openstack/keystone
Code Issues Proposed changes

Enable application_credential auth by default

Browse Source 
There's no reason users shouldn't be able to use application credentials
out of the box. Make application_credential one of the default enabled
auth methods.

bp application-credentials

Change-Id: Ib8a02ef7b8f0efadfe902d7e517ac702f72fff13
This commit is contained in:
Colleen Murphy 2018-01-18 21:08:29 +01:00
parent 0462ff8001
commit 5e97f2d052
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
keystone/conf/auth.py
View File

@ -76,6 +76,16 @@ namespace. You do not need to set this unless you are overriding keystone's own
`mapped` authentication plugin. `mapped` authentication plugin.
""")) """))
application_credential = cfg.StrOpt(
'application_credential',
help=utils.fmt("""
Entry point for the application_credential auth plugin module in the
`keystone.auth.application_credential` namespace. You do not need to set this
unless you are overriding keystone's own `application_credential`
authentication plugin.
"""))
GROUP_NAME = __name__.split('.')[-1] GROUP_NAME = __name__.split('.')[-1]
ALL_OPTS = [ ALL_OPTS = [
methods, methods,
@ -84,6 +94,7 @@ ALL_OPTS = [
external, external,
oauth1, oauth1,
mapped, mapped,
application_credential,
] ]

3
keystone/conf/constants.py
View File

@ -17,7 +17,8 @@ package.
""" """
_DEFAULT_AUTH_METHODS = ['external', 'password', 'token', 'oauth1', 'mapped'] _DEFAULT_AUTH_METHODS = ['external', 'password', 'token', 'oauth1', 'mapped',
'application_credential']
_CERTFILE = '/etc/keystone/ssl/certs/signing_cert.pem' _CERTFILE = '/etc/keystone/ssl/certs/signing_cert.pem'
_KEYFILE = '/etc/keystone/ssl/private/signing_key.pem' _KEYFILE = '/etc/keystone/ssl/private/signing_key.pem'