3 files changed, 42 insertions, 27 deletions

diff --git a/openstackclient/identity/v2_0/catalog.py b/openstackclient/identity/v2_0/catalog.py
index c8f48cb6..33692a0d 100644
--- a/openstackclient/identity/v2_0/catalog.py
+++ b/openstackclient/identity/v2_0/catalog.py
@@ -16,6 +16,7 @@
 import six
 
 from openstackclient.common import command
+from openstackclient.common import exceptions
 from openstackclient.common import utils
 from openstackclient.i18n import _
 
@@ -41,13 +42,14 @@ class ListCatalog(command.Lister):
 
     def take_action(self, parsed_args):
 
-        # This is ugly because if auth hasn't happened yet we need
-        # to trigger it here.
-        sc = self.app.client_manager.session.auth.get_auth_ref(
-            self.app.client_manager.session,
-        ).service_catalog
+        # Trigger auth if it has not happened yet
+        auth_ref = self.app.client_manager.auth_ref
+        if not auth_ref:
+            raise exceptions.AuthorizationFailure(
+                "Only an authorized user may issue a new token."
+            )
 
-        data = sc.get_data()
+        data = auth_ref.service_catalog.catalog
         columns = ('Name', 'Type', 'Endpoints')
         return (columns,
                 (utils.get_dict_properties(
@@ -72,14 +74,15 @@ class ShowCatalog(command.ShowOne):
 
     def take_action(self, parsed_args):
 
-        # This is ugly because if auth hasn't happened yet we need
-        # to trigger it here.
-        sc = self.app.client_manager.session.auth.get_auth_ref(
-            self.app.client_manager.session,
-        ).service_catalog
+        # Trigger auth if it has not happened yet
+        auth_ref = self.app.client_manager.auth_ref
+        if not auth_ref:
+            raise exceptions.AuthorizationFailure(
+                "Only an authorized user may issue a new token."
+            )
 
         data = None
-        for service in sc.get_data():
+        for service in auth_ref.service_catalog.catalog:
             if (service.get('name') == parsed_args.service or
                     service.get('type') == parsed_args.service):
                 data = service
@@ -91,6 +94,6 @@ class ShowCatalog(command.ShowOne):
         if not data:
             self.app.log.error(_('service %s not found\n') %
                                parsed_args.service)
-            return ([], [])
+            return ((), ())
 
         return zip(*sorted(six.iteritems(data)))
diff --git a/openstackclient/identity/v2_0/role.py b/openstackclient/identity/v2_0/role.py
index 6b014d86..0f8da992 100644
--- a/openstackclient/identity/v2_0/role.py
+++ b/openstackclient/identity/v2_0/role.py
@@ -231,18 +231,19 @@ class ListUserRole(command.Lister):
         # Project and user are required, if not included in command args
         # default to the values used for authentication.  For token-flow
         # authentication they must be included on the command line.
+        if (not parsed_args.project and
+                self.app.client_manager.auth_ref.project_id):
+            parsed_args.project = auth_ref.project_id
         if not parsed_args.project:
-            if self.app.client_manager.auth_ref:
-                parsed_args.project = auth_ref.project_id
-            else:
-                msg = _("Project must be specified")
-                raise exceptions.CommandError(msg)
+            msg = _("Project must be specified")
+            raise exceptions.CommandError(msg)
+
+        if (not parsed_args.user and
+                self.app.client_manager.auth_ref.user_id):
+            parsed_args.user = auth_ref.user_id
         if not parsed_args.user:
-            if self.app.client_manager.auth_ref:
-                parsed_args.user = auth_ref.user_id
-            else:
-                msg = _("User must be specified")
-                raise exceptions.CommandError(msg)
+            msg = _("User must be specified")
+            raise exceptions.CommandError(msg)
 
         project = utils.find_resource(
             identity_client.tenants,
diff --git a/openstackclient/identity/v2_0/token.py b/openstackclient/identity/v2_0/token.py
index f435d7ce..d708749d 100644
--- a/openstackclient/identity/v2_0/token.py
+++ b/openstackclient/identity/v2_0/token.py
@@ -18,6 +18,7 @@
 import six
 
 from openstackclient.common import command
+from openstackclient.common import exceptions
 from openstackclient.i18n import _
 
 
@@ -32,11 +33,21 @@ class IssueToken(command.ShowOne):
         return parser
 
     def take_action(self, parsed_args):
+        auth_ref = self.app.client_manager.auth_ref
+        if not auth_ref:
+            raise exceptions.AuthorizationFailure(
+                "Only an authorized user may issue a new token.")
 
-        token = self.app.client_manager.auth_ref.service_catalog.get_token()
-        if 'tenant_id' in token:
-            token['project_id'] = token.pop('tenant_id')
-        return zip(*sorted(six.iteritems(token)))
+        data = {}
+        if auth_ref.auth_token:
+            data['id'] = auth_ref.auth_token
+        if auth_ref.expires:
+            data['expires'] = auth_ref.expires
+        if auth_ref.project_id:
+            data['project_id'] = auth_ref.project_id
+        if auth_ref.user_id:
+            data['user_id'] = auth_ref.user_id
+        return zip(*sorted(six.iteritems(data)))
 
 
 class RevokeToken(command.Command):