Go OpenStack Exchange

Merge lp:~wallyworld/goose/service-double-improvements into lp:~gophers/goose/trunk

service-double-improvements
Merge into trunk

Proposed by Ian Booth on 2013-01-23

Status:	Merged
Merged at revision:	51
Proposed branch:	lp:~wallyworld/goose/service-double-improvements
Merge into:	lp:~gophers/goose/trunk
Diff against target:	2264 lines (+761/-637) 26 files modified client/local_test.go (+15/-22) identity/legacy_test.go (+3/-3) identity/userpass_test.go (+5/-5) nova/local_test.go (+12/-32) swift/local_test.go (+12/-28) testservices/cmd/main.go (+4/-3) testservices/identityservice/identityservice.go (+11/-5) testservices/identityservice/legacy.go (+17/-9) testservices/identityservice/legacy_test.go (+3/-2) testservices/identityservice/service_test.go (+3/-3) testservices/identityservice/userpass.go (+18/-17) testservices/identityservice/userpass_test.go (+17/-22) testservices/identityservice/users.go (+63/-0) testservices/identityservice/util.go (+4/-2) testservices/novaservice/service.go (+46/-24) testservices/novaservice/service_http.go (+16/-9) testservices/novaservice/service_http_test.go (+343/-334) testservices/novaservice/service_test.go (+16/-17) testservices/openstack/openstack.go (+38/-0) testservices/service.go (+21/-0) testservices/swiftservice/service.go (+46/-8) testservices/swiftservice/service_http.go (+13/-7) testservices/swiftservice/service_http_test.go (+14/-9) testservices/swiftservice/service_test.go (+8/-7) testservices/swiftservice/swiftservice.go (+0/-40) tools/secgroup-delete-all/main_test.go (+13/-29)
To merge this branch:	bzr merge lp:~wallyworld/goose/service-double-improvements
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
The Go Language Gophers		2013-01-23	Pending
Review via email: mp+144435@code.launchpad.net

Description of the change

Goose test infrastructure improvements

This branch improves the usabilty of the goose test infrastructure.

A full Openstack service test double is provided. A bunch of manual coding which was required in each test suite to set up various Openstack module test doubles is replaced by a few lines of code.

New code:

cred := &identity.Credentials{...}
openstack := openstack.New(cred)
openstack.SetupHTTP(s.Mux)

Old code:

// Create the identity service.
s.identityDouble = identityservice.NewUserPass()
token := s.identityDouble.AddUser(s.cred.User, s.cred.Secrets)
s.Mux.Handle(baseIdentityURL, s.identityDouble)

// Register Swift endpoints with identity service.
ep := identityservice.Endpoint{
  AdminURL: s.Server.URL + baseSwiftURL,
  InternalURL: s.Server.URL + baseSwiftURL,
  PublicURL: s.Server.URL + baseSwiftURL,
  Region: s.cred.Region,
}
service := identityservice.Service{"swift", "object-store", []identityservice.Endpoint{ep}}
s.identityDouble.AddService(service)
s.swiftDouble = swiftservice.New("localhost", baseSwiftURL+"/", token)
s.Mux.Handle(baseSwiftURL+"/", s.swiftDouble)

// Register Nova endpoints with identity service.
ep = identityservice.Endpoint{
  AdminURL: s.Server.URL + baseNovaURL,
  InternalURL: s.Server.URL + baseNovaURL,
  PublicURL: s.Server.URL + baseNovaURL,
  Region: s.cred.Region,
}
service = identityservice.Service{"nova", "compute", []identityservice.Endpoint{ep}}
s.identityDouble.AddService(service)
s.novaDouble = novaservice.New("localhost", "V1", token, "1")
s.novaDouble.SetupHTTP(s.Mux)

Other changes include:

- fix the identity service double to remove the hard coded userId and tenantId.
- do not hard code a fixed token against a service double - each user is assigned their own token just like a real instance, allowing multi-user tests to be written.
- improvements to the Swift service double to make it use URLs which are compliant with how a real Swift instance would do it.
- factor out a common base class for the legacy and userpass double implementations.
- use a SetupHTTP() for all test doubles instead of requiring the coder to know the magic URL paths to use.

https://codereview.appspot.com/7194043/

Revision history for this message

Ian Booth (wallyworld) wrote on 2013-01-23:

Download full text (3.4 KiB)

Reviewers: mp+144435_code.launchpad.net,

Message:
Please take a look.

Description:
Goose test infrastructure improvements

This branch improves the usabilty of the goose test infrastructure.

A full Openstack service test double is provided. A bunch of manual
coding which was required in each test suite to set up various Openstack
module test doubles is replaced by a few lines of code.

New code:

openstack := openstack.New(s.Server.URL, s.cred.User, s.cred.Secrets,
s.LiveTests.cred.Region)
openstack.SetupHTTP(s.Mux)

Old code:

// Create the identity service.
s.identityDouble = identityservice.NewUserPass()
token := s.identityDouble.AddUser(s.cred.User, s.cred.Secrets)
s.Mux.Handle(baseIdentityURL, s.identityDouble)

// Register Swift endpoints with identity service.
ep := identityservice.Endpoint{
  AdminURL: s.Server.URL + baseSwiftURL,
  InternalURL: s.Server.URL + baseSwiftURL,
  PublicURL: s.Server.URL + baseSwiftURL,
  Region: s.cred.Region,
}
service := identityservice.Service{"swift", "object-store",
[]identityservice.Endpoint{ep}}
s.identityDouble.AddService(service)
s.swiftDouble = swiftservice.New("localhost", baseSwiftURL+"/", token)
s.Mux.Handle(baseSwiftURL+"/", s.swiftDouble)

// Register Nova endpoints with identity service.
ep = identityservice.Endpoint{
  AdminURL: s.Server.URL + baseNovaURL,
  InternalURL: s.Server.URL + baseNovaURL,
  PublicURL: s.Server.URL + baseNovaURL,
  Region: s.cred.Region,
}
service = identityservice.Service{"nova", "compute",
[]identityservice.Endpoint{ep}}
s.identityDouble.AddService(service)
s.novaDouble = novaservice.New("localhost", "V1", token, "1")
s.novaDouble.SetupHTTP(s.Mux)

Other changes include:

- fix the identity service double to remove the hard coded userId and
tenantId.
- do not hard code a fixed token against a service double - each user is
assigned their own token just like a real instance, allowing multi-user
tests to be written.
- improvements to the Swift service double to make it use URLs which are
compliant with how a real Swift instance would do it.
- factor out a common base class for the legacy and userpass double
implementations.
- use a SetupHTTP() for all test doubles instead of requiring the coder
to know the magic URL paths to use.

https://code.launchpad.net/~wallyworld/goose/service-double-improvements/+merge/144435

(do not edit description out of merge proposal)

Please review this at https://codereview.appspot.com/7194043/

Reviewers: mp+144435_code.launchpad.net,

Message:
Please take a look.

Description:
Goose test infrastructure improvements

This branch improves the usabilty of the goose test infrastructure.

A full Openstack service test double is provided. A bunch of manual
coding which was required in each test suite to set up various Openstack
module test doubles is replaced by a few lines of code.

New code:

openstack := openstack.New(s.Server.URL, s.cred.User, s.cred.Secrets,
s.LiveTests.cred.Region)
	openstack.SetupHTTP(s.Mux)

Old code:

// Create the identity service.
	s.identityDouble = identityservice.NewUserPass()
	token := s.identityDouble.AddUser(s.cred.User, s.cred.Secrets)
	s.Mux.Handle(baseIdentityURL, s.identityDouble)

// Register Swift endpoints with identity service.
	ep := identityservice.Endpoint{
		AdminURL:    s.Server.URL + baseSwiftURL,
		InternalURL: s.Server.URL + baseSwiftURL,
		PublicURL:   s.Server.URL + baseSwiftURL,
		Region:      s.cred.Region,
	}
	service := identityservice.Service{"swift", "object-store",
[]identityservice.Endpoint{ep}}
	s.identityDouble.AddService(service)
	s.swiftDouble = swiftservice.New("localhost", baseSwiftURL+"/", token)
	s.Mux.Handle(baseSwiftURL+"/", s.swiftDouble)

// Register Nova endpoints with identity service.
	ep = identityservice.Endpoint{
		AdminURL:    s.Server.URL + baseNovaURL,
		InternalURL: s.Server.URL + baseNovaURL,
		PublicURL:   s.Server.URL + baseNovaURL,
		Region:      s.cred.Region,
	}
	service = identityservice.Service{"nova", "compute",
[]identityservice.Endpoint{ep}}
	s.identityDouble.AddService(service)
	s.novaDouble = novaservice.New("localhost", "V1", token, "1")
	s.novaDouble.SetupHTTP(s.Mux)
	
	
Other changes include:

- fix the identity service double to remove the hard coded userId and
tenantId.
- do not hard code a fixed token against a service double - each user is
assigned their own token just like a real instance, allowing multi-user
tests to be written.
- improvements to the Swift service double to make it use URLs which are
compliant with how a real Swift instance would do it.
- factor out a common base class for the legacy and userpass double
implementations.
- use a SetupHTTP() for all test doubles instead of requiring the coder
to know the magic URL paths to use.

https://code.launchpad.net/~wallyworld/goose/service-double-improvements/+merge/144435

(do not edit description out of merge proposal)

Please review this at https://codereview.appspot.com/7194043/

Affected files:
   A [revision details]
   M client/local_test.go
   M identity/legacy_test.go
   M identity/userpass_test.go
   M nova/local_test.go
   M swift/local_test.go
   M testservices/identityservice/identityservice.go
   M testservices/identityservice/legacy.go
   M testservices/identityservice/legacy_test.go
   M testservices/identityservice/service_test.go
   M testservices/identityservice/userpass.go
   M testservices/identityservice/userpass_test.go
   A testservices/identityservice/users.go
   M testservices/identityservice/util.go
   M testservices/novaservice/service.go
   M testservices/novaservice/service_http.go
   M testservices/novaservice/service_http_test.go
   M testservices/novaservice/service_test.go
   A testservices/openstack/openstack.go
   M testservices/swiftservice/service.go
   M testservices/swiftservice/service_http.go
   M testservices/swiftservice/service_http_test.go
   M testservices/swiftservice/service_test.go
   D testservices/swiftservice/swiftservice.go

Revision history for this message

Dimiter Naydenov (dimitern) wrote on 2013-01-23:

LGTM overall, with a couple of comments.

https://codereview.appspot.com/7194043/diff/1/client/local_test.go
File client/local_test.go (right):

https://codereview.appspot.com/7194043/diff/1/client/local_test.go#newcode42
client/local_test.go:42: // The openstack test service sets up userpass
authentication.
As on the other CL, think what happens if OS_TENANT_NAME is not set -
maybe pass it as an argument here?

https://codereview.appspot.com/7194043/diff/1/testservices/novaservice/service_http_test.go
File testservices/novaservice/service_http_test.go (right):

https://codereview.appspot.com/7194043/diff/1/testservices/novaservice/service_http_test.go#newcode120
testservices/novaservice/service_http_test.go:120: // SimpleTest defines
a simple request without a body and expected response.
Why a type, when it's only used here?

https://codereview.appspot.com/7194043/

lp:~wallyworld/goose/service-double-improvements updated on 2013-01-24

51. By Ian Booth on 2013-01-23: Merge trunk
52. By Ian Booth on 2013-01-24: Make openstack constructor use credentials so tenant is no longer hard wired
53. By Ian Booth on 2013-01-24: Move generic code out of identityservice package

Revision history for this message

Ian Booth (wallyworld) wrote on 2013-01-24:

https://codereview.appspot.com/7194043/diff/1/client/local_test.go
File client/local_test.go (right):

https://codereview.appspot.com/7194043/diff/1/client/local_test.go#newcode42
client/local_test.go:42: // The openstack test service sets up userpass
authentication.
On 2013/01/23 12:28:08, dimitern wrote:
> As on the other CL, think what happens if OS_TENANT_NAME is not set -
maybe pass
> it as an argument here?

