From 59de9c477cb91573372bd363dfd0fc72af461327 Mon Sep 17 00:00:00 2001
From: Hieu LE <hieulq@vn.fujitsu.com>
Date: Mon, 4 Apr 2016 18:19:50 +0700
Subject: [PATCH] Ignore domain related config when using with keystone v2

Currently, "/usr/bin/openstack --insecure token issue"
fails when OS_AUTH_URL and OS_IDENTITY_API_VERSION
indicate keystone v2 if OS_PROJECT_DOMAIN_NAME or
OS_USER_DOMAIN_NAME are set. This patchset ignore domain
related configs if using with keystone v2.

Change-Id: If7eea2ed1a4877c60d055ed0114a5e5f31e282a0
Closes-bug: #1447704
---
 openstackclient/common/clientmanager.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/openstackclient/common/clientmanager.py b/openstackclient/common/clientmanager.py
index 8b0fb921be..c29bf224a2 100644
--- a/openstackclient/common/clientmanager.py
+++ b/openstackclient/common/clientmanager.py
@@ -195,6 +195,18 @@ class ClientManager(object):
                 not self._auth_params.get('user_domain_name')):
             self._auth_params['user_domain_id'] = default_domain
 
+        # NOTE(hieulq): If USER_DOMAIN_NAME, USER_DOMAIN_ID, PROJECT_DOMAIN_ID
+        # or PROJECT_DOMAIN_NAME is present and API_VERSION is 2.0, then
+        # ignore all domain related configs.
+        if (self._api_version.get('identity') == '2.0' and
+                self.auth_plugin_name.endswith('password')):
+            LOG.warning("Ignoring domain related configs "
+                        "because identity API version is 2.0")
+            domain_props = ['project_domain_name', 'project_domain_id',
+                            'user_domain_name', 'user_domain_id']
+            for prop in domain_props:
+                self._auth_params.pop(prop, None)
+
         # For compatibility until all clients can be updated
         if 'project_name' in self._auth_params:
             self._project_name = self._auth_params['project_name']