From 02d50eccb9b3a2a9fc5759bf0d2376f2403fcdc4 Mon Sep 17 00:00:00 2001
From: kayrus <kay.diam@gmail.com>
Date: Mon, 16 Sep 2019 18:12:17 +0200
Subject: [PATCH] Optimize the openstack auth code

---
 .../provider/openstack/designateclient.go     | 37 ++-----------
 pkg/controller/provider/openstack/handler.go  | 53 +------------------
 2 files changed, 6 insertions(+), 84 deletions(-)

diff --git a/pkg/controller/provider/openstack/designateclient.go b/pkg/controller/provider/openstack/designateclient.go
index a41cb0b62..fd3d0cb81 100644
--- a/pkg/controller/provider/openstack/designateclient.go
+++ b/pkg/controller/provider/openstack/designateclient.go
@@ -20,6 +20,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"os"
 	"time"
 
 	"github.com/gardener/controller-manager-library/pkg/logger"
@@ -64,41 +65,13 @@ type designateClient struct {
 
 var _ designateClientInterface = &designateClient{}
 
-type authConfig struct {
-	AuthURL     string
-	Username    string
-	DomainName  string
-	DomainID    string
-	Password    string
-	ProjectName string
-	ProjectID   string
-	// UserDomainName/ID are optional
-	UserDomainID   string
-	UserDomainName string
-	// RegionName is optional
-	RegionName string
-}
-
 // authenticate in OpenStack and obtain Designate service endpoint
-func createDesignateServiceClient(logger logger.LogContext, authConfig *authConfig) (*gophercloud.ServiceClient, error) {
-	clientOpts := new(clientconfig.ClientOpts)
-	authInfo := &clientconfig.AuthInfo{
-		AuthURL:        authConfig.AuthURL,
-		Username:       authConfig.Username,
-		Password:       authConfig.Password,
-		DomainName:     authConfig.DomainName,
-		DomainID:       authConfig.DomainID,
-		ProjectName:    authConfig.ProjectName,
-		ProjectID:      authConfig.ProjectID,
-		UserDomainName: authConfig.UserDomainName,
-		UserDomainID:   authConfig.UserDomainID,
-	}
-	clientOpts.AuthInfo = authInfo
-
-	ao, err := clientconfig.AuthOptions(clientOpts)
+func createDesignateServiceClient(logger logger.LogContext) (*gophercloud.ServiceClient, error) {
+	ao, err := clientconfig.AuthOptions(nil)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create client auth options: %+v", err)
 	}
+	ao.AllowReauth = true
 
 	logger.Infof("Using OpenStack Keystone at %s", ao.IdentityEndpoint)
 	providerClient, err := openstack.NewClient(ao.IdentityEndpoint)
@@ -123,7 +96,7 @@ func createDesignateServiceClient(logger logger.LogContext, authConfig *authConf
 	}
 
 	eo := gophercloud.EndpointOpts{
-		Region: authConfig.RegionName,
+		Region: os.Getenv("OS_REGION_NAME"),
 	}
 
 	client, err := openstack.NewDNSV2(providerClient, eo)
diff --git a/pkg/controller/provider/openstack/handler.go b/pkg/controller/provider/openstack/handler.go
index f5ed397f3..e2af04802 100644
--- a/pkg/controller/provider/openstack/handler.go
+++ b/pkg/controller/provider/openstack/handler.go
@@ -41,12 +41,7 @@ var _ provider.DNSHandler = &Handler{}
 
 // NewHandler constructs a new DNSHandler object.
 func NewHandler(config *provider.DNSHandlerConfig) (provider.DNSHandler, error) {
-	authConfig, err := readAuthConfig(config)
-	if err != nil {
-		return nil, err
-	}
-
-	serviceClient, err := createDesignateServiceClient(config.Logger, authConfig)
+	serviceClient, err := createDesignateServiceClient(config.Logger)
 	if err != nil {
 		return nil, err
 	}
@@ -66,52 +61,6 @@ func NewHandler(config *provider.DNSHandlerConfig) (provider.DNSHandler, error)
 	return &h, nil
 }
 
-func readAuthConfig(c *provider.DNSHandlerConfig) (*authConfig, error) {
-	authURL, err := c.GetRequiredProperty("OS_AUTH_URL")
-	if err != nil {
-		return nil, err
-	}
-	username, err := c.GetRequiredProperty("OS_USERNAME", "username")
-	if err != nil {
-		return nil, err
-	}
-	domainName := c.GetProperty("OS_DOMAIN_NAME", "domainName")
-	domainID := c.GetProperty("OS_DOMAIN_ID", "domainID")
-
-	password, err := c.GetRequiredProperty("OS_PASSWORD", "password")
-	if err != nil {
-		return nil, err
-	}
-	projectName := c.GetProperty("OS_PROJECT_NAME", "tenantName")
-	projectID := c.GetProperty("OS_PROJECT_ID", "tenantID")
-
-	// optional restriction to region
-	regionName := c.GetProperty("OS_REGION_NAME")
-	userDomainName := c.GetProperty("OS_USER_DOMAIN_NAME", "userDomainName")
-	userDomainID := c.GetProperty("OS_USER_DOMAIN_ID", "userDomainID")
-
-	if domainID != "" && userDomainName != "" {
-		return nil, fmt.Errorf("userDomainName can't be used together with domainID")
-	}
-	if domainName != "" && userDomainID != "" {
-		return nil, fmt.Errorf("userDomainID can't be used together with domainName")
-	}
-
-	authConfig := authConfig{
-		AuthURL:        authURL,
-		Username:       username,
-		Password:       password,
-		DomainName:     domainName,
-		DomainID:       domainID,
-		ProjectName:    projectName,
-		ProjectID:      projectID,
-		UserDomainID:   userDomainID,
-		UserDomainName: userDomainName,
-		RegionName:     regionName}
-
-	return &authConfig, nil
-}
-
 // Release releases the zone cache.
 func (h *Handler) Release() {
 	h.cache.Release()