tmp commit, auth unit tests broken
diff --git a/auth_options.go b/auth_options.go
index 46e55f9..0b4a02b 100644
--- a/auth_options.go
+++ b/auth_options.go
@@ -74,278 +74,223 @@
if err != nil {
return nil, err
}
- /*
- if opts.TokenID == "" {
- delete(b["auth"].(map[string]interface{}), "token")
- return b, nil
- }
-
- delete(b["auth"].(map[string]interface{}), "passwordCredentials")*/
return b, nil
}
func (opts AuthOptions) ToTokenV3CreateMap(scope *ScopeOptsV3) (map[string]interface{}, error) {
- /*
- type domainReq struct {
- ID *string `json:"id,omitempty"`
- Name *string `json:"name,omitempty"`
- }
+ type domainReq struct {
+ ID *string `json:"id,omitempty"`
+ Name *string `json:"name,omitempty"`
+ }
- type projectReq struct {
- Domain *domainReq `json:"domain,omitempty"`
- Name *string `json:"name,omitempty"`
- ID *string `json:"id,omitempty"`
- }
+ type projectReq struct {
+ Domain *domainReq `json:"domain,omitempty"`
+ Name *string `json:"name,omitempty"`
+ ID *string `json:"id,omitempty"`
+ }
- type userReq struct {
- ID *string `json:"id,omitempty"`
- Name *string `json:"name,omitempty"`
- Password string `json:"password"`
- Domain *domainReq `json:"domain,omitempty"`
- }
+ type userReq struct {
+ ID *string `json:"id,omitempty"`
+ Name *string `json:"name,omitempty"`
+ Password string `json:"password"`
+ Domain *domainReq `json:"domain,omitempty"`
+ }
- type passwordReq struct {
- User userReq `json:"user"`
- }
+ type passwordReq struct {
+ User userReq `json:"user"`
+ }
- type tokenReq struct {
- ID string `json:"id"`
- }
+ type tokenReq struct {
+ ID string `json:"id"`
+ }
- type identityReq struct {
- Methods []string `json:"methods"`
- Password *passwordReq `json:"password,omitempty"`
- Token *tokenReq `json:"token,omitempty"`
- }
+ type identityReq struct {
+ Methods []string `json:"methods"`
+ Password *passwordReq `json:"password,omitempty"`
+ Token *tokenReq `json:"token,omitempty"`
+ }
- type scopeReq struct {
- Domain *domainReq `json:"domain,omitempty"`
- Project *projectReq `json:"project,omitempty"`
- }
+ type scopeReq struct {
+ Domain *domainReq `json:"domain,omitempty"`
+ Project *projectReq `json:"project,omitempty"`
+ }
- type authReq struct {
- Identity identityReq `json:"identity"`
- Scope *scopeReq `json:"scope,omitempty"`
- }
+ type authReq struct {
+ Identity identityReq `json:"identity"`
+ Scope *scopeReq `json:"scope,omitempty"`
+ }
- type request struct {
- Auth authReq `json:"auth"`
- }
+ type request struct {
+ Auth authReq `json:"auth"`
+ }
- // Populate the request structure based on the provided arguments. Create and return an error
- // if insufficient or incompatible information is present.
- var req request
+ // Populate the request structure based on the provided arguments. Create and return an error
+ // if insufficient or incompatible information is present.
+ var (
+ req request
+ err = ErrInvalidInput{}
+ )
- // Test first for unrecognized arguments.
- if options.APIKey != "" {
- return createErr(ErrAPIKeyProvided)
- }
- if options.TenantID != "" {
- return createErr(ErrTenantIDProvided)
- }
- if options.TenantName != "" {
- return createErr(ErrTenantNameProvided)
- }
+ if opts.Password == "" {
+ if opts.TokenID != "" {
+ // Because we aren't using password authentication, it's an error to also provide any of the user-based authentication
+ // parameters.
+ if opts.Username != "" {
+ err.Info = "You may not provide a username when using token-based authentication."
+ return nil, err
+ //return createErr(ErrUsernameWithToken)
+ }
+ if opts.UserID != "" {
+ err.Info = "You may not provide a user ID when using token-based authentication."
+ return nil, err
+ }
+ if opts.DomainID != "" {
+ err.Info = "You may not provide a domain ID when using token-based authentication."
+ return nil, err
+ }
+ if opts.DomainName != "" {
+ err.Info = "You may not provide a domain name when using token-based authentication."
+ return nil, err
+ }
- if options.Password == "" {
- if c.TokenID != "" {
- // Because we aren't using password authentication, it's an error to also provide any of the user-based authentication
- // parameters.
- if options.Username != "" {
- return createErr(ErrUsernameWithToken)
- }
- if options.UserID != "" {
- return createErr(ErrUserIDWithToken)
- }
- if options.DomainID != "" {
- return createErr(ErrDomainIDWithToken)
- }
- if options.DomainName != "" {
- return createErr(ErrDomainNameWithToken)
- }
-
- // Configure the request for Token authentication.
