From 95810ef1d2184b33902a56dfe7d14c12cb0869ef Mon Sep 17 00:00:00 2001
From: "iccha.sethi" <iccha.sethi@rackspace.com>
Date: Fri, 12 Jul 2013 20:23:54 +0000
Subject: [PATCH] Pass all identity headers received to glance

There is an upcoming patch in nova which passes identity
headers to glance client. We want to ensure that these get
passed to glance, which in turn with help the no auth
option in glance.

Resolves bug 1200761

Change-Id: Ifbef582aa4e64a2e7a46db43a9cc6cf8c3531dbd
---
 glanceclient/common/http.py |  9 +++++++++
 tests/test_http.py          | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+)

diff --git a/glanceclient/common/http.py b/glanceclient/common/http.py
index 3379a18..c534d0f 100644
--- a/glanceclient/common/http.py
+++ b/glanceclient/common/http.py
@@ -73,7 +73,12 @@ class HTTPClient(object):
         self.connection_kwargs = self.get_connection_kwargs(
             self.endpoint_scheme, **kwargs)
 
+        self.identity_headers = kwargs.get('identity_headers')
         self.auth_token = kwargs.get('token')
+        if self.identity_headers:
+            if self.identity_headers.get('X-Auth-Token'):
+                self.auth_token = self.identity_headers.get('X-Auth-Token')
+                del self.identity_headers['X-Auth-Token']
 
     @staticmethod
     def parse_endpoint(endpoint):
@@ -169,6 +174,10 @@ class HTTPClient(object):
         if self.auth_token:
             kwargs['headers'].setdefault('X-Auth-Token', self.auth_token)
 
+        if self.identity_headers:
+            for k, v in self.identity_headers.iteritems():
+                kwargs['headers'].setdefault(k, v)
+
         self.log_curl_request(method, url, kwargs)
         conn = self.get_connection()
 
diff --git a/tests/test_http.py b/tests/test_http.py
index 5cf84a5..e6cd770 100644
--- a/tests/test_http.py
+++ b/tests/test_http.py
@@ -42,6 +42,39 @@ class TestClient(testtools.TestCase):
         super(TestClient, self).tearDown()
         self.mock.UnsetStubs()
 
+    def test_identity_headers_and_token(self):
+        identity_headers = {
+            'X-Auth-Token': 'auth_token',
+            'X-User-Id': 'user',
+            'X-Tenant-Id': 'tenant',
+            'X-Roles': 'roles',
+            'X-Identity-Status': 'Confirmed',
+            'X-Service-Catalog': 'service_catalog',
+        }
+        #with token
+        kwargs = {'token': u'fake-token',
+                  'identity_headers': identity_headers}
+        http_client_object = http.HTTPClient(self.endpoint, **kwargs)
+        self.assertEquals(http_client_object.auth_token, 'auth_token')
+        self.assertTrue(http_client_object.identity_headers.
+                        get('X-Auth-Token') is None)
+
+    def test_identity_headers_and_no_token_in_header(self):
+        identity_headers = {
+            'X-User-Id': 'user',
+            'X-Tenant-Id': 'tenant',
+            'X-Roles': 'roles',
+            'X-Identity-Status': 'Confirmed',
+            'X-Service-Catalog': 'service_catalog',
+        }
+        #without X-Auth-Token in identity headers
+        kwargs = {'token': u'fake-token',
+                  'identity_headers': identity_headers}
+        http_client_object = http.HTTPClient(self.endpoint, **kwargs)
+        self.assertEquals(http_client_object.auth_token, u'fake-token')
+        self.assertTrue(http_client_object.identity_headers.
+                        get('X-Auth-Token') is None)
+
     def test_connection_refused(self):
         """
         Should receive a CommunicationError if connection refused.