Added "Domain" configuration parameter to Swift provider to enable V3 authentication

physical/swift.go

@@ -63,12 +63,23 @@ func newSwiftBackend(conf map[string]string, logger log.Logger) (Backend, error)
 		tenant = conf["tenant"]
 	}
 
+	domain := os.Getenv("OS_USER_DOMAIN_NAME")
+	if domain == "" {
+		domain = conf["domain"]
+	}
+	tenantDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME")
+	if tenantDomain == "" {
+		tenantDomain = conf["tenant-domain"]
+	}
+
 	c := swift.Connection{
-		UserName:  username,
-		ApiKey:    password,
-		AuthUrl:   authUrl,
-		Tenant:    tenant,
-		Transport: cleanhttp.DefaultPooledTransport(),
+		Domain:       domain,
+		UserName:     username,
+		ApiKey:       password,
+		AuthUrl:      authUrl,
+		Tenant:       tenant,
+		TenantDomain: tenantDomain,
+		Transport:    cleanhttp.DefaultPooledTransport(),
 	}
 
 	err := c.Authenticate()

physical/swift_test.go

@@ -22,16 +22,20 @@ func TestSwiftBackend(t *testing.T) {
 	password := os.Getenv("OS_PASSWORD")
 	authUrl := os.Getenv("OS_AUTH_URL")
 	tenant := os.Getenv("OS_TENANT_NAME")
+	domain := os.Getenv("OS_USER_DOMAIN_NAME")
+	tenantDomain := os.Getenv("OS_PROJECT_DOMAIN_NAME")
 
 	ts := time.Now().UnixNano()
 	container := fmt.Sprintf("vault-test-%d", ts)
 
 	cleaner := swift.Connection{
-		UserName:  username,
-		ApiKey:    password,
-		AuthUrl:   authUrl,
-		Tenant:    tenant,
-		Transport: cleanhttp.DefaultPooledTransport(),
+		Domain:       domain,
+		UserName:     username,
+		ApiKey:       password,
+		AuthUrl:      authUrl,
+		Tenant:       tenant,
+		TenantDomain: tenantDomain,
+		Transport:    cleanhttp.DefaultPooledTransport(),
 	}
 
 	err := cleaner.Authenticate()
@@ -63,11 +67,13 @@ func TestSwiftBackend(t *testing.T) {
 	logger := logformat.NewVaultLogger(log.LevelTrace)
 
 	b, err := NewBackend("swift", logger, map[string]string{
-		"username":  username,
-		"password":  password,
-		"container": container,
-		"auth_url":  authUrl,
-		"tenant":    tenant,
+		"username":      username,
+		"password":      password,
+		"container":     container,
+		"auth_url":      authUrl,
+		"tenant":        tenant,
+		"domain":        domain,
+		"tenant-domain": tenantDomain,
 	})
 	if err != nil {
 		t.Fatalf("err: %s", err)