- req.Auth.Identity.Methods = []string{"token"}
- req.Auth.Identity.Token = &tokenReq{
- ID: c.TokenID,
- }
- } else {
- // If no password or token ID are available, authentication can't continue.
- return createErr(ErrMissingPassword)
+ // Configure the request for Token authentication.
+ req.Auth.Identity.Methods = []string{"token"}
+ req.Auth.Identity.Token = &tokenReq{
+ ID: opts.TokenID,
}
} else {
- // Password authentication.
- req.Auth.Identity.Methods = []string{"password"}
-
- // At least one of Username and UserID must be specified.
- if options.Username == "" && options.UserID == "" {
- return createErr(ErrUsernameOrUserID)
- }
-
- if options.Username != "" {
- // If Username is provided, UserID may not be provided.
- if options.UserID != "" {
- return createErr(ErrUsernameOrUserID)
- }
-
- // Either DomainID or DomainName must also be specified.
- if options.DomainID == "" && options.DomainName == "" {
- return createErr(ErrDomainIDOrDomainName)
- }
-
- if options.DomainID != "" {
- if options.DomainName != "" {
- return createErr(ErrDomainIDOrDomainName)
- }
-
- // Configure the request for Username and Password authentication with a DomainID.
- req.Auth.Identity.Password = &passwordReq{
- User: userReq{
- Name: &options.Username,
- Password: options.Password,
- Domain: &domainReq{ID: &options.DomainID},
- },
- }
- }
-
- if options.DomainName != "" {
- // Configure the request for Username and Password authentication with a DomainName.
- req.Auth.Identity.Password = &passwordReq{
- User: userReq{
- Name: &options.Username,
- Password: options.Password,
- Domain: &domainReq{Name: &options.DomainName},
- },
- }
- }
- }
-
- if options.UserID != "" {
- // If UserID is specified, neither DomainID nor DomainName may be.
- if options.DomainID != "" {
- return createErr(ErrDomainIDWithUserID)
- }
- if options.DomainName != "" {
- return createErr(ErrDomainNameWithUserID)
- }
-
- // Configure the request for UserID and Password authentication.
- req.Auth.Identity.Password = &passwordReq{
- User: userReq{ID: &options.UserID, Password: options.Password},
- }
- }
+ // If no password or token ID are available, authentication can't continue.
+ err.Info = "You must provide either a password or a token."
+ return nil, err
}
-
- // Add a "scope" element if a Scope has been provided.
- if scope != nil {
- if scope.ProjectName != "" {
- // ProjectName provided: either DomainID or DomainName must also be supplied.
- // ProjectID may not be supplied.
- if scope.DomainID == "" && scope.DomainName == "" {
- return createErr(ErrScopeDomainIDOrDomainName)
- }
- if scope.ProjectID != "" {
- return createErr(ErrScopeProjectIDOrProjectName)
- }
-
- if scope.DomainID != "" {
- // ProjectName + DomainID
- req.Auth.Scope = &scopeReq{
- Project: &projectReq{
- Name: &scope.ProjectName,
- Domain: &domainReq{ID: &scope.DomainID},
- },
- }
- }
-
- if scope.DomainName != "" {
- // ProjectName + DomainName
- req.Auth.Scope = &scopeReq{
- Project: &projectReq{
- Name: &scope.ProjectName,
- Domain: &domainReq{Name: &scope.DomainName},
- },
- }
- }
- } else if scope.ProjectID != "" {
- // ProjectID provided. ProjectName, DomainID, and DomainName may not be provided.
- if scope.DomainID != "" {
- return createErr(ErrScopeProjectIDAlone)
- }
- if scope.DomainName != "" {
- return createErr(ErrScopeProjectIDAlone)
- }
-
- // ProjectID
- req.Auth.Scope = &scopeReq{
- Project: &projectReq{ID: &scope.ProjectID},
- }
- } else if scope.DomainID != "" {
- // DomainID provided. ProjectID, ProjectName, and DomainName may not be provided.
- if scope.DomainName != "" {
- return createErr(ErrScopeDomainIDOrDomainName)
- }
-
- // DomainID
- req.Auth.Scope = &scopeReq{
- Domain: &domainReq{ID: &scope.DomainID},
- }
- } else if scope.DomainName != "" {
- return createErr(ErrScopeDomainName)
- } else {
- return createErr(ErrScopeEmpty)
- }
- }
- */
-
- var methods []string
- if opts.TokenID != "" {
- methods = []string{"token"}
} else {
- methods = []string{"password"}
- }
+ // Password authentication.
+ req.Auth.Identity.Methods = []string{"password"}
- v3Opts := AuthOptionsV3{
- Identity: &IdentityCredentialsV3{
- Methods: methods,
- PasswordCredentials: &PasswordCredentialsV3{
- User: &UserV3{
- ID: opts.UserID,
- Name: opts.Username,
- Password: opts.Password,
- Domain: &DomainV3{
- ID: opts.DomainID,
- Name: opts.DomainName,
+ // At least one of Username and UserID must be specified.