The tenant was hard wired, so no issue. However, I've tweaked it so that
the openstack service double is constructed using a credentials object
and the tenant to use comes from there.

https://codereview.appspot.com/7194043/diff/1/testservices/novaservice/service_http_test.go
File testservices/novaservice/service_http_test.go (right):

The statically defined array was replaced with a function to allow the
token to be dynamically set in the struct values, since the token is no
longer hard wired. So the function return type and array declaration
inside the function needed to refer to the struct, and so using a type
became necessary.

https://codereview.appspot.com/7194043/

Revision history for this message

Ian Booth (wallyworld) wrote on 2013-01-24:

*** Submitted:

Goose test infrastructure improvements

This branch improves the usabilty of the goose test infrastructure.

A full Openstack service test double is provided. A bunch of manual
coding which was required in each test suite to set up various Openstack
module test doubles is replaced by a few lines of code.

New code:

cred := &identity.Credentials{...}
openstack := openstack.New(cred)
openstack.SetupHTTP(s.Mux)

Old code:

// Create the identity service.
s.identityDouble = identityservice.NewUserPass()
token := s.identityDouble.AddUser(s.cred.User, s.cred.Secrets)
s.Mux.Handle(baseIdentityURL, s.identityDouble)

// Register Swift endpoints with identity service.
ep := identityservice.Endpoint{
  AdminURL: s.Server.URL + baseSwiftURL,
  InternalURL: s.Server.URL + baseSwiftURL,
  PublicURL: s.Server.URL + baseSwiftURL,
  Region: s.cred.Region,
}
service := identityservice.Service{"swift", "object-store",
[]identityservice.Endpoint{ep}}
s.identityDouble.AddService(service)
s.swiftDouble = swiftservice.New("localhost", baseSwiftURL+"/", token)
s.Mux.Handle(baseSwiftURL+"/", s.swiftDouble)

// Register Nova endpoints with identity service.
ep = identityservice.Endpoint{
  AdminURL: s.Server.URL + baseNovaURL,
  InternalURL: s.Server.URL + baseNovaURL,
  PublicURL: s.Server.URL + baseNovaURL,
  Region: s.cred.Region,
}
service = identityservice.Service{"nova", "compute",
[]identityservice.Endpoint{ep}}
s.identityDouble.AddService(service)
s.novaDouble = novaservice.New("localhost", "V1", token, "1")
s.novaDouble.SetupHTTP(s.Mux)

Other changes include:

- fix the identity service double to remove the hard coded userId and
tenantId.
- do not hard code a fixed token against a service double - each user is
assigned their own token just like a real instance, allowing multi-user
tests to be written.
- improvements to the Swift service double to make it use URLs which are
compliant with how a real Swift instance would do it.
- factor out a common base class for the legacy and userpass double
implementations.
- use a SetupHTTP() for all test doubles instead of requiring the coder
to know the magic URL paths to use.

R=dimitern
CC=
https://codereview.appspot.com/7194043

https://codereview.appspot.com/7194043/

*** Submitted:

Goose test infrastructure improvements

This branch improves the usabilty of the goose test infrastructure.

A full Openstack service test double is provided. A bunch of manual
coding which was required in each test suite to set up various Openstack
module test doubles is replaced by a few lines of code.

New code:

cred := &identity.Credentials{...}
	openstack := openstack.New(cred)
	openstack.SetupHTTP(s.Mux)

Old code:

// Create the identity service.
	s.identityDouble = identityservice.NewUserPass()
	token := s.identityDouble.AddUser(s.cred.User, s.cred.Secrets)
	s.Mux.Handle(baseIdentityURL, s.identityDouble)

// Register Swift endpoints with identity service.
	ep := identityservice.Endpoint{
		AdminURL:    s.Server.URL + baseSwiftURL,
		InternalURL: s.Server.URL + baseSwiftURL,
		PublicURL:   s.Server.URL + baseSwiftURL,
		Region:      s.cred.Region,
	}
	service := identityservice.Service{"swift", "object-store",
[]identityservice.Endpoint{ep}}
	s.identityDouble.AddService(service)
	s.swiftDouble = swiftservice.New("localhost", baseSwiftURL+"/", token)
	s.Mux.Handle(baseSwiftURL+"/", s.swiftDouble)

// Register Nova endpoints with identity service.
	ep = identityservice.Endpoint{
		AdminURL:    s.Server.URL + baseNovaURL,
		InternalURL: s.Server.URL + baseNovaURL,
		PublicURL:   s.Server.URL + baseNovaURL,
		Region:      s.cred.Region,
	}
	service = identityservice.Service{"nova", "compute",
[]identityservice.Endpoint{ep}}
	s.identityDouble.AddService(service)
	s.novaDouble = novaservice.New("localhost", "V1", token, "1")
	s.novaDouble.SetupHTTP(s.Mux)
	
	
Other changes include:

- fix the identity service double to remove the hard coded userId and
tenantId.
- do not hard code a fixed token against a service double - each user is
assigned their own token just like a real instance, allowing multi-user
tests to be written.
- improvements to the Swift service double to make it use URLs which are
compliant with how a real Swift instance would do it.
- factor out a common base class for the legacy and userpass double
implementations.
- use a SetupHTTP() for all test doubles instead of requiring the coder
to know the magic URL paths to use.

