Merge branch 'master' of github.com:open-cloud/xos
diff --git a/xos/core/models/site.py b/xos/core/models/site.py
index e3c275f..42855a9 100644
--- a/xos/core/models/site.py
+++ b/xos/core/models/site.py
@@ -265,6 +265,13 @@
 
     def __unicode__(self):  return u'%s %s %s' % (self.name, self.backend_type, self.version)
 
+    @property
+    def auth_url_v3(self):
+        if self.auth_url and self.auth_url[-1] == '/':
+            return '{}/v3/'.format('/'.join(self.auth_url.split('/')[:-2]))
+        else:
+            return '{}/v3/'.format('/'.join(self.auth_url.split('/')[:-1]))
+
     @staticmethod
     def select_by_user(user):
 
diff --git a/xos/openstack/get_token.sh b/xos/openstack/get_token.sh
new file mode 100755
index 0000000..849f333
--- /dev/null
+++ b/xos/openstack/get_token.sh
@@ -0,0 +1,23 @@
+curl --insecure -X POST $ENDPOINT/auth/tokens \
+  -H "Content-type: application/json" \
+  -d '
+{ "auth": {
+    "identity": {
+      "methods": ["password"],
+      "password": {
+        "user": {
+          "name": "'$USERNAME'",
+          "domain": { "id": "'$DOMAIN'" },
+          "password": "'$PASSWORD'"
+        }
+      }
+    },
+    "scope": {
+      "project": {
+        "name": "'$TENANT'",
+        "domain": { "id": "'$DOMAIN'" }
+      }
+    }
+  }
+}' \
+  | grep X-Subject-Token | awk '{print $2;}'
diff --git a/xos/openstack_observer/steps/sync_controller_images.py b/xos/openstack_observer/steps/sync_controller_images.py
index 3434f01..153558e 100644
--- a/xos/openstack_observer/steps/sync_controller_images.py
+++ b/xos/openstack_observer/steps/sync_controller_images.py
@@ -26,8 +26,10 @@
 
     def map_inputs(self, controller_image):
         image_fields = {'endpoint':controller_image.controller.auth_url,
+                        'endpoint_v3': controller_image.controller.auth_url_v3,
                         'admin_user':controller_image.controller.admin_user,
                         'admin_password':controller_image.controller.admin_password,
+                        'domain': controller_image.controller.domain,
                         'name':controller_image.image.name,
                         'filepath':controller_image.image.path,
                         'ansible_tag': '%s@%s'%(controller_image.image.name,controller_image.controller.name), # name of ansible playbook
diff --git a/xos/openstack_observer/steps/sync_controller_images.yaml b/xos/openstack_observer/steps/sync_controller_images.yaml
index 18228db..328090b 100644
--- a/xos/openstack_observer/steps/sync_controller_images.yaml
+++ b/xos/openstack_observer/steps/sync_controller_images.yaml
@@ -2,11 +2,12 @@
 - hosts: 127.0.0.1
   connection: local 
   tasks:
+  - shell: ENDPOINT={{endpoint_v3}} USERNAME={{admin_user}} PASSWORD={{admin_password}} TENANT=admin DOMAIN={{domain}} openstack/get_token.sh
+    register: token
+
   - glance_image:
         auth_url: {{ endpoint }} 
-        login_username: {{ admin_user }}
-        login_tenant_name: 'admin'
-        login_password: {{ admin_password }}
+        token: {{ token.stdout }}
         name: "{{ name }}"
         file: "{{ filepath }}"
         disk_format: 'raw'
diff --git a/xos/openstack_observer/steps/sync_controller_networks.py b/xos/openstack_observer/steps/sync_controller_networks.py
index 0b636e2..0ce3a96 100644
--- a/xos/openstack_observer/steps/sync_controller_networks.py
+++ b/xos/openstack_observer/steps/sync_controller_networks.py
@@ -42,9 +42,11 @@
         slice = controller_network.network.owner
 
