fixed structure of auth request and organized tenantId to precede username

common/openstack/src/main/java/org/jclouds/openstack/keystone/v2_0/binders/BindAuthToJsonPayload.java

@@ -59,9 +59,9 @@ public class BindAuthToJsonPayload extends BindToJsonPayload implements MapBinde
    protected void addCredentialsInArgsOrNull(GeneratedHttpRequest<?> gRequest, Builder<String, Object> builder) {
       for (Object arg : gRequest.getArgs()) {
          if (arg instanceof PasswordCredentials) {
-            builder.put("auth", ImmutableMap.of("passwordCredentials", PasswordCredentials.class.cast(arg)));
+            builder.put("passwordCredentials", PasswordCredentials.class.cast(arg));
          } else if (arg instanceof ApiAccessKeyCredentials) {
-            builder.put("auth", ImmutableMap.of("apiAccessKeyCredentials", ApiAccessKeyCredentials.class.cast(arg)));
+            builder.put("apiAccessKeyCredentials", ApiAccessKeyCredentials.class.cast(arg));
          }
       }
    }
@@ -74,10 +74,10 @@ public class BindAuthToJsonPayload extends BindToJsonPayload implements MapBinde
       checkState(gRequest.getArgs() != null, "args should be initialized at this point");
 
       Builder<String, Object> builder = ImmutableMap.<String, Object> builder();
+      addCredentialsInArgsOrNull(gRequest, builder);
       if (Strings.emptyToNull(postParams.get("tenantId")) != null)
          builder.put("tenantId", postParams.get("tenantId"));
-      addCredentialsInArgsOrNull(gRequest, builder);
+      return super.bindToRequest(request, ImmutableMap.of("auth", builder.build()));
-      return super.bindToRequest(request, builder.build());
    }
 
 }

common/openstack/src/main/java/org/jclouds/openstack/keystone/v2_0/config/KeyStoneAuthenticationModule.java

@@ -31,12 +31,15 @@ import javax.inject.Singleton;
 import org.jclouds.Constants;
 import org.jclouds.concurrent.RetryOnTimeOutExceptionFunction;
 import org.jclouds.domain.Credentials;
+import org.jclouds.http.HttpRetryHandler;
 import org.jclouds.http.RequiresHttp;
+import org.jclouds.http.annotation.ClientError;
 import org.jclouds.location.Provider;
 import org.jclouds.openstack.Authentication;
 import org.jclouds.openstack.keystone.v2_0.ServiceAsyncClient;
 import org.jclouds.openstack.keystone.v2_0.domain.Access;
 import org.jclouds.openstack.keystone.v2_0.domain.PasswordCredentials;
+import org.jclouds.openstack.keystone.v2_0.handlers.RetryOnRenew;
 import org.jclouds.rest.AsyncClientFactory;
 
 import com.google.common.base.Function;
@@ -87,9 +90,9 @@ public class KeyStoneAuthenticationModule extends AbstractModule {
 
    @Provides
    @Provider
-   protected Credentials provideAuthenticationCredentials(@Named(Constants.PROPERTY_IDENTITY) String user,
+   protected Credentials provideAuthenticationCredentials(@Named(Constants.PROPERTY_IDENTITY) String userOrApiKey,
-            @Named(Constants.PROPERTY_CREDENTIAL) String key) {
+            @Named(Constants.PROPERTY_CREDENTIAL) String keyOrSecretKey) {
-      return new Credentials(user, key);
+      return new Credentials(userOrApiKey, keyOrSecretKey);
    }
 
    @Singleton
@@ -104,14 +107,14 @@ public class KeyStoneAuthenticationModule extends AbstractModule {
             @Override
             public Access apply(Credentials input) {
                // TODO: nice error messages, etc.
-               Iterable<String> usernameTenantId = Splitter.on(':').split(input.identity);
+               Iterable<String> tenantIdUsername = Splitter.on(':').split(input.identity);
-               String username = Iterables.get(usernameTenantId, 0);
+               String tenantId = Iterables.get(tenantIdUsername, 0);
-               String tenantId = Iterables.get(usernameTenantId, 1);
+               String username = Iterables.get(tenantIdUsername, 1);
                PasswordCredentials passwordCredentials = PasswordCredentials.createWithUsernameAndPassword(username,
                         input.credential);
                try {
-                  return factory.create(ServiceAsyncClient.class)
+                  return factory.create(ServiceAsyncClient.class).authenticateTenantWithCredentials(tenantId,
-                        .authenticateTenantWithCredentials(tenantId, passwordCredentials).get();
+                           passwordCredentials).get();
                } catch (Exception e) {
                   throw Throwables.propagate(e);
                }
@@ -126,12 +129,16 @@ public class KeyStoneAuthenticationModule extends AbstractModule {
       }
    }
 
+   // TODO: what is the timeout of the session token? modify default accordingly
+   // PROPERTY_SESSION_INTERVAL is default to 60 seconds, but we have this here at 23 hours for now.
    @Provides
    @Singleton
    public LoadingCache<Credentials, Access> provideAccessCache2(Function<Credentials, Access> getAccess) {
       return CacheBuilder.newBuilder().expireAfterWrite(23, TimeUnit.HOURS).build(CacheLoader.from(getAccess));
    }
 
+   // Temporary conversion of a cache to a supplier until there is a single-element cache
+   // http://code.google.com/p/guava-libraries/issues/detail?id=872
    @Provides
    @Singleton
    protected Supplier<Access> provideAccessSupplier(final LoadingCache<Credentials, Access> cache,

common/openstack/src/test/java/org/jclouds/openstack/keystone/v2_0/internal/BaseKeyStoneRestClientExpectTest.java

@@ -36,8 +36,8 @@ import com.google.common.net.HttpHeaders;
 public class BaseKeyStoneRestClientExpectTest<S> extends BaseRestClientExpectTest<S> {
 
    public BaseKeyStoneRestClientExpectTest() {
-      // username:tenantId
+      // tenantId:username
-      identity = "user@jclouds.org:12346637803162";
+      identity = "12346637803162:user@jclouds.org";
       credential = "Password1234";
    }
 
@@ -48,7 +48,7 @@ public class BaseKeyStoneRestClientExpectTest<S> extends BaseRestClientExpectTes
             .headers(ImmutableMultimap.of(HttpHeaders.ACCEPT, "application/json"))
             .payload(
                      payloadFromStringWithContentType(
-                              "{\"tenantId\":\"12346637803162\",\"auth\":{\"passwordCredentials\":{\"username\":\"user@jclouds.org\",\"password\":\"Password1234\"}}}",
+                              "{\"auth\":{\"passwordCredentials\":{\"username\":\"user@jclouds.org\",\"password\":\"Password1234\"},\"tenantId\":\"12346637803162\"}}",
                               "application/json")).build();
 
    protected String authToken = "Auth_4f173437e4b013bee56d1007";