R=dimitern
CC=
https://codereview.appspot.com/7194043

https://codereview.appspot.com/7194043/

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Ian Booth

John A Meinel

Kapil Thangavelu

Kevin McDermott

The Go Language Gophers

 === modified file 'client/local_test.go'
 --- client/local_test.go	2013-01-14 13:01:04 +0000
 +++ client/local_test.go	2013-01-24 03:17:22 +0000
@@ -4,8 +4,9 @@
  	. "launchpad.net/gocheck"
  	"launchpad.net/goose/identity"
  	"launchpad.net/goose/testing/httpsuite"
++	"launchpad.net/goose/testservices"
  	"launchpad.net/goose/testservices/identityservice"
--	"net/http"
++	"launchpad.net/goose/testservices/openstack"
+ )
  func registerLocalTests(authMethods []identity.AuthMethod) {
@@ -24,38 +25,30 @@
  	LiveTests
  	// The following attributes are for using testing doubles.
  	httpsuite.HTTPSuite
--	identityDouble http.Handler
++	service testservices.HttpService
+ }
  func (s *localLiveSuite) SetUpSuite(c *C) {
  	c.Logf("Using identity service test double")
  	s.HTTPSuite.SetUpSuite(c)
  	s.cred = &identity.Credentials{
--		URL:     s.Server.URL,
--		User:    "fred",
--		Secrets: "secret",
--		Region:  "some region"}
++		URL:        s.Server.URL,
++		User:       "fred",
++		Secrets:    "secret",
++		Region:     "some region",
++		TenantName: "tenant",
++	}
  	switch s.authMethod {
  	default:
  		panic("Invalid authentication method")
  	case identity.AuthUserPass:
--		s.identityDouble = identityservice.NewUserPass()
--		s.identityDouble.(*identityservice.UserPass).AddUser(s.cred.User, s.cred.Secrets)
--		ep := identityservice.Endpoint{
--			AdminURL:    s.Server.URL,
--			InternalURL: s.Server.URL,
--			PublicURL:   s.Server.URL,
--			Region:      s.LiveTests.cred.Region,
--		}
--		service := identityservice.Service{"nova", "compute", []identityservice.Endpoint{ep}}
--		s.identityDouble.(*identityservice.UserPass).AddService(service)
--		service = identityservice.Service{"swift", "object-store", []identityservice.Endpoint{ep}}
--		s.identityDouble.(*identityservice.UserPass).AddService(service)
++		// The openstack test service sets up userpass authentication.
++		s.service = openstack.New(s.cred)
  	case identity.AuthLegacy:
--		s.identityDouble = identityservice.NewLegacy()
--		var legacy = s.identityDouble.(*identityservice.Legacy)
--		legacy.AddUser(s.cred.User, s.cred.Secrets)
++		legacy := identityservice.NewLegacy()
++		legacy.AddUser(s.cred.User, s.cred.Secrets, s.cred.TenantName)
  		legacy.SetManagementURL("http://management.test.invalid/url")
++		s.service = legacy
+ 	}
  	s.LiveTests.SetUpSuite(c)
+ }
@@ -67,7 +60,7 @@
  func (s *localLiveSuite) SetUpTest(c *C) {
  	s.HTTPSuite.SetUpTest(c)
--	s.Mux.Handle("/", s.identityDouble)
++	s.service.SetupHTTP(s.Mux)
  	s.LiveTests.SetUpTest(c)
+ }
 === modified file 'identity/legacy_test.go'
 --- identity/legacy_test.go	2013-01-14 03:18:37 +0000
 +++ identity/legacy_test.go	2013-01-24 03:17:22 +0000
@@ -15,13 +15,13 @@
  func (s *LegacyTestSuite) TestAuthAgainstServer(c *C) {
  	service := identityservice.NewLegacy()
  	s.Mux.Handle("/", service)
--	token := service.AddUser("joe-user", "secrets")
++	userInfo := service.AddUser("joe-user", "secrets", "tenant")
  	service.SetManagementURL("http://management.test.invalid/url")
  	var l Authenticator = &Legacy{}
  	creds := Credentials{User: "joe-user", URL: s.Server.URL, Secrets: "secrets"}
  	auth, err := l.Auth(&creds)
  	c.Assert(err, IsNil)
--	c.Assert(auth.Token, Equals, token)
++	c.Assert(auth.Token, Equals, userInfo.Token)
  	c.Assert(
  		auth.ServiceURLs, DeepEquals,
  		map[string]string{"compute": "http://management.test.invalid/url/compute", "object-store": "http://management.test.invalid/url/object-store"})
@@ -30,7 +30,7 @@
  func (s *LegacyTestSuite) TestBadAuth(c *C) {
  	service := identityservice.NewLegacy()
  	s.Mux.Handle("/", service)
--	_ = service.AddUser("joe-user", "secrets")
++	_ = service.AddUser("joe-user", "secrets", "tenant")
  	var l Authenticator = &Legacy{}
  	creds := Credentials{User: "joe-user", URL: s.Server.URL, Secrets: "bad-secrets"}
  	auth, err := l.Auth(&creds)
 === modified file 'identity/userpass_test.go'
 --- identity/userpass_test.go	2013-01-14 03:18:37 +0000
 +++ identity/userpass_test.go	2013-01-24 03:17:22 +0000
@@ -14,12 +14,12 @@
  func (s *UserPassTestSuite) TestAuthAgainstServer(c *C) {
  	service := identityservice.NewUserPass()
--	s.Mux.Handle("/", service)
--	token := service.AddUser("joe-user", "secrets")
++	service.SetupHTTP(s.Mux)
++	userInfo := service.AddUser("joe-user", "secrets", "tenant")
  	var l Authenticator = &UserPass{}
--	creds := Credentials{User: "joe-user", URL: s.Server.URL, Secrets: "secrets"}
++	creds := Credentials{User: "joe-user", URL: s.Server.URL + "/tokens", Secrets: "secrets"}
  	auth, err := l.Auth(&creds)
  	c.Assert(err, IsNil)
--	c.Assert(auth.Token, Equals, token)
--	// c.Assert(auth.ServiceURLs, DeepEquals, map[string]string{"compute": "http://management.test.invalid/url"})
++	c.Assert(auth.Token, Equals, userInfo.Token)
++	c.Assert(auth.TenantId, Equals, userInfo.TenantId)
+ }
 === modified file 'nova/local_test.go'
 --- nova/local_test.go	2013-01-21 11:18:33 +0000
 +++ nova/local_test.go	2013-01-24 03:17:22 +0000
@@ -7,8 +7,7 @@
  	"launchpad.net/goose/errors"
  	"launchpad.net/goose/identity"
  	"launchpad.net/goose/nova"
--	"launchpad.net/goose/testservices/identityservice"
--	"launchpad.net/goose/testservices/novaservice"
++	"launchpad.net/goose/testservices/openstack"
  	"log"
  	"net/http"
  	"net/http/httptest"
@@ -19,20 +18,14 @@
  	Suite(&localLiveSuite{})
+ }
--const (
--	baseNovaURL = "/V1/1"
--)
--
  // localLiveSuite runs tests from LiveTests using a fake
  // nova server that runs within the test process itself.
  type localLiveSuite struct {
  	LiveTests
  	// The following attributes are for using testing doubles.
--	Server         *httptest.Server
--	Mux            *http.ServeMux
--	oldHandler     http.Handler
--	identityDouble *identityservice.UserPass
--	novaDouble     *novaservice.Nova
++	Server     *httptest.Server
++	Mux        *http.ServeMux
++	oldHandler http.Handler
+ }
  func (s *localLiveSuite) SetUpSuite(c *C) {
@@ -44,29 +37,16 @@
  	s.Mux = http.NewServeMux()
  	s.Server.Config.Handler = s.Mux
++	// Set up an Openstack service.
  	s.cred = &identity.Credentials{
--		URL:     s.Server.URL,
--		User:    "fred",
--		Secrets: "secret",
--		Region:  "some region"}
--	// Create an identity service and register a Nova endpoint.
--	s.identityDouble = identityservice.NewUserPass()
--	token := s.identityDouble.AddUser(s.cred.User, s.cred.Secrets)
--	ep := identityservice.Endpoint{
--		AdminURL:    s.Server.URL + baseNovaURL,
--		InternalURL: s.Server.URL + baseNovaURL,
--		PublicURL:   s.Server.URL + baseNovaURL,
--		Region:      s.cred.Region,
++		URL:        s.Server.URL,
++		User:       "fred",
++		Secrets:    "secret",
++		Region:     "some region",
++		TenantName: "tenant",
+ 	}
--	s.Mux.Handle("/tokens", s.identityDouble)
--
--	service := identityservice.Service{"nova", "compute", []identityservice.Endpoint{ep}}
--	s.identityDouble.AddService(service)
--	// Create a nova service at the registered endpoint.
--	// TODO: identityservice.UserPass always uses tenantId="1", patch this
--	//	 when that changes.
--	s.novaDouble = novaservice.New("localhost", "V1", token, "1")
--	s.novaDouble.SetupHTTP(s.Mux)
++	openstack := openstack.New(s.cred)
++	openstack.SetupHTTP(s.Mux)
  	s.LiveTests.SetUpSuite(c)
+ }
 === modified file 'swift/local_test.go'
 --- swift/local_test.go	2012-12-20 05:47:11 +0000
 +++ swift/local_test.go	2013-01-24 03:17:22 +0000
@@ -4,19 +4,13 @@
  	. "launchpad.net/gocheck"
  	"launchpad.net/goose/identity"
  	"launchpad.net/goose/testing/httpsuite"
--	"launchpad.net/goose/testservices/identityservice"
--	"launchpad.net/goose/testservices/swiftservice"
--	"net/http"
++	"launchpad.net/goose/testservices/openstack"
+ )
  func registerLocalTests() {
  	Suite(&localLiveSuite{})
+ }
--const (
--	baseURL = "/object-store"
--)
--
  // localLiveSuite runs tests from LiveTests using a fake
  // swift server that runs within the test process itself.
  type localLiveSuite struct {
@@ -24,32 +18,23 @@
  	LiveTestsPublicContainer
  	// The following attributes are for using testing doubles.
  	httpsuite.HTTPSuite
--	identityDouble http.Handler
--	swiftDouble    http.Handler
++	openstack *openstack.Openstack
+ }
  func (s *localLiveSuite) SetUpSuite(c *C) {
  	c.Logf("Using identity and swift service test doubles")
  	s.HTTPSuite.SetUpSuite(c)
++	// Set up an Openstack service.
  	s.LiveTests.cred = &identity.Credentials{
--		URL:     s.Server.URL,
--		User:    "fred",
--		Secrets: "secret",
--		Region:  "some region"}
++		URL:        s.Server.URL,
++		User:       "fred",
++		Secrets:    "secret",
++		Region:     "some region",
++		TenantName: "tenant",
++	}
  	s.LiveTestsPublicContainer.cred = s.LiveTests.cred
--	// Create an identity service and register a Swift endpoint.
--	s.identityDouble = identityservice.NewUserPass()
--	token := s.identityDouble.(*identityservice.UserPass).AddUser(s.LiveTests.cred.User, s.LiveTests.cred.Secrets)
--	ep := identityservice.Endpoint{
--		s.Server.URL + baseURL, //admin
--		s.Server.URL + baseURL, //internal
--		s.Server.URL + baseURL, //public
--		s.LiveTests.cred.Region,
--	}
--	service := identityservice.Service{"swift", "object-store", []identityservice.Endpoint{ep}}
--	s.identityDouble.(*identityservice.UserPass).AddService(service)
--	// Create a swift service at the registered endpoint.
--	s.swiftDouble = swiftservice.New("localhost", baseURL+"/", token)
++	s.openstack = openstack.New(s.LiveTests.cred)
++
  	s.LiveTests.SetUpSuite(c)
  	s.LiveTestsPublicContainer.SetUpSuite(c)
+ }
@@ -62,8 +47,7 @@
  func (s *localLiveSuite) SetUpTest(c *C) {
  	s.HTTPSuite.SetUpTest(c)
--	s.Mux.Handle(baseURL+"/", s.swiftDouble)
--	s.Mux.Handle("/", s.identityDouble)
++	s.openstack.SetupHTTP(s.Mux)
  	s.LiveTests.SetUpTest(c)
  	s.LiveTestsPublicContainer.SetUpTest(c)
+ }
 === added directory 'testservices/cmd'
 === renamed file 'testservices/main.go' => 'testservices/cmd/main.go'
 --- testservices/main.go	2012-11-11 11:13:52 +0000
 +++ testservices/cmd/main.go	2013-01-24 03:17:22 +0000
@@ -61,9 +61,10 @@
  	if !ok {
  		log.Fatalf("No such provider: %s, pick one of: %v", provider, providers())
+ 	}
--	http.Handle("/", p)
++	mux := http.NewServeMux()
++	p.SetupHTTP(mux)
  	for _, u := range users.users {
--		p.AddUser(u.user, u.secret)
++		p.AddUser(u.user, u.secret, "tenant")
+ 	}
--	log.Fatal(http.ListenAndServe(*serveAddr, nil))
++	log.Fatal(http.ListenAndServe(*serveAddr, mux))
+ }
 === modified file 'testservices/identityservice/identityservice.go'
 --- testservices/identityservice/identityservice.go	2012-11-11 11:13:52 +0000
