@ -159,24 +159,6 @@
`))
}
-func TestCreateTokenWithAPIKey(t *testing.T) {
- options := gophercloud.AuthOptions{
- Username: "me",
- APIKey: "1234567890abcdef",
- }
-
- isSuccessful(t, tokenPost(t, options, `
- {
- "auth": {
- "RAX-KSKEY:apiKeyCredentials": {
- "username": "me",
- "apiKey": "1234567890abcdef"
- }
- }
- }
- `))
-}
-
func TestCreateTokenWithTenantID(t *testing.T) {
options := gophercloud.AuthOptions{
Username: "me",
@@ -226,6 +208,15 @@
tokenPostErr(t, options, ErrUserIDProvided)
}
+func TestProhibitAPIKey(t *testing.T) {
+ options := gophercloud.AuthOptions{
+ Username: "me",
+ Password: "thing",
+ APIKey: "123412341234",
+ }
+ tokenPostErr(t, options, ErrAPIKeyProvided)
+}
+
func TestProhibitDomainID(t *testing.T) {
options := gophercloud.AuthOptions{
Username: "me",
@@ -251,18 +242,9 @@
tokenPostErr(t, options, ErrUsernameRequired)
}
-func TestProhibitBothPasswordAndAPIKey(t *testing.T) {
- options := gophercloud.AuthOptions{
- Username: "me",
- Password: "thing",
- APIKey: "123412341234",
- }
- tokenPostErr(t, options, ErrPasswordOrAPIKey)
-}
-
-func TestRequirePasswordOrAPIKey(t *testing.T) {
+func TestRequirePassword(t *testing.T) {
options := gophercloud.AuthOptions{
Username: "me",
}
- tokenPostErr(t, options, ErrPasswordOrAPIKey)
+ tokenPostErr(t, options, ErrPasswordRequired)
}