Don't make calls to Keystone for authN if insufficient args are present

hmm, not sure what the problem is, can you give some more info, it's working as expected for me:

$ openstack role add
usage: openstack role add [-h] [-f {shell,table,value}] [-c COLUMN]
                          [--max-width <integer>] [--prefix PREFIX] --project
                          <project> --user <user>
                          <role>
openstack role add: error: too few arguments

If you just type "openstack role add" and nothing else in arguments, some calls are being made to keystone. It should be caught at client level and an error should be printed out(which is being done btw). I think the calls are for authenticating the user whose credential is being used to call the above command.

So to reproduce it, just type "openstack role add" in cli and observer keystone logs.

OK, I think you came across a larger possible optimization issue. So, you'll see the same keystone authN entries every time a call is made with openstackclient. If it succeeds or errors out, no matter what you're doing.

`openstack server create` will show the authN entries, same as `openstack user list` or `openstack role add`
This is likely caused by these lines of code here:
https://github.com/openstack/python-openstackclient/blob/master/openstackclient/shell.py#L67-L68

Alternatively, if you do `keystone user-role-add` or `nova boot` it errors out right away, rather than trying to authN with keystone.

I don't have a suggested fix at the moment, but it's definitely something to think about.

FWIW, the upcoming changes to use the new keystoneclient.session.Session should help in this regard[0]. One reason you see differences in commands is due to the different API client libraries and their different implementations. Until they are either updated to also use Session or replaced this may not go away entirely.

[0] https://review.openstack.org/113046, https://review.openstack.org/106178

Fix proposed to branch: master
Review: https://review.openstack.org/127735

Change abandoned by wanghong (<email address hidden>) on branch: master
Review: https://review.openstack.org/127735

Reviewed: https://review.openstack.org/129778
Committed: https://git.openstack.org/cgit/openstack/python-openstackclient/commit/?id=e063246b97a7f31a47aca0a5eb36d571f5df7236
Submitter: Jenkins
Branch: master

commit e063246b97a7f31a47aca0a5eb36d571f5df7236
Author: Dean Troyer <email address hidden>
Date: Mon Oct 20 18:53:10 2014 -0500

    Clean up shell authentication

    * Remove the auth option checks as the auth plugins will validate
      their own options
    * Move the initialization of client_manager to the end of
      initialize_app() so it is always called. Note that no attempts
      to actually authenticate occur until the first use of one of the
      client attributes in client_manager. This leaves
      initialize_clientmanager() (formerly uathenticate_user()) empty
      so remove it.
    * Remove interact() as the client_manager has already been created
      And there is nothing left.
    * prepare_to_run_command() is reduced to trigger an authentication
      attempt for the best_effort auth commands, currently the only
      one is 'complete'.
    * Add prompt_for_password() to ask the user to enter a password
      when necessary. Passed to ClientManager in a new kward pw_func.

    Bug: 1355838
    Change-Id: I9fdec9144c4c84f65aed1cf91ce41fe1895089b2