 +++ testservices/identityservice/identityservice.go	2013-01-24 03:17:22 +0000
@@ -1,10 +1,16 @@
  package identityservice
--import (
--	"net/http"
--)
++import "net/http"
++// An IdentityService provides user authentication for an Openstack instance.
  type IdentityService interface {
--	AddUser(user, secret string) (token string)
--	ServeHTTP(w http.ResponseWriter, r *http.Request)
++	AddUser(user, secret, tenant string) *UserInfo
++	FindUser(token string) (*UserInfo, error)
++	RegisterServiceProvider(name, serviceType string, serviceProvider ServiceProvider)
++	SetupHTTP(mux *http.ServeMux)
++}
++
++// A ServiceProvider is an Openstack module which has service endpoints.
++type ServiceProvider interface {
++	Endpoints() []Endpoint
+ }
 === modified file 'testservices/identityservice/legacy.go'
 --- testservices/identityservice/legacy.go	2012-12-21 05:07:39 +0000
 +++ testservices/identityservice/legacy.go	2013-01-24 03:17:22 +0000
@@ -5,40 +5,48 @@
+ )
  type Legacy struct {
--	tokens        map[string]UserInfo
++	Users
  	managementURL string
+ }
  func NewLegacy() *Legacy {
  	service := &Legacy{}
--	service.tokens = make(map[string]UserInfo)
++	service.users = make(map[string]UserInfo)
++	service.tenants = make(map[string]string)
  	return service
+ }
++func (lis *Legacy) RegisterServiceProvider(name, serviceType string, serviceProvider ServiceProvider) {
++	// NOOP for legacy identity service.
++}
++
  func (lis *Legacy) SetManagementURL(URL string) {
  	lis.managementURL = URL
+ }
--func (lis *Legacy) AddUser(user, secret string) string {
--	token := randomHexToken()
--	lis.tokens[user] = UserInfo{secret: secret, token: token}
--	return token
++// setupHTTP attaches all the needed handlers to provide the HTTP API.
++func (lis *Legacy) SetupHTTP(mux *http.ServeMux) {
++	mux.Handle("/", lis)
+ }
  func (lis *Legacy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
  	username := r.Header.Get("X-Auth-User")
--	info, ok := lis.tokens[username]
++	userInfo, ok := lis.users[username]
  	if !ok {
  		w.WriteHeader(http.StatusUnauthorized)
  		return
+ 	}
  	auth_key := r.Header.Get("X-Auth-Key")
--	if auth_key != info.secret {
++	if auth_key != userInfo.secret {
  		w.WriteHeader(http.StatusUnauthorized)
  		return
+ 	}
++	if userInfo.Token == "" {
++		userInfo.Token = randomHexToken()
++		lis.users[username] = userInfo
++	}
  	header := w.Header()
--	header.Set("X-Auth-Token", info.token)
++	header.Set("X-Auth-Token", userInfo.Token)
  	header.Set("X-Server-Management-Url", lis.managementURL+"/compute")
  	header.Set("X-Storage-Url", lis.managementURL+"/object-store")
  	w.WriteHeader(http.StatusNoContent)
 === modified file 'testservices/identityservice/legacy_test.go'
 --- testservices/identityservice/legacy_test.go	2012-12-21 05:07:39 +0000
 +++ testservices/identityservice/legacy_test.go	2013-01-24 03:17:22 +0000
@@ -19,9 +19,10 @@
  	// Ensure that it conforms to the interface
  	var _ IdentityService = identity
  	identity.SetManagementURL(managementURL)
--	s.Mux.Handle("/", identity)
++	identity.SetupHTTP(s.Mux)
  	if user != "" {
--		token = identity.AddUser(user, secret)
++		userInfo := identity.AddUser(user, secret, "tenant")
++		token = userInfo.Token
+ 	}
  	return
+ }
 === modified file 'testservices/identityservice/service_test.go'
 --- testservices/identityservice/service_test.go	2012-11-11 15:29:52 +0000
 +++ testservices/identityservice/service_test.go	2013-01-24 03:17:22 +0000
@@ -17,7 +17,7 @@
  var _ = Suite(&IdentityServiceSuite{service: NewLegacy()})
  func (s *IdentityServiceSuite) TestAddUserGivesNewToken(c *C) {
--	token1 := s.service.AddUser("user-1", "password-1")
--	token2 := s.service.AddUser("user-2", "password-2")
--	c.Assert(token1, Not(Equals), token2)
++	userInfo1 := s.service.AddUser("user-1", "password-1", "tenant")
++	userInfo2 := s.service.AddUser("user-2", "password-2", "tenant")
++	c.Assert(userInfo1.Token, Not(Equals), userInfo2.Token)
+ }
 === modified file 'testservices/identityservice/userpass.go'
 --- testservices/identityservice/userpass.go	2012-12-21 04:10:14 +0000
 +++ testservices/identityservice/userpass.go	2013-01-24 03:17:22 +0000
@@ -135,25 +135,25 @@
  }`
  type UserPass struct {
--	users    map[string]UserInfo
++	Users
  	services []Service
+ }
  func NewUserPass() *UserPass {
  	userpass := &UserPass{
--		users:    make(map[string]UserInfo),
  		services: make([]Service, 0),
+ 	}
++	userpass.users = make(map[string]UserInfo)
++	userpass.tenants = make(map[string]string)
  	return userpass
+ }
--func (u *UserPass) AddUser(user, secret string) string {
--	token := randomHexToken()
--	u.users[user] = UserInfo{secret: secret, token: token}
--	return token
++func (u *UserPass) RegisterServiceProvider(name, serviceType string, serviceProvider ServiceProvider) {
++	service := Service{name, serviceType, serviceProvider.Endpoints()}
++	u.addService(service)
+ }
--func (u *UserPass) AddService(service Service) {
++func (u *UserPass) addService(service Service) {
  	u.services = append(u.services, service)
+ }
@@ -189,8 +189,6 @@
  	notJSON = ("Expecting to find application/json in Content-Type header." +
  		" The server could not comply with the request since it is either malformed" +
  		" or otherwise incorrect. The client is assumed to be in error.")
--	notAuthorized = "The request you have made requires authentication."
--	invalidUser   = "Invalid user / password"
+ )
  func (u *UserPass) ServeHTTP(w http.ResponseWriter, r *http.Request) {
@@ -210,13 +208,9 @@
  			return
+ 		}
+ 	}
--	userInfo, ok := u.users[req.Auth.PasswordCredentials.Username]
--	if !ok {
--		u.ReturnFailure(w, http.StatusUnauthorized, notAuthorized)
--		return
--	}
--	if userInfo.secret != req.Auth.PasswordCredentials.Password {
--		u.ReturnFailure(w, http.StatusUnauthorized, invalidUser)
++	userInfo, errmsg := u.authenticate(req.Auth.PasswordCredentials.Username, req.Auth.PasswordCredentials.Password)
++	if errmsg != "" {
++		u.ReturnFailure(w, http.StatusUnauthorized, errmsg)
  		return
+ 	}
  	res := AccessResponse{}
@@ -228,7 +222,9 @@
  		return
+ 	}
  	res.Access.ServiceCatalog = u.services
--	res.Access.Token.Id = userInfo.token
++	res.Access.Token.Id = userInfo.Token
++	res.Access.Token.Tenant.Id = userInfo.TenantId
++	res.Access.User.Id = userInfo.Id
  	if content, err := json.Marshal(res); err != nil {
  		u.ReturnFailure(w, http.StatusInternalServerError, err.Error())
  		return
@@ -239,3 +235,8 @@
+ 	}
  	panic("All paths should have already returned")
+ }
++
++// setupHTTP attaches all the needed handlers to provide the HTTP API.
++func (u *UserPass) SetupHTTP(mux *http.ServeMux) {
++	mux.Handle("/tokens", u)
++}
 === modified file 'testservices/identityservice/userpass_test.go'
 --- testservices/identityservice/userpass_test.go	2012-11-16 16:39:16 +0000
 +++ testservices/identityservice/userpass_test.go	2013-01-24 03:17:22 +0000
@@ -16,30 +16,30 @@
  var _ = Suite(&UserPassSuite{})
--func makeUserPass(user, secret string) (identity *UserPass, token string) {
++func makeUserPass(user, secret string) (identity *UserPass) {
  	identity = NewUserPass()
  	// Ensure that it conforms to the interface
  	var _ IdentityService = identity
  	if user != "" {
--		token = identity.AddUser(user, secret)
++		identity.AddUser(user, secret, "tenant")
+ 	}
  	return
+ }
--func (s *UserPassSuite) setupUserPass(user, secret string) (token string) {
++func (s *UserPassSuite) setupUserPass(user, secret string) {
  	var identity *UserPass
--	identity, token = makeUserPass(user, secret)
--	s.Mux.Handle("/", identity)
++	identity = makeUserPass(user, secret)
++	identity.SetupHTTP(s.Mux)
  	return
+ }
--func (s *UserPassSuite) setupUserPassWithServices(user, secret string, services []Service) (token string) {
++func (s *UserPassSuite) setupUserPassWithServices(user, secret string, services []Service) {
  	var identity *UserPass
--	identity, token = makeUserPass(user, secret)
++	identity = makeUserPass(user, secret)
  	for _, service := range services {
--		identity.AddService(service)
++		identity.addService(service)
+ 	}
--	s.Mux.Handle("/", identity)
++	identity.SetupHTTP(s.Mux)
  	return
+ }
@@ -56,7 +56,7 @@
  func userPassAuthRequest(URL, user, key string) (*http.Response, error) {
  	client := &http.Client{}
  	body := strings.NewReader(fmt.Sprintf(authTemplate, user, key))
--	request, err := http.NewRequest("POST", URL, body)
++	request, err := http.NewRequest("POST", URL+"/tokens", body)
  	request.Header.Set("Content-Type", "application/json")
  	if err != nil {
  		return nil, err
@@ -81,11 +81,10 @@
  func (s *UserPassSuite) TestNotJSON(c *C) {
  	// We do everything in userPassAuthRequest, except set the Content-Type
--	token := s.setupUserPass("user", "secret")
--	c.Assert(token, NotNil)
++	s.setupUserPass("user", "secret")
  	client := &http.Client{}
  	body := strings.NewReader(fmt.Sprintf(authTemplate, "user", "secret"))
--	request, err := http.NewRequest("POST", s.Server.URL, body)
++	request, err := http.NewRequest("POST", s.Server.URL+"/tokens", body)
  	c.Assert(err, IsNil)
  	res, err := client.Do(request)
  	defer res.Body.Close()
@@ -95,8 +94,7 @@
  func (s *UserPassSuite) TestBadJSON(c *C) {
  	// We do everything in userPassAuthRequest, except set the Content-Type
--	token := s.setupUserPass("user", "secret")
--	c.Assert(token, NotNil)
++	s.setupUserPass("user", "secret")
  	res, err := userPassAuthRequest(s.Server.URL, "garbage\"in", "secret")
  	defer res.Body.Close()
  	c.Assert(err, IsNil)
@@ -104,8 +102,7 @@
+ }
  func (s *UserPassSuite) TestNoSuchUser(c *C) {
--	token := s.setupUserPass("user", "secret")
--	c.Assert(token, NotNil)
++	s.setupUserPass("user", "secret")
  	res, err := userPassAuthRequest(s.Server.URL, "not-user", "secret")
  	defer res.Body.Close()
  	c.Assert(err, IsNil)
@@ -113,8 +110,7 @@
+ }
  func (s *UserPassSuite) TestBadPassword(c *C) {
--	token := s.setupUserPass("user", "secret")
--	c.Assert(token, NotNil)
++	s.setupUserPass("user", "secret")
  	res, err := userPassAuthRequest(s.Server.URL, "user", "not-secret")
  	defer res.Body.Close()
  	c.Assert(err, IsNil)
@@ -123,11 +119,10 @@
  func (s *UserPassSuite) TestValidAuthorization(c *C) {
  	compute_url := "http://testing.invalid/compute"
--	token := s.setupUserPassWithServices("user", "secret", []Service{
++	s.setupUserPassWithServices("user", "secret", []Service{
  		{"nova", "compute", []Endpoint{
  			{PublicURL: compute_url},
  		}}})
--	c.Assert(token, NotNil)
  	res, err := userPassAuthRequest(s.Server.URL, "user", "secret")
  	defer res.Body.Close()
  	c.Assert(err, IsNil)
@@ -138,7 +133,7 @@
  	var response AccessResponse
  	err = json.Unmarshal(content, &response)
  	c.Assert(err, IsNil)
--	c.Check(response.Access.Token.Id, Equals, token)
++	c.Check(response.Access.Token.Id, NotNil)
  	novaURL := ""
  	for _, service := range response.Access.ServiceCatalog {
