Remove support for trusts in v2.0
If the UUID token provider is configured, it is possible to use trusts to authenticate against the version 2.0 API. The fernet token provider doesn't support trust authentication against the v2.0 API. Trusts were never supported in version 2.0 and it is recommend that trusts are used exclusively with version 3. This commit makes this behavior with trusts and v2.0 consistent regardless of the configured token provider. It is also a step to getting fernet to be the default token provider in Keystone. Change-Id: Ia02850d1aec304eccccb4752c43767272047b74e
This commit is contained in:
parent
7a0874f6f6
commit
66bfce8f70
|
@ -59,16 +59,6 @@ class V2TokenDataHelper(object):
|
|||
|
||||
user = common_controller.V2Controller.v3_to_v2_user(v3_user)
|
||||
|
||||
# Maintain Trust Data
|
||||
if 'OS-TRUST:trust' in v3_token:
|
||||
v3_trust_data = v3_token['OS-TRUST:trust']
|
||||
token_data['trust'] = {
|
||||
'trustee_user_id': v3_trust_data['trustee_user']['id'],
|
||||
'id': v3_trust_data['id'],
|
||||
'trustor_user_id': v3_trust_data['trustor_user']['id'],
|
||||
'impersonation': v3_trust_data['impersonation']
|
||||
}
|
||||
|
||||
# Set user roles
|
||||
user['roles'] = []
|
||||
role_ids = []
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
other:
|
||||
- The ability to obtain a trust-scoped token against the v2.0 API has been
|
||||
removed, in favor of using the version 3 API.
|
Loading…
Reference in New Issue