+ if opts.Username == "" && opts.UserID == "" {
+ err.Info = "You may not provide a username when using token-based authentication."
+ return nil, err
+ }
+
+ if opts.Username != "" {
+ // If Username is provided, UserID may not be provided.
+ if opts.UserID != "" {
+ err.Info = "One and only one of username and user ID may be provided for password-based authentication."
+ return nil, err
+ //return createErr(ErrUsernameOrUserID)
+ }
+
+ // Either DomainID or DomainName must also be specified.
+ if opts.DomainID == "" && opts.DomainName == "" {
+ err.Info = "You must provide exactly one of DomainID or DomainName to authenticate by Username"
+ return nil, err
+ //return createErr(ErrDomainIDOrDomainName)
+ }
+
+ if opts.DomainID != "" {
+ if opts.DomainName != "" {
+ err.Info = "You must provide exactly one of DomainID or DomainName to authenticate by Username"
+ return nil, err
+ //return createErr(ErrDomainIDOrDomainName)
+ }
+
+ // Configure the request for Username and Password authentication with a DomainID.
+ req.Auth.Identity.Password = &passwordReq{
+ User: userReq{
+ Name: &opts.Username,
+ Password: opts.Password,
+ Domain: &domainReq{ID: &opts.DomainID},
},
- },
- },
- TokenCredentials: &TokenCredentialsV3{
- ID: opts.TokenID,
- },
- },
- }
+ }
+ }
- if scope != nil {
- v3Opts.Scope = &ScopeV3{
- Domain: &ScopeDomainV3{
- ID: scope.DomainID,
- Name: scope.DomainName,
- },
- Project: &ScopeProjectV3{
- Domain: &ScopeProjectDomainV3{
- ID: scope.DomainID,
- Name: scope.DomainName,
- },
- ID: scope.ProjectID,
- Name: scope.ProjectName,
- },
+ if opts.DomainName != "" {
+ // Configure the request for Username and Password authentication with a DomainName.
+ req.Auth.Identity.Password = &passwordReq{
+ User: userReq{
+ Name: &opts.Username,
+ Password: opts.Password,
+ Domain: &domainReq{Name: &opts.DomainName},
+ },
+ }
+ }
+ }
+
+ if opts.UserID != "" {
+ // If UserID is specified, neither DomainID nor DomainName may be.
+ if opts.DomainID != "" {
+ return createErr(ErrDomainIDWithUserID)
+ }
+ if opts.DomainName != "" {
+ return createErr(ErrDomainNameWithUserID)
+ }
+
+ // Configure the request for UserID and Password authentication.
+ req.Auth.Identity.Password = &passwordReq{
+ User: userReq{ID: &opts.UserID, Password: opts.Password},
+ }
}
}
- b, err := BuildRequestBody(v3Opts, "auth")
- if err != nil {
- return nil, err
- }
+ // Add a "scope" element if a Scope has been provided.
+ if scope != nil {
+ if scope.ProjectName != "" {
+ // ProjectName provided: either DomainID or DomainName must also be supplied.
+ // ProjectID may not be supplied.
+ if scope.DomainID == "" && scope.DomainName == "" {
+ return createErr(ErrScopeDomainIDOrDomainName)
+ }
+ if scope.ProjectID != "" {
+ return createErr(ErrScopeProjectIDOrProjectName)
+ }
- return b, nil
+ if scope.DomainID != "" {
+ // ProjectName + DomainID
+ req.Auth.Scope = &scopeReq{
+ Project: &projectReq{
+ Name: &scope.ProjectName,
+ Domain: &domainReq{ID: &scope.DomainID},
+ },
+ }
+ }
+
+ if scope.DomainName != "" {
+ // ProjectName + DomainName
+ req.Auth.Scope = &scopeReq{
+ Project: &projectReq{
+ Name: &scope.ProjectName,
+ Domain: &domainReq{Name: &scope.DomainName},
+ },
+ }
+ }
+ } else if scope.ProjectID != "" {
+ // ProjectID provided. ProjectName, DomainID, and DomainName may not be provided.
+ if scope.DomainID != "" {
+ return createErr(ErrScopeProjectIDAlone)
+ }
+ if scope.DomainName != "" {
+ return createErr(ErrScopeProjectIDAlone)
+ }
+
+ // ProjectID
+ req.Auth.Scope = &scopeReq{
+ Project: &projectReq{ID: &scope.ProjectID},
+ }
+ } else if scope.DomainID != "" {
+ // DomainID provided. ProjectID, ProjectName, and DomainName may not be provided.
+ if scope.DomainName != "" {
+ return createErr(ErrScopeDomainIDOrDomainName)
+ }
+
+ // DomainID
+ req.Auth.Scope = &scopeReq{
+ Domain: &domainReq{ID: &scope.DomainID},
+ }
+ } else if scope.DomainName != "" {
+ return createErr(ErrScopeDomainName)
+ } else {
+ return createErr(ErrScopeEmpty)
+ }
+ }
}