  		if service.Type == "compute" {
 === added file 'testservices/identityservice/users.go'
 --- testservices/identityservice/users.go	1970-01-01 00:00:00 +0000
 +++ testservices/identityservice/users.go	2013-01-24 03:17:22 +0000
@@ -0,0 +1,63 @@
++package identityservice
++
++import (
++	"fmt"
++	"strconv"
++)
++
++type Users struct {
++	nextUserId   int
++	nextTenantId int
++	users        map[string]UserInfo
++	tenants      map[string]string
++}
++
++func (u *Users) addTenant(tenant string) string {
++	for id, tenantName := range u.tenants {
++		if tenant == tenantName {
++			return id
++		}
++	}
++	u.nextTenantId++
++	id := strconv.Itoa(u.nextTenantId)
++	u.tenants[id] = tenant
++	return id
++}
++
++func (u *Users) AddUser(user, secret, tenant string) *UserInfo {
++	tenantId := u.addTenant(tenant)
++	u.nextUserId++
++	userInfo := &UserInfo{secret: secret, Id: strconv.Itoa(u.nextUserId), TenantId: tenantId}
++	u.users[user] = *userInfo
++	userInfo, _ = u.authenticate(user, secret)
++	return userInfo
++}
++
++func (u *Users) FindUser(token string) (*UserInfo, error) {
++	for _, userInfo := range u.users {
++		if userInfo.Token == token {
++			return &userInfo, nil
++		}
++	}
++	return nil, fmt.Errorf("No user with token %v exists", token)
++}
++
++const (
++	notAuthorized = "The request you have made requires authentication."
++	invalidUser   = "Invalid user / password"
++)
++
++func (u *Users) authenticate(username, password string) (*UserInfo, string) {
++	userInfo, ok := u.users[username]
++	if !ok {
++		return nil, notAuthorized
++	}
++	if userInfo.secret != password {
++		return nil, invalidUser
++	}
++	if userInfo.Token == "" {
++		userInfo.Token = randomHexToken()
++		u.users[username] = userInfo
++	}
++	return &userInfo, ""
++}
 === modified file 'testservices/identityservice/util.go'
 --- testservices/identityservice/util.go	2012-11-23 03:05:16 +0000
 +++ testservices/identityservice/util.go	2013-01-24 03:17:22 +0000
@@ -7,8 +7,10 @@
+ )
  type UserInfo struct {
--	secret string
--	token  string
++	Id       string
++	TenantId string
++	Token    string
++	secret   string
+ }
  // Generate a bit of random hex data for
 === modified file 'testservices/novaservice/service.go'
 --- testservices/novaservice/service.go	2013-01-21 23:57:31 +0000
 +++ testservices/novaservice/service.go	2013-01-24 03:17:22 +0000
@@ -5,12 +5,19 @@
  import (
  	"fmt"
  	"launchpad.net/goose/nova"
++	"launchpad.net/goose/testservices"
++	"launchpad.net/goose/testservices/identityservice"
++	"net/url"
  	"strings"
+ )
++var _ testservices.HttpService = (*Nova)(nil)
++var _ identityservice.ServiceProvider = (*Nova)(nil)
++
  // Nova implements a OpenStack Nova testing service and
  // contains the service double's internal state.
  type Nova struct {
++	testservices.ServiceInstance
  	flavors                   map[string]nova.FlavorDetail
  	servers                   map[string]nova.ServerDetail
  	groups                    map[int]nova.SecurityGroup
@@ -18,11 +25,6 @@
  	floatingIPs               map[int]nova.FloatingIP
  	serverGroups              map[string][]int
  	serverIPs                 map[string][]int
--	hostname                  string
--	versionPath               string
--	token                     string
--	tenantId                  string
--	userId                    string
  	nextGroupId               int
  	nextRuleId                int
  	nextIPId                  int
@@ -31,17 +33,35 @@
  // endpoint returns either a versioned or non-versioned service
  // endpoint URL from the given path.
--func (n *Nova) endpoint(version bool, path string) string {
--	ep := "http://" + n.hostname
++func (n *Nova) endpointURL(version bool, path string) string {
++	ep := "http://" + n.Hostname
  	if version {
--		ep += n.versionPath + "/"
--	}
--	ep += n.tenantId + "/" + strings.TrimLeft(path, "/")
++		ep += n.VersionPath + "/"
++	}
++	ep += n.TenantId
++	if path != "" {
++		ep += "/" + strings.TrimLeft(path, "/")
++	}
  	return ep
+ }
++func (n *Nova) Endpoints() []identityservice.Endpoint {
++	ep := identityservice.Endpoint{
++		AdminURL:    n.endpointURL(true, ""),
++		InternalURL: n.endpointURL(true, ""),
++		PublicURL:   n.endpointURL(true, ""),
++		Region:      n.Region,
++	}
++	return []identityservice.Endpoint{ep}
++}
++
  // New creates an instance of the Nova object, given the parameters.
--func New(hostname, versionPath, token, tenantId string) *Nova {
++func New(hostURL, versionPath, tenantId, region string, identityService identityservice.IdentityService) *Nova {
++	url, err := url.Parse(hostURL)
++	if err != nil {
++		panic(err)
++	}
++	hostname := url.Host
  	if !strings.HasSuffix(hostname, "/") {
  		hostname += "/"
+ 	}
@@ -62,17 +82,19 @@
  		floatingIPs:  make(map[int]nova.FloatingIP),
  		serverGroups: make(map[string][]int),
  		serverIPs:    make(map[string][]int),
--		hostname:     hostname,
--		versionPath:  versionPath,
--		token:        token,
--		tenantId:     tenantId,
--		// TODO(wallyworld): Identity service double currently hard codes all user ids to "14". This should be fixed
--		// in the identity service but the fix will result in an API change which will break juju-core. So for now
--		// we will also hard code it here too.
--		userId: "14",
  		// The following attribute controls whether rate limit responses are sent back to the caller.
  		// This is switched off when we want to ensure the client eventually gets a proper response.
  		sendFakeRateLimitResponse: true,
++		ServiceInstance: testservices.ServiceInstance{
++			IdentityService: identityService,
++			Hostname:        hostname,
++			VersionPath:     versionPath,
++			TenantId:        tenantId,
++			Region:          region,
++		},
++	}
++	if identityService != nil {
++		identityService.RegisterServiceProvider("nova", "compute", nova)
+ 	}
  	for i, flavor := range defaultFlavors {
  		nova.buildFlavorLinks(&flavor)
@@ -97,8 +119,8 @@
  func (n *Nova) buildFlavorLinks(flavor *nova.FlavorDetail) {
  	url := "/flavors/" + flavor.Id
  	flavor.Links = []nova.Link{
--		nova.Link{Href: n.endpoint(true, url), Rel: "self"},
--		nova.Link{Href: n.endpoint(false, url), Rel: "bookmark"},
++		nova.Link{Href: n.endpointURL(true, url), Rel: "self"},
++		nova.Link{Href: n.endpointURL(false, url), Rel: "bookmark"},
+ 	}
+ }
@@ -170,8 +192,8 @@
  func (n *Nova) buildServerLinks(server *nova.ServerDetail) {
  	url := "/servers/" + server.Id
  	server.Links = []nova.Link{
--		nova.Link{Href: n.endpoint(true, url), Rel: "self"},
--		nova.Link{Href: n.endpoint(false, url), Rel: "bookmark"},
++		nova.Link{Href: n.endpointURL(true, url), Rel: "self"},
++		nova.Link{Href: n.endpointURL(false, url), Rel: "bookmark"},
+ 	}
+ }
@@ -280,7 +302,7 @@
  	if _, err := n.securityGroup(group.Id); err == nil {
  		return fmt.Errorf("a security group with id %d already exists", group.Id)
+ 	}
--	group.TenantId = n.tenantId
++	group.TenantId = n.TenantId
  	if group.Rules == nil {
  		group.Rules = []nova.SecurityGroupRule{}
+ 	}
 === modified file 'testservices/novaservice/service_http.go'
 --- testservices/novaservice/service_http.go	2013-01-22 18:14:51 +0000
 +++ testservices/novaservice/service_http.go	2013-01-24 03:17:22 +0000
@@ -9,6 +9,7 @@
  	"io"
  	"io/ioutil"
  	"launchpad.net/goose/nova"
++	"launchpad.net/goose/testservices/identityservice"
  	"net/http"
  	"path"
  	"strconv"
@@ -228,7 +229,7 @@
  	body := e.body
  	if body != "" {
  		if e.nova != nil {
--			body = strings.Replace(body, "$ENDPOINT$", e.nova.endpoint(true, "/"), -1)
++			body = strings.Replace(body, "$ENDPOINT$", e.nova.endpointURL(true, "/"), -1)
+ 		}
  		body = strings.Replace(body, "$URL$", url, -1)
  		body = strings.Replace(body, "$ERROR$", e.Error(), -1)
@@ -264,10 +265,15 @@
  	method func(n *Nova, w http.ResponseWriter, r *http.Request) error
+ }
++func userInfo(i identityservice.IdentityService, r *http.Request) (*identityservice.UserInfo, error) {
++	return i.FindUser(r.Header.Get(authToken))
++}
++
  func (h *novaHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
  	path := r.URL.Path
  	// handle invalid X-Auth-Token header
--	if r.Header.Get(authToken) != h.n.token {
++	_, err := userInfo(h.n.IdentityService, r)
++	if err != nil {
  		errUnauthorized.ServeHTTP(w, r)
  		return
+ 	}
@@ -276,7 +282,7 @@
  		errNotFound.ServeHTTP(w, r)
  		return
+ 	}
--	err := h.method(h.n, w, r)
++	err = h.method(h.n, w, r)
  	if err == nil {
  		return
+ 	}
@@ -541,7 +547,7 @@
  				continue
+ 			}
  			if sg, err := n.securityGroupByName(groupName); err != nil {
--				return noGroupError(groupName, n.tenantId)
++				return noGroupError(groupName, n.TenantId)
  			} else {
  				groups = append(groups, sg.Id)
+ 			}
@@ -553,11 +559,12 @@
  	flavorEnt := nova.Entity{Id: flavor.Id, Links: flavor.Links}
  	image := nova.Entity{Id: req.Server.ImageRef}
  	timestr := time.Now().Format(time.RFC3339)
++	userInfo, _ := userInfo(n.IdentityService, r)
  	server := nova.ServerDetail{
  		Id:       id,
  		Name:     req.Server.Name,
--		TenantId: n.tenantId,
--		UserId:   n.userId,
++		TenantId: n.TenantId,
++		UserId:   userInfo.Id,
  		HostId:   "1",
  		Image:    image,
  		Flavor:   flavorEnt,
@@ -787,7 +794,7 @@
  				Id:          nextId,
  				Name:        req.Group.Name,
  				Description: req.Group.Description,
--				TenantId:    n.tenantId,
++				TenantId:    n.TenantId,
  			})
  			if err != nil {
  				return err
@@ -970,8 +977,8 @@
  		"/$v/$t/os-floating-ips":         n.handler((*Nova).handleFloatingIPs),
+ 	}
  	for path, h := range handlers {
--		path = strings.Replace(path, "$v", n.versionPath, 1)
--		path = strings.Replace(path, "$t", n.tenantId, 1)
++		path = strings.Replace(path, "$v", n.VersionPath, 1)
++		path = strings.Replace(path, "$t", n.TenantId, 1)
  		if !strings.HasSuffix(path, "/") {
  			mux.Handle(path+"/", h)
+ 		}
 === modified file 'testservices/novaservice/service_http_test.go'
 --- testservices/novaservice/service_http_test.go	2013-01-22 18:14:51 +0000
 +++ testservices/novaservice/service_http_test.go	2013-01-24 03:17:22 +0000
@@ -10,8 +10,8 @@
  	. "launchpad.net/gocheck"
  	"launchpad.net/goose/nova"
  	"launchpad.net/goose/testing/httpsuite"
++	"launchpad.net/goose/testservices/identityservice"
  	"net/http"
--	"net/url"
  	"strconv"
  	"strings"
+ )
@@ -19,14 +19,17 @@
  type NovaHTTPSuite struct {
  	httpsuite.HTTPSuite
  	service *Nova
++	token   string
+ }
  var _ = Suite(&NovaHTTPSuite{})
  func (s *NovaHTTPSuite) SetUpSuite(c *C) {
  	s.HTTPSuite.SetUpSuite(c)
--	url, _ := url.Parse(s.Server.URL)
--	s.service = New(url.Host, versionPath, token, tenantId)
++	identityDouble := identityservice.NewUserPass()
++	userInfo := identityDouble.AddUser("fred", "secret", "tenant")
++	s.token = userInfo.Token
++	s.service = New(s.Server.URL, versionPath, userInfo.TenantId, region, identityDouble)