         network_fields = {'endpoint':controller_network.controller.auth_url,
+                    'endpoint_v3': controller_network.controller.auth_url_v3,
                     'admin_user':slice.creator.email,
                     'tenant_name':slice.name,
                     'admin_password':slice.creator.remote_password,
+                    'domain': congroller_network.controller.domain,
                     'name':network_name,
                     'subnet_name':subnet_name,
                     'ansible_tag':'%s-%s@%s'%(network_name,slice.slicename,controller_network.controller.name),
diff --git a/xos/openstack_observer/steps/sync_controller_networks.yaml b/xos/openstack_observer/steps/sync_controller_networks.yaml
index 6b18fda..2bf2b4a 100644
--- a/xos/openstack_observer/steps/sync_controller_networks.yaml
+++ b/xos/openstack_observer/steps/sync_controller_networks.yaml
@@ -2,12 +2,13 @@
 - hosts: 127.0.0.1
   connection: local 
   tasks:
+  - shell: ENDPOINT={{endpoint_v3}} USERNAME={{admin_user}} PASSWORD={{admin_password}} TENANT={{tenant_name}} DOMAIN={{domain}} openstack/get_token.sh
+    register: token
+
   - quantum_network:
-        auth_url={{ endpoint }} 
-        login_username={{ admin_user }}
+        auth_url={{ endpoint }}
+        token={{ token.stdout }} 
         tenant_name={{ tenant_name }}
-        login_tenant_name={{ tenant_name }}
-        login_password={{ admin_password }}
         name={{ name }}
         {% if delete %}
         state=absent
@@ -17,11 +18,9 @@
         shared=true
   {% if not delete %}
   - quantum_subnet:
-        auth_url={{ endpoint }} 
-        login_username={{ admin_user }}
+        auth_url={{ endpoint }}
+        token={{ token.stdout }} 
         tenant_name={{ tenant_name }}
-        login_tenant_name={{ tenant_name }}
-        login_password={{ admin_password }}
         name={{ subnet_name }} 
         network_name={{ name }} 
         {% if delete %}
diff --git a/xos/openstack_observer/steps/sync_controller_site_privileges.py b/xos/openstack_observer/steps/sync_controller_site_privileges.py
index d52c999..d257536 100644
--- a/xos/openstack_observer/steps/sync_controller_site_privileges.py
+++ b/xos/openstack_observer/steps/sync_controller_site_privileges.py
@@ -39,13 +39,15 @@
             #    tenant_id = ctrl_site_deployments[0].tenant_id  
             #    tenant_name = ctrl_site_deployments[0].site_deployment.site.login_base
             user_fields = {
-                       'endpoint':controller_site_privilege.controller.auth_url,
+               'endpoint':controller_site_privilege.controller.auth_url,
+               'endpoint_v3': controller_site_privilege.controller.auth_url_v3,
+               'domain': controller_site_privilege.controller.domain,
 		       'name': controller_site_privilege.site_privilege.user.email,
-                       'email': controller_site_privilege.site_privilege.user.email,
-                       'password': controller_site_privilege.site_privilege.user.remote_password,
-                       'admin_user': controller_site_privilege.controller.admin_user,
+               'email': controller_site_privilege.site_privilege.user.email,
+               'password': controller_site_privilege.site_privilege.user.remote_password,
+               'admin_user': controller_site_privilege.controller.admin_user,
 		       'admin_password': controller_site_privilege.controller.admin_password,
-	               'ansible_tag':'%s@%s'%(controller_site_privilege.site_privilege.user.email.replace('@','-at-'),controller_site_privilege.controller.name),
+	           'ansible_tag':'%s@%s'%(controller_site_privilege.site_privilege.user.email.replace('@','-at-'),controller_site_privilege.controller.name),
 		       'admin_tenant': controller_site_privilege.controller.admin_tenant,
 		       'roles':roles,
 		       'tenant':controller_site_privilege.site_privilege.site.login_base}    
diff --git a/xos/openstack_observer/steps/sync_controller_sites.py b/xos/openstack_observer/steps/sync_controller_sites.py
index 2f1680c..614d435 100644
--- a/xos/openstack_observer/steps/sync_controller_sites.py
+++ b/xos/openstack_observer/steps/sync_controller_sites.py
@@ -21,10 +21,12 @@
 