+ }
  func (s *NovaHTTPSuite) TearDownSuite(c *C) {
@@ -68,8 +71,8 @@
  // sendRequest constructs an HTTP request from the parameters and
  // sends it, returning the response or an error.
  func (s *NovaHTTPSuite) sendRequest(method, url string, body []byte, headers http.Header) (*http.Response, error) {
--	if !strings.HasPrefix(url, "http") { //s.service.hostname) {
--		url = "http://" + s.service.hostname + strings.TrimLeft(url, "/")
++	if !strings.HasPrefix(url, "http") {
++		url = "http://" + s.service.Hostname + strings.TrimLeft(url, "/")
+ 	}
  	req, err := http.NewRequest(method, url, bytes.NewReader(body))
  	if err != nil {
@@ -91,8 +94,8 @@
  	if headers == nil {
  		headers = make(http.Header)
+ 	}
--	headers.Set(authToken, s.service.token)
--	url := s.service.endpoint(true, path)
++	headers.Set(authToken, s.token)
++	url := s.service.endpointURL(true, path)
  	return s.sendRequest(method, url, body, headers)
+ }
@@ -114,339 +117,345 @@
  	return h
+ }
--// simpleTests defines a simple request without a body and expected response.
--var simpleTests = []struct {
++// SimpleTest defines a simple request without a body and expected response.
++type SimpleTest struct {
  	unauth  bool
  	method  string
  	url     string
  	headers http.Header
  	expect  *errorResponse
--}{
--	{
--		unauth:  true,
--		method:  "GET",
--		url:     "/any",
--		headers: make(http.Header),
--		expect:  errUnauthorized,
--	},
--	{
--		unauth:  true,
--		method:  "POST",
--		url:     "/any",
--		headers: setHeader(authToken, "phony"),
--		expect:  errUnauthorized,
--	},
--	{
--		unauth:  true,
--		method:  "GET",
--		url:     "/",
--		headers: setHeader(authToken, token),
--		expect:  errNoVersion,
--	},
--	{
--		unauth:  true,
--		method:  "GET",
--		url:     "/any",
--		headers: setHeader(authToken, token),
--		expect:  errMultipleChoices,
--	},
--	{
--		unauth:  true,
--		method:  "POST",
--		url:     "/any/unknown/one",
--		headers: setHeader(authToken, token),
--		expect:  errMultipleChoices,
--	},
--	{
--		method: "POST",
--		url:    "/any/unknown/one",
--		expect: errNotFound,
--	},
--	{
--		unauth:  true,
--		method:  "GET",
--		url:     versionPath + "/phony_token",
--		headers: setHeader(authToken, token),
--		expect:  errBadRequest,
--	},
--	{
--		method: "GET",
--		url:    "/flavors/",
--		expect: errNotFound,
--	},
--	{
--		method: "GET",
--		url:    "/flavors/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "POST",
--		url:    "/flavors",
--		expect: errBadRequest2,
--	},
--	{
--		method: "POST",
--		url:    "/flavors/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/flavors",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/flavors/invalid",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "DELETE",
--		url:    "/flavors",
--		expect: errNotFound,
--	},
--	{
--		method: "DELETE",
--		url:    "/flavors/invalid",
--		expect: errForbidden,
--	},
--	{
--		method: "GET",
--		url:    "/flavors/detail/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "POST",
--		url:    "/flavors/detail",
--		expect: errNotFound,
--	},
--	{
--		method: "POST",
--		url:    "/flavors/detail/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/flavors/detail",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "PUT",
--		url:    "/flavors/detail/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "DELETE",
--		url:    "/flavors/detail",
--		expect: errForbidden,
--	},
--	{
--		method: "DELETE",
--		url:    "/flavors/detail/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "GET",
--		url:    "/servers/invalid",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "POST",
--		url:    "/servers",
--		expect: errBadRequest2,
--	},
--	{
--		method: "POST",
--		url:    "/servers/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/servers",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/servers/invalid",
--		expect: errBadRequest2,
--	},
--	{
--		method: "DELETE",
--		url:    "/servers",
--		expect: errNotFound,
--	},
--	{
--		method: "DELETE",
--		url:    "/servers/invalid",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "GET",
--		url:    "/servers/detail/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "POST",
--		url:    "/servers/detail",
--		expect: errNotFound,
--	},
--	{
--		method: "POST",
--		url:    "/servers/detail/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/servers/detail",
--		expect: errBadRequest2,
--	},
--	{
--		method: "PUT",
--		url:    "/servers/detail/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "DELETE",
--		url:    "/servers/detail",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "DELETE",
--		url:    "/servers/detail/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "GET",
--		url:    "/os-security-groups/invalid",
--		expect: errBadRequestSG,
--	},
--	{
--		method: "GET",
--		url:    "/os-security-groups/42",
--		expect: errNotFoundJSONSG,
--	},
--	{
--		method: "POST",
--		url:    "/os-security-groups",
--		expect: errBadRequest2,
--	},
--	{
--		method: "POST",
--		url:    "/os-security-groups/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/os-security-groups",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/os-security-groups/invalid",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "DELETE",
--		url:    "/os-security-groups",
--		expect: errNotFound,
--	},
--	{
--		method: "DELETE",
--		url:    "/os-security-groups/invalid",
--		expect: errBadRequestSG,
--	},
--	{
--		method: "DELETE",
--		url:    "/os-security-groups/42",
--		expect: errNotFoundJSONSG,
--	},
--	{
--		method: "GET",
--		url:    "/os-security-group-rules",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "GET",
--		url:    "/os-security-group-rules/invalid",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "GET",
--		url:    "/os-security-group-rules/42",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "POST",
--		url:    "/os-security-group-rules",
--		expect: errBadRequest2,
--	},
--	{
--		method: "POST",
--		url:    "/os-security-group-rules/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/os-security-group-rules",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/os-security-group-rules/invalid",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "DELETE",
--		url:    "/os-security-group-rules",
--		expect: errNotFound,
--	},
--	{
--		method: "DELETE",
--		url:    "/os-security-group-rules/invalid",
--		expect: errBadRequestSG, // sic; should've been rule-specific
--	},
--	{
--		method: "DELETE",
--		url:    "/os-security-group-rules/42",
--		expect: errNotFoundJSONSGR,
--	},
--	{
--		method: "GET",
--		url:    "/os-floating-ips/42",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "POST",
--		url:    "/os-floating-ips/invalid",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/os-floating-ips",
--		expect: errNotFound,
--	},
--	{
--		method: "PUT",
--		url:    "/os-floating-ips/invalid",
--		expect: errNotFoundJSON,
--	},
--	{
--		method: "DELETE",
--		url:    "/os-floating-ips",
--		expect: errNotFound,
--	},
--	{
--		method: "DELETE",
--		url:    "/os-floating-ips/invalid",
--		expect: errNotFoundJSON,
--	},
++}
++
++func (s *NovaHTTPSuite) simpleTests() []SimpleTest {
++	var simpleTests = []SimpleTest{
++		{
++			unauth:  true,
++			method:  "GET",
++			url:     "/any",
++			headers: make(http.Header),
++			expect:  errUnauthorized,
++		},
++		{
++			unauth:  true,
++			method:  "POST",
++			url:     "/any",
++			headers: setHeader(authToken, "phony"),
++			expect:  errUnauthorized,
++		},
++		{
++			unauth:  true,
++			method:  "GET",
++			url:     "/",
++			headers: setHeader(authToken, s.token),
++			expect:  errNoVersion,
++		},
++		{
++			unauth:  true,
++			method:  "GET",
++			url:     "/any",
++			headers: setHeader(authToken, s.token),
++			expect:  errMultipleChoices,
++		},
++		{
++			unauth:  true,
++			method:  "POST",
++			url:     "/any/unknown/one",
++			headers: setHeader(authToken, s.token),
++			expect:  errMultipleChoices,
++		},
++		{
++			method: "POST",
++			url:    "/any/unknown/one",
++			expect: errNotFound,
++		},
++		{
++			unauth:  true,
++			method:  "GET",
++			url:     versionPath + "/phony_token",
++			headers: setHeader(authToken, s.token),
++			expect:  errBadRequest,
++		},
++		{
++			method: "GET",
++			url:    "/flavors/",
++			expect: errNotFound,
++		},
++		{
++			method: "GET",
++			url:    "/flavors/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "POST",
++			url:    "/flavors",
++			expect: errBadRequest2,
++		},
++		{
++			method: "POST",
++			url:    "/flavors/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/flavors",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/flavors/invalid",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "DELETE",
++			url:    "/flavors",
++			expect: errNotFound,
++		},
++		{
++			method: "DELETE",
++			url:    "/flavors/invalid",
++			expect: errForbidden,
++		},
++		{
++			method: "GET",
++			url:    "/flavors/detail/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "POST",
++			url:    "/flavors/detail",
++			expect: errNotFound,
++		},
++		{
++			method: "POST",
++			url:    "/flavors/detail/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/flavors/detail",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "PUT",
++			url:    "/flavors/detail/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "DELETE",
++			url:    "/flavors/detail",
++			expect: errForbidden,
++		},
++		{
++			method: "DELETE",
++			url:    "/flavors/detail/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "GET",
++			url:    "/servers/invalid",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "POST",
++			url:    "/servers",
++			expect: errBadRequest2,
++		},
++		{
++			method: "POST",
++			url:    "/servers/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/servers",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/servers/invalid",
++			expect: errBadRequest2,
++		},
++		{
++			method: "DELETE",
++			url:    "/servers",
++			expect: errNotFound,
++		},
++		{
++			method: "DELETE",
++			url:    "/servers/invalid",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "GET",
++			url:    "/servers/detail/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "POST",
++			url:    "/servers/detail",
++			expect: errNotFound,
++		},
++		{
++			method: "POST",
++			url:    "/servers/detail/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/servers/detail",
++			expect: errBadRequest2,
++		},
++		{
++			method: "PUT",
++			url:    "/servers/detail/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "DELETE",
++			url:    "/servers/detail",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "DELETE",
++			url:    "/servers/detail/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "GET",
++			url:    "/os-security-groups/invalid",
++			expect: errBadRequestSG,
++		},
++		{
++			method: "GET",
++			url:    "/os-security-groups/42",
++			expect: errNotFoundJSONSG,
++		},
++		{
++			method: "POST",
++			url:    "/os-security-groups",
++			expect: errBadRequest2,
++		},
++		{
++			method: "POST",
++			url:    "/os-security-groups/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/os-security-groups",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/os-security-groups/invalid",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "DELETE",
++			url:    "/os-security-groups",
++			expect: errNotFound,
++		},
++		{
++			method: "DELETE",
++			url:    "/os-security-groups/invalid",
++			expect: errBadRequestSG,
++		},
++		{
++			method: "DELETE",
++			url:    "/os-security-groups/42",
++			expect: errNotFoundJSONSG,
++		},
++		{
++			method: "GET",
++			url:    "/os-security-group-rules",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "GET",
++			url:    "/os-security-group-rules/invalid",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "GET",
++			url:    "/os-security-group-rules/42",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "POST",
++			url:    "/os-security-group-rules",
++			expect: errBadRequest2,
++		},
++		{
++			method: "POST",
++			url:    "/os-security-group-rules/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/os-security-group-rules",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/os-security-group-rules/invalid",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "DELETE",
++			url:    "/os-security-group-rules",
++			expect: errNotFound,
++		},
++		{
++			method: "DELETE",
++			url:    "/os-security-group-rules/invalid",
++			expect: errBadRequestSG, // sic; should've been rule-specific
++		},
++		{
++			method: "DELETE",
++			url:    "/os-security-group-rules/42",
++			expect: errNotFoundJSONSGR,
++		},
++		{
++			method: "GET",
++			url:    "/os-floating-ips/42",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "POST",
++			url:    "/os-floating-ips/invalid",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/os-floating-ips",
++			expect: errNotFound,
++		},
++		{
++			method: "PUT",
++			url:    "/os-floating-ips/invalid",
++			expect: errNotFoundJSON,
++		},
++		{
++			method: "DELETE",
++			url:    "/os-floating-ips",
++			expect: errNotFound,
++		},
++		{
++			method: "DELETE",
++			url:    "/os-floating-ips/invalid",
++			expect: errNotFoundJSON,
++		},
++	}
++	return simpleTests
+ }
  func (s *NovaHTTPSuite) TestSimpleRequestTests(c *C) {
++	simpleTests := s.simpleTests()
  	for i, t := range simpleTests {
  		c.Logf("#%d. %s %s -> %d", i, t.method, t.url, t.expect.code)
  		if t.headers == nil {
  			t.headers = make(http.Header)
--			t.headers.Set(authToken, s.service.token)
++			t.headers.Set(authToken, s.token)
+ 		}
  		var (
  			resp *http.Response
@@ -780,13 +789,13 @@
+ 		{
  			Id:       1,
  			Name:     "group 1",
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  			Rules:    []nova.SecurityGroupRule{},
  		},
+ 		{
  			Id:       2,
  			Name:     "group 2",
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  			Rules:    []nova.SecurityGroupRule{},
  		},
+ 	}
@@ -816,7 +825,7 @@
  		Id:          1,
  		Name:        "group 1",
  		Description: "desc",
--		TenantId:    s.service.tenantId,
++		TenantId:    s.service.TenantId,
  		Rules:       []nova.SecurityGroupRule{},
+ 	}
  	_, err := s.service.securityGroup(group.Id)
@@ -890,7 +899,7 @@
  		ParentGroupId: group2.Id,
  		Group: nova.SecurityGroupRef{
  			Name:     group1.Name,
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  		},
+ 	}
  	ok := s.service.hasSecurityGroupRule(group1.Id, rule1.Id)
@@ -990,13 +999,13 @@
+ 		{
  			Id:       1,
  			Name:     "group1",
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  			Rules:    []nova.SecurityGroupRule{},
  		},
+ 		{
  			Id:       2,
  			Name:     "group2",
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  			Rules:    []nova.SecurityGroupRule{},
  		},
+ 	}
 === modified file 'testservices/novaservice/service_test.go'
 --- testservices/novaservice/service_test.go	2013-01-21 11:18:33 +0000
 +++ testservices/novaservice/service_test.go	2013-01-24 03:17:22 +0000
@@ -14,15 +14,14 @@
  const (
  	versionPath = "v2"
--	token       = "token"
--	hostname    = "example.com"
--	tenantId    = "tenant_id"
++	hostname    = "http://example.com"
++	region      = "region"
+ )
  var _ = Suite(&NovaSuite{})
  func (s *NovaSuite) SetUpSuite(c *C) {
--	s.service = New(hostname, versionPath, token, tenantId)
++	s.service = New(hostname, versionPath, "tenant", region, nil)
+ }
  func (s *NovaSuite) ensureNoFlavor(c *C, flavor nova.FlavorDetail) {
@@ -118,8 +117,8 @@
  	fl, _ := s.service.flavor(flavor.Id)
  	url := "/flavors/" + flavor.Id
  	links := []nova.Link{
--		nova.Link{Href: s.service.endpoint(true, url), Rel: "self"},
--		nova.Link{Href: s.service.endpoint(false, url), Rel: "bookmark"},
++		nova.Link{Href: s.service.endpointURL(true, url), Rel: "self"},
++		nova.Link{Href: s.service.endpointURL(false, url), Rel: "bookmark"},
+ 	}
  	c.Assert(fl.Links, DeepEquals, links)
+ }
@@ -214,8 +213,8 @@
  	sr, _ := s.service.server(server.Id)
  	url := "/servers/" + server.Id
  	links := []nova.Link{
--		{Href: s.service.endpoint(true, url), Rel: "self"},
--		{Href: s.service.endpoint(false, url), Rel: "bookmark"},
++		{Href: s.service.endpointURL(true, url), Rel: "self"},
++		{Href: s.service.endpointURL(false, url), Rel: "bookmark"},
+ 	}
  	c.Assert(sr.Links, DeepEquals, links)
+ }
@@ -456,7 +455,7 @@
  	group := nova.SecurityGroup{
  		Id:       1,
  		Name:     "test",
--		TenantId: s.service.tenantId,
++		TenantId: s.service.TenantId,
  		Rules: []nova.SecurityGroupRule{
  			{Id: 10, ParentGroupId: 1},
  			{Id: 20, ParentGroupId: 1},
@@ -492,13 +491,13 @@
+ 		{
  			Id:       1,
  			Name:     "one",
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  			Rules:    []nova.SecurityGroupRule{},
  		},
+ 		{
  			Id:       2,
  			Name:     "two",
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  			Rules:    []nova.SecurityGroupRule{},
  		},
+ 	}
@@ -514,7 +513,7 @@
  func (s *NovaSuite) TestGetSecurityGroup(c *C) {
  	group := nova.SecurityGroup{
  		Id:          42,
--		TenantId:    s.service.tenantId,
++		TenantId:    s.service.TenantId,
  		Name:        "group",
  		Description: "desc",
  		Rules:       []nova.SecurityGroupRule{},
@@ -529,7 +528,7 @@
  	group := nova.SecurityGroup{
  		Id:       1,
  		Name:     "test",
--		TenantId: s.service.tenantId,
++		TenantId: s.service.TenantId,
  		Rules:    []nova.SecurityGroupRule{},
+ 	}
  	s.ensureNoGroup(c, group)
@@ -600,7 +599,7 @@
+ }
  func (s *NovaSuite) TestAddGetGroupSecurityGroupRule(c *C) {
--	srcGroup := nova.SecurityGroup{Id: 1, Name: "source", TenantId: s.service.tenantId}
++	srcGroup := nova.SecurityGroup{Id: 1, Name: "source", TenantId: s.service.TenantId}
  	tgtGroup := nova.SecurityGroup{Id: 2, Name: "target"}
  	s.createGroup(c, srcGroup)
  	defer s.deleteGroup(c, srcGroup)
@@ -696,7 +695,7 @@
  	group := nova.SecurityGroup{
  		Id:       1,
  		Name:     "test",
--		TenantId: s.service.tenantId,
++		TenantId: s.service.TenantId,
+ 	}
  	s.createGroup(c, group)
  	defer s.deleteGroup(c, group)
@@ -800,13 +799,13 @@
+ 		{
  			Id:       1,
  			Name:     "gr1",
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  			Rules:    []nova.SecurityGroupRule{},
  		},
+ 		{
  			Id:       2,
  			Name:     "gr2",
--			TenantId: s.service.tenantId,
++			TenantId: s.service.TenantId,
  			Rules:    []nova.SecurityGroupRule{},
  		},
+ 	}
 === added directory 'testservices/openstack'
 === added file 'testservices/openstack/openstack.go'
 --- testservices/openstack/openstack.go	1970-01-01 00:00:00 +0000
 +++ testservices/openstack/openstack.go	2013-01-24 03:17:22 +0000
@@ -0,0 +1,38 @@
++package openstack
++
++import (
++	"launchpad.net/goose/identity"
++	"launchpad.net/goose/testservices/identityservice"
++	"launchpad.net/goose/testservices/novaservice"
++	"launchpad.net/goose/testservices/swiftservice"
++	"net/http"
++)
++
++// Openstack provides an Openstack service double implementation.
++type Openstack struct {
++	identity identityservice.IdentityService
++	nova     *novaservice.Nova
++	swift    *swiftservice.Swift
++}
++
++// New creates an instance of a full Openstack service double.
++// An initial user with the specified credentials is registered with the identity service.
++func New(cred *identity.Credentials) *Openstack {
++	openstack := Openstack{
++		identity: identityservice.NewUserPass(),
++	}
++	userInfo := openstack.identity.AddUser(cred.User, cred.Secrets, cred.TenantName)
++	if cred.TenantName == "" {
++		panic("Openstack service double requires a tenant to be specified.")
++	}
++	openstack.nova = novaservice.New(cred.URL, "v2", userInfo.TenantId, cred.Region, openstack.identity)
++	openstack.swift = swiftservice.New(cred.URL, "v1", userInfo.TenantId, cred.Region, openstack.identity)
++	return &openstack
++}
++
++// setupHTTP attaches all the needed handlers to provide the HTTP API for the Openstack service..
++func (openstack *Openstack) SetupHTTP(mux *http.ServeMux) {
++	openstack.identity.SetupHTTP(mux)
++	openstack.nova.SetupHTTP(mux)
++	openstack.swift.SetupHTTP(mux)
++}
 === added file 'testservices/service.go'
 --- testservices/service.go	1970-01-01 00:00:00 +0000
 +++ testservices/service.go	2013-01-24 03:17:22 +0000
@@ -0,0 +1,21 @@
++package testservices
++
++import (
++	"launchpad.net/goose/testservices/identityservice"
++	"net/http"
++)
++
++// An HttpService provides the HTTP API for a service double.
++type HttpService interface {
++	SetupHTTP(mux *http.ServeMux)
++}
++
++// A ServiceInstance is an Openstack module, one of nova, swift, glance.
++type ServiceInstance struct {
++	identityservice.ServiceProvider
++	IdentityService identityservice.IdentityService
++	Hostname        string
++	VersionPath     string
++	TenantId        string
++	Region          string
++}
 === modified file 'testservices/swiftservice/service.go'
 --- testservices/swiftservice/service.go	2012-12-17 01:30:20 +0000
 +++ testservices/swiftservice/service.go	2013-01-24 03:17:22 +0000
@@ -5,29 +5,67 @@
  import (
  	"fmt"
  	"launchpad.net/goose/swift"
++	"launchpad.net/goose/testservices"
++	"launchpad.net/goose/testservices/identityservice"
++	"net/url"
++	"strings"
  	"time"
+ )
  type object map[string][]byte
++var _ testservices.HttpService = (*Swift)(nil)
++var _ identityservice.ServiceProvider = (*Swift)(nil)
++
  type Swift struct {
++	testservices.ServiceInstance
  	containers map[string]object
--	hostname   string
--	baseURL    string
--	token      string
+ }
  // New creates an instance of the Swift object, given the parameters.
--func New(hostname, baseURL, token string) *Swift {