     def map_sync_inputs(self, controller_site):
 	tenant_fields = {'endpoint':controller_site.controller.auth_url,
+                 'endpoint_v3': controller_site.controller.auth_url_v3,
+                 'domain': controller_site.controller.domain,
 		         'admin_user': controller_site.controller.admin_user,
 		         'admin_password': controller_site.controller.admin_password,
 		         'admin_tenant': controller_site.controller.admin_tenant,
-	                 'ansible_tag': '%s@%s'%(controller_site.site.login_base,controller_site.controller.name), # name of ansible playbook
+	             'ansible_tag': '%s@%s'%(controller_site.site.login_base,controller_site.controller.name), # name of ansible playbook
 		         'tenant': controller_site.site.login_base,
 		         'tenant_description': controller_site.site.name}
         return tenant_fields
diff --git a/xos/openstack_observer/steps/sync_controller_slice_privileges.py b/xos/openstack_observer/steps/sync_controller_slice_privileges.py
index a998460..948ea57 100644
--- a/xos/openstack_observer/steps/sync_controller_slice_privileges.py
+++ b/xos/openstack_observer/steps/sync_controller_slice_privileges.py
@@ -39,13 +39,15 @@
             #    tenant_id = ctrl_slice_deployments[0].tenant_id  
             #    tenant_name = ctrl_slice_deployments[0].slice_deployment.slice.login_base
             user_fields = {
-                       'endpoint':controller_slice_privilege.controller.auth_url,
+               'endpoint':controller_slice_privilege.controller.auth_url,
+               'endpoint_v3': controller_slice_privilege.controller.auth_url_v3,
+               'domain': controller_slice_privilege.controller.domain,
 		       'name': controller_slice_privilege.slice_privilege.user.email,
-                       'email': controller_slice_privilege.slice_privilege.user.email,
-                       'password': controller_slice_privilege.slice_privilege.user.remote_password,
-                       'admin_user': controller_slice_privilege.controller.admin_user,
+               'email': controller_slice_privilege.slice_privilege.user.email,
+               'password': controller_slice_privilege.slice_privilege.user.remote_password,
+               'admin_user': controller_slice_privilege.controller.admin_user,
 		       'admin_password': controller_slice_privilege.controller.admin_password,
-                       'ansible_tag':'%s@%s@%s'%(controller_slice_privilege.slice_privilege.user.email.replace('@','-at-'),controller_slice_privilege.slice_privilege.slice.name,controller_slice_privilege.controller.name),
+               'ansible_tag':'%s@%s@%s'%(controller_slice_privilege.slice_privilege.user.email.replace('@','-at-'),controller_slice_privilege.slice_privilege.slice.name,controller_slice_privilege.controller.name),
 		       'admin_tenant': controller_slice_privilege.controller.admin_tenant,
 		       'roles':roles,
 		       'tenant':controller_slice_privilege.slice_privilege.slice.name}    
diff --git a/xos/openstack_observer/steps/sync_controller_slices.py b/xos/openstack_observer/steps/sync_controller_slices.py
index a790a67..9904aef 100644
--- a/xos/openstack_observer/steps/sync_controller_slices.py
+++ b/xos/openstack_observer/steps/sync_controller_slices.py
@@ -35,6 +35,8 @@
 
         max_instances=int(controller_slice.slice.max_instances)
         tenant_fields = {'endpoint':controller_slice.controller.auth_url,
+                         'endpoint_v3': controller_slice.controller.auth_url_v3,
+                         'domain': controller_slice.controller.domain,
                          'admin_user': controller_slice.controller.admin_user,
                          'admin_password': controller_slice.controller.admin_password,
                          'admin_tenant': 'admin',
diff --git a/xos/openstack_observer/steps/sync_controller_slices.yaml b/xos/openstack_observer/steps/sync_controller_slices.yaml
index 28c406d..7151e09 100644
--- a/xos/openstack_observer/steps/sync_controller_slices.yaml
+++ b/xos/openstack_observer/steps/sync_controller_slices.yaml
@@ -2,11 +2,13 @@
 - hosts: 127.0.0.1
   connection: local
   tasks:
+  - shell: ENDPOINT={{endpoint_v3}} USERNAME={{admin_user}} PASSWORD={{admin_password}} TENANT={{admin_tenant}} DOMAIN={{domain}} openstack/get_token.sh
+    register: token
   {% if delete -%}
-  - keystone_user: endpoint={{ endpoint }} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} tenant={{ tenant }} tenant_description="{{ tenant_description }}" state=absent
+  - keystone_user: endpoint={{ endpoint }} token={{ token.stdout }}  tenant={{ tenant }} tenant_description="{{ tenant_description }}" state=absent
   {% else -%}	
-  - keystone_user: endpoint={{ endpoint }} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} tenant={{ tenant }} tenant_description="{{ tenant_description }}"
+  - keystone_user: endpoint={{ endpoint }} token={{ token.stdout }} tenant={{ tenant }} tenant_description="{{ tenant_description }}"
   {% for role in roles %}
-  - keystone_user: endpoint={{ endpoint}} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} user="{{ name }}" role={{ role }} tenant={{ tenant }}
+  - keystone_user: endpoint={{ endpoint}} token={{ token.stdout }} user="{{ name }}" role={{ role }} tenant={{ tenant }}
   {% endfor %}
   {% endif %} 
diff --git a/xos/openstack_observer/steps/sync_controller_users.py b/xos/openstack_observer/steps/sync_controller_users.py
index ae04460..4062453 100644
--- a/xos/openstack_observer/steps/sync_controller_users.py
+++ b/xos/openstack_observer/steps/sync_controller_users.py
@@ -44,6 +44,8 @@
             #    tenant_name = ctrl_site_deployments[0].site_deployment.site.login_base
             user_fields = {
                 'endpoint':controller_user.controller.auth_url,
+                'endpoint_v3': controller_user.controller.auth_url_v3,
+                'domain': controller_user.controller.domain,
                 'name': controller_user.user.email,
                 'email': controller_user.user.email,
                 'password': controller_user.user.remote_password,
diff --git a/xos/openstack_observer/steps/sync_controller_users.yaml b/xos/openstack_observer/steps/sync_controller_users.yaml
index 95cdba3..7814ee6 100644
--- a/xos/openstack_observer/steps/sync_controller_users.yaml
+++ b/xos/openstack_observer/steps/sync_controller_users.yaml
@@ -2,15 +2,16 @@
 - hosts: 127.0.0.1
   connection: local
   tasks:
+  - shell: ENDPOINT={{endpoint_v3}} USERNAME={{admin_user}} PASSWORD={{admin_password}} TENANT={{admin_tenant}} DOMAIN={{domain}} openstack/get_token.sh
+    register: token
+
   - keystone_user: 
-       endpoint={{ endpoint }} 
+       endpoint= {{ endpoint }} 
+       token= {{ token.stdout }}
        user="{{ name }}" 
        email={{ email }} 
        password={{ password }} 
-       login_user={{ admin_user }} 
-       login_password={{ admin_password }} 
-       login_tenant_name={{ admin_tenant }} 
        tenant={{ tenant }}
   {% for role in roles %}
-  - keystone_user: endpoint={{ endpoint}} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} user="{{ name }}" role={{ role }} tenant={{ tenant }}
+  - keystone_user: endpoint= {{ endpoint}} token= {{ token.stdout }} user="{{ name }}" role={{ role }} tenant={{ tenant }}
   {% endfor %}
diff --git a/xos/openstack_observer/steps/sync_instances.py b/xos/openstack_observer/steps/sync_instances.py
index 963d859..7aa4bb7 100644
--- a/xos/openstack_observer/steps/sync_instances.py
+++ b/xos/openstack_observer/steps/sync_instances.py
@@ -112,6 +112,8 @@
 
         controller = instance.node.site_deployment.controller
         fields = {'endpoint':controller.auth_url,
+                     'endpoint_v3': controller.auth_url_v3,
+                     'domain': controller.domain,
                      'admin_user': instance.creator.email,
                      'admin_password': instance.creator.remote_password,
                      'admin_tenant': instance.slice.name,
diff --git a/xos/openstack_observer/steps/sync_instances.yaml b/xos/openstack_observer/steps/sync_instances.yaml
index 803a294..f42f601 100644
--- a/xos/openstack_observer/steps/sync_instances.yaml
+++ b/xos/openstack_observer/steps/sync_instances.yaml
@@ -2,11 +2,12 @@
 - hosts: 127.0.0.1
   connection: local
   tasks:
+  - shell: ENDPOINT={{endpoint_v3}} USERNAME={{admin_user}} PASSWORD={{admin_password}} TENANT=admin DOMAIN={{domain}} openstack/get_token.sh
+    register: token
+
   - nova_compute:
       auth_url: {{ endpoint }}
-      login_username: {{ admin_user }}
-      login_password: {{ admin_password }}
-      login_tenant_name: {{ admin_tenant }}
+      token: {{ token.stdout }}
       name: {{ name }}
       {% if delete -%}
       state: absent