++func New(hostURL, versionPath, tenantId, region string, identityService identityservice.IdentityService) *Swift {
++	url, err := url.Parse(hostURL)
++	if err != nil {
++		panic(err)
++	}
++	hostname := url.Host
++	if !strings.HasSuffix(hostname, "/") {
++		hostname += "/"
++	}
  	swift := &Swift{
  		containers: make(map[string]object),
--		hostname:   hostname,
--		baseURL:    baseURL,
--		token:      token,
++		ServiceInstance: testservices.ServiceInstance{
++			IdentityService: identityService,
++			Hostname:        hostname,
++			VersionPath:     versionPath,
++			TenantId:        tenantId,
++			Region:          region,
++		},
++	}
++	if identityService != nil {
++		identityService.RegisterServiceProvider("swift", "object-store", swift)
+ 	}
  	return swift
+ }
++func (s *Swift) endpointURL(path string) string {
++	ep := "http://" + s.Hostname + s.VersionPath + "/" + s.TenantId
++	if path != "" {
++		ep += "/" + strings.TrimLeft(path, "/")
++	}
++	return ep
++}
++
++func (s *Swift) Endpoints() []identityservice.Endpoint {
++	ep := identityservice.Endpoint{
++		AdminURL:    s.endpointURL(""),
++		InternalURL: s.endpointURL(""),
++		PublicURL:   s.endpointURL(""),
++		Region:      s.Region,
++	}
++	return []identityservice.Endpoint{ep}
++}
++
  // HasContainer verifies the given container exists or not.
  func (s *Swift) HasContainer(name string) bool {
  	_, ok := s.containers[name]
@@ -119,5 +157,5 @@
  	if _, err := s.GetObject(container, object); err != nil {
  		return "", err
+ 	}
--	return fmt.Sprintf("%s%s%s/%s", s.hostname, s.baseURL, container, object), nil
++	return s.endpointURL(fmt.Sprintf("%s/%s", container, object)), nil
+ }
 === modified file 'testservices/swiftservice/service_http.go'
 --- testservices/swiftservice/service_http.go	2013-01-21 11:18:33 +0000
 +++ testservices/swiftservice/service_http.go	2013-01-24 03:17:22 +0000
@@ -4,6 +4,7 @@
  import (
  	"encoding/json"
++	"fmt"
  	"io/ioutil"
  	"net/http"
  	"strings"
@@ -143,16 +144,15 @@
  	// For public containers, the token is not required to access the files. For now, if the request
  	// does not provide a token, we will let it through and assume a public container is being accessed.
  	token := r.Header.Get("X-Auth-Token")
--	if token != "" && token != s.token {
++	_, err := s.IdentityService.FindUser(token)
++	if token != "" && err != nil {
  		w.WriteHeader(http.StatusUnauthorized)
  		return
+ 	}
--	path := r.URL.Path
--	if path[:len(s.baseURL)] == s.baseURL {
--		path = path[len(s.baseURL):]
--	}
--	path = strings.TrimRight(path, "/")
--	parts := strings.SplitN(path, "/", 2)
++	path := strings.TrimRight(r.URL.Path, "/")
++	path = strings.Trim(path, "/")
++	parts := strings.SplitN(path, "/", 4)
++	parts = parts[2:]
  	if len(parts) == 1 {
  		container := parts[0]
  		s.handleContainers(container, w, r)
@@ -164,3 +164,9 @@
  		panic("not implemented request: " + r.URL.Path)
+ 	}
+ }
++
++// setupHTTP attaches all the needed handlers to provide the HTTP API.
++func (s *Swift) SetupHTTP(mux *http.ServeMux) {
++	path := fmt.Sprintf("/%s/%s/", s.VersionPath, s.TenantId)
++	mux.Handle(path, s)
++}
 === modified file 'testservices/swiftservice/service_http_test.go'
 --- testservices/swiftservice/service_http_test.go	2012-12-20 05:47:11 +0000
 +++ testservices/swiftservice/service_http_test.go	2013-01-24 03:17:22 +0000
@@ -9,24 +9,29 @@
  	. "launchpad.net/gocheck"
  	"launchpad.net/goose/swift"
  	"launchpad.net/goose/testing/httpsuite"
++	"launchpad.net/goose/testservices/identityservice"
  	"net/http"
+ )
  type SwiftHTTPSuite struct {
  	httpsuite.HTTPSuite
--	service SwiftService
++	service *Swift
++	token   string
+ }
  var _ = Suite(&SwiftHTTPSuite{})
  func (s *SwiftHTTPSuite) SetUpSuite(c *C) {
  	s.HTTPSuite.SetUpSuite(c)
--	s.service = New(s.Server.URL, baseURL, token)
++	identityDouble := identityservice.NewUserPass()
++	s.service = New(s.Server.URL, versionPath, tenantId, region, identityDouble)
++	userInfo := identityDouble.AddUser("fred", "secret", "tenant")
++	s.token = userInfo.Token
+ }
  func (s *SwiftHTTPSuite) SetUpTest(c *C) {
  	s.HTTPSuite.SetUpTest(c)
--	s.Mux.Handle(baseURL, s.service)
++	s.service.SetupHTTP(s.Mux)
+ }
  func (s *SwiftHTTPSuite) TearDownTest(c *C) {
@@ -41,15 +46,15 @@
  	expectedStatusCode int) (resp *http.Response) {
  	var req *http.Request
  	var err error
--	url := s.Server.URL + baseURL + path
++	url := s.service.endpointURL(path)
  	if body != nil {
  		req, err = http.NewRequest(method, url, bytes.NewBuffer(body))
  	} else {
  		req, err = http.NewRequest(method, url, nil)
+ 	}
  	c.Assert(err, IsNil)
--	if token != "" {
--		req.Header.Add("X-Auth-Token", token)
++	if s.token != "" {
++		req.Header.Add("X-Auth-Token", s.token)
+ 	}
  	client := &http.Client{}
  	resp, err = client.Do(req)
@@ -250,16 +255,16 @@
+ }
  func (s *SwiftHTTPSuite) TestUnauthorizedFails(c *C) {
--	oldtoken := token
++	oldtoken := s.token
  	defer func() {
--		token = oldtoken
++		s.token = oldtoken
  	}()
  	// TODO(wallyworld) - until ACLs are supported, empty tokens are assumed to be used when
  	// we need to access a public container.
  	// token = ""
  	// s.sendRequest(c, "GET", "test", nil, http.StatusUnauthorized)
--	token = "invalid"
++	s.token = "invalid"
  	s.sendRequest(c, "PUT", "test", nil, http.StatusUnauthorized)
  	s.sendRequest(c, "DELETE", "test", nil, http.StatusUnauthorized)
 === modified file 'testservices/swiftservice/service_test.go'
 --- testservices/swiftservice/service_test.go	2012-12-17 01:30:20 +0000
 +++ testservices/swiftservice/service_test.go	2013-01-24 03:17:22 +0000
@@ -3,21 +3,23 @@
  package swiftservice
  import (
++	"fmt"
  	. "launchpad.net/gocheck"
+ )
  type SwiftServiceSuite struct {
--	service SwiftService
++	service *Swift
+ }
--var baseURL = "/v1/AUTH_tenant/"
--var token = "token"
--var hostname = "localhost" // not really used here
++var region = "region"             // not really used here
++var hostname = "http://localhost" // not really used here
++var versionPath = "v2"            // not really used here
++var tenantId = "tenant"           // not really used here
  var _ = Suite(&SwiftServiceSuite{})
  func (s *SwiftServiceSuite) SetUpSuite(c *C) {
--	s.service = New(hostname, baseURL, token)
++	s.service = New(hostname, versionPath, tenantId, region, nil)
+ }
  func (s *SwiftServiceSuite) TestAddHasRemoveContainer(c *C) {
@@ -76,9 +78,8 @@
  	err = s.service.AddObject("test", "obj", data)
  	c.Assert(err, IsNil)
  	url, err := s.service.GetURL("test", "obj")
--	path := baseURL + "test/obj"
  	c.Assert(err, IsNil)
--	c.Assert(url, Equals, hostname+path)
++	c.Assert(url, Equals, fmt.Sprintf("%s/%s/%s/test/obj", hostname, versionPath, tenantId))
  	err = s.service.RemoveContainer("test")
  	c.Assert(err, IsNil)
  	ok = s.service.HasContainer("test")
 === removed file 'testservices/swiftservice/swiftservice.go'
 --- testservices/swiftservice/swiftservice.go	2012-12-17 01:30:20 +0000
 +++ testservices/swiftservice/swiftservice.go	1970-01-01 00:00:00 +0000
@@ -1,40 +0,0 @@
--// Swift double testing service - mimics OpenStack Swift object
--// storage service for testing goose against close-to-live API.
--
--package swiftservice
--
--import (
--	"launchpad.net/goose/swift"
--	"net/http"
--)
--
--// SwiftService presents an direct-API to manipulate the internal
--// state, as well as an HTTP API double for OpenStack Swift.
--type SwiftService interface {
--	// AddContainer creates a new container with the given name.
--	AddContainer(name string) error
--
--	// AddObject creates a new named object in an existing container.
--	AddObject(container, name string, data []byte) error
--
--	// HasContainer verifies the given container exists or not.
--	HasContainer(name string) bool
--
--	// ListContainer lists the objects in the given container.
--	ListContainer(name string) ([]swift.ContainerContents, error)
--
--	// GetObject retrieves a given object's data from its container.
--	GetObject(container, name string) ([]byte, error)
--
--	// RemoveContainer deletes an existing named container.
--	RemoveContainer(name string) error
--
--	// RemoveObject deletes an existing named object, from its container.
--	RemoveObject(container, name string) error
--
--	// GetURL returns the named object's full public URL to get its data.
--	GetURL(container, object string) (string, error)
--
--	// ServeHTTP is the main entry point in the HTTP request processing.
--	ServeHTTP(w http.ResponseWriter, r *http.Request)
--}
 === modified file 'tools/secgroup-delete-all/main_test.go'
 --- tools/secgroup-delete-all/main_test.go	2013-01-22 18:46:31 +0000
 +++ tools/secgroup-delete-all/main_test.go	2013-01-24 03:17:22 +0000
@@ -7,8 +7,7 @@
  	"launchpad.net/goose/identity"
  	"launchpad.net/goose/nova"
  	"launchpad.net/goose/testing/httpsuite"
--	"launchpad.net/goose/testservices/identityservice"
--	"launchpad.net/goose/testservices/novaservice"
++	"launchpad.net/goose/testservices/openstack"
  	tool "launchpad.net/goose/tools/secgroup-delete-all"
  	"testing"
+ )
@@ -26,43 +25,28 @@
  type ToolSuite struct {
  	httpsuite.HTTPSuite
++	creds *identity.Credentials
+ }
  var _ = Suite(&ToolSuite{})
  // GZ 2013-01-21: Should require EnvSuite for this, but clashes with HTTPSuite
--func createNovaClient(auth_url string) *nova.Client {
--	creds := identity.Credentials{
--		URL:        auth_url,
++func createNovaClient(creds *identity.Credentials) *nova.Client {
++	osc := client.NewClient(creds, identity.AuthUserPass, nil)
++	return nova.New(osc)
++}
++
++func (s *ToolSuite) makeServices(c *C) *nova.Client {
++	creds := &identity.Credentials{
++		URL:        s.Server.URL,
  		User:       username,
  		Secrets:    password,
  		Region:     region,
  		TenantName: tenant,
+ 	}
--	osc := client.NewClient(&creds, identity.AuthUserPass, nil)
--	return nova.New(osc)
--}
--
--func (s *ToolSuite) makeServices(c *C) *nova.Client {
--	ident := identityservice.NewUserPass()
--	token := ident.AddUser(username, password)
--	// GZ 2013-01-21: Current novaservice double requires magic url like so
--	computeurl := s.Server.URL + "/v2.0/" + tenant
--	ident.AddService(identityservice.Service{
--		"nova",
--		"compute",
--		[]identityservice.Endpoint{
--			{
--				AdminURL:    computeurl,
--				InternalURL: computeurl,
--				PublicURL:   computeurl,
--				Region:      region,
--			},
--		}})
--	s.Mux.Handle("/tokens", ident)
--	comp := novaservice.New("unused.invalid", "v2.0", token, tenant)
--	comp.SetupHTTP(s.Mux)
--	return createNovaClient(s.Server.URL)
++	openstack := openstack.New(creds)
++	openstack.SetupHTTP(s.Mux)
++	return createNovaClient(creds)
+ }
  func (s *ToolSuite) TestNoGroups(c *C) {

Go OpenStack Exchange

Merge lp:~wallyworld/goose/service-double-improvements into lp:~gophers/goose/trunk

Commit message

Description of the change

Preview Diff

Subscribers