Merge "Removed deprecated revoke KVS backend"
This commit is contained in:
commit
aa640e1e35
|
@ -1,74 +0,0 @@
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
|
|
||||||
import datetime
|
|
||||||
|
|
||||||
from oslo_config import cfg
|
|
||||||
from oslo_log import versionutils
|
|
||||||
from oslo_utils import timeutils
|
|
||||||
|
|
||||||
from keystone.common import kvs
|
|
||||||
from keystone import exception
|
|
||||||
from keystone import revoke
|
|
||||||
|
|
||||||
|
|
||||||
CONF = cfg.CONF
|
|
||||||
|
|
||||||
_EVENT_KEY = 'os-revoke-events'
|
|
||||||
_KVS_BACKEND = 'openstack.kvs.Memory'
|
|
||||||
|
|
||||||
|
|
||||||
class Revoke(revoke.RevokeDriverV8):
|
|
||||||
|
|
||||||
@versionutils.deprecated(
|
|
||||||
versionutils.deprecated.JUNO,
|
|
||||||
in_favor_of='keystone.revoke.backends.sql',
|
|
||||||
remove_in=+1,
|
|
||||||
what='keystone.revoke.backends.kvs')
|
|
||||||
def __init__(self, **kwargs):
|
|
||||||
super(Revoke, self).__init__()
|
|
||||||
self._store = kvs.get_key_value_store('os-revoke-driver')
|
|
||||||
self._store.configure(backing_store=_KVS_BACKEND, **kwargs)
|
|
||||||
|
|
||||||
def _list_events(self):
|
|
||||||
try:
|
|
||||||
return self._store.get(_EVENT_KEY)
|
|
||||||
except exception.NotFound:
|
|
||||||
return []
|
|
||||||
|
|
||||||
def list_events(self, last_fetch=None):
|
|
||||||
results = []
|
|
||||||
|
|
||||||
with self._store.get_lock(_EVENT_KEY):
|
|
||||||
events = self._list_events()
|
|
||||||
|
|
||||||
for event in events:
|
|
||||||
revoked_at = event.revoked_at
|
|
||||||
if last_fetch is None or revoked_at > last_fetch:
|
|
||||||
results.append(event)
|
|
||||||
return results
|
|
||||||
|
|
||||||
def revoke(self, event):
|
|
||||||
pruned = []
|
|
||||||
expire_delta = datetime.timedelta(seconds=CONF.token.expiration)
|
|
||||||
oldest = timeutils.utcnow() - expire_delta
|
|
||||||
|
|
||||||
with self._store.get_lock(_EVENT_KEY) as lock:
|
|
||||||
events = self._list_events()
|
|
||||||
if event:
|
|
||||||
events.append(event)
|
|
||||||
|
|
||||||
for event in events:
|
|
||||||
revoked_at = event.revoked_at
|
|
||||||
if revoked_at > oldest:
|
|
||||||
pruned.append(event)
|
|
||||||
self._store.set(_EVENT_KEY, pruned, lock)
|
|
|
@ -541,7 +541,6 @@ class TestCase(BaseTestCase):
|
||||||
('keystone.tests.unit.test_kvs.'
|
('keystone.tests.unit.test_kvs.'
|
||||||
'KVSBackendForcedKeyMangleFixture'),
|
'KVSBackendForcedKeyMangleFixture'),
|
||||||
'keystone.tests.unit.test_kvs.KVSBackendFixture'])
|
'keystone.tests.unit.test_kvs.KVSBackendFixture'])
|
||||||
self.config_fixture.config(group='revoke', driver='kvs')
|
|
||||||
self.config_fixture.config(
|
self.config_fixture.config(
|
||||||
group='signing', certfile=signing_certfile,
|
group='signing', certfile=signing_certfile,
|
||||||
keyfile=signing_keyfile,
|
keyfile=signing_keyfile,
|
||||||
|
@ -835,7 +834,6 @@ class SQLDriverOverrides(object):
|
||||||
self.config_fixture.config(group='catalog', driver='sql')
|
self.config_fixture.config(group='catalog', driver='sql')
|
||||||
self.config_fixture.config(group='identity', driver='sql')
|
self.config_fixture.config(group='identity', driver='sql')
|
||||||
self.config_fixture.config(group='policy', driver='sql')
|
self.config_fixture.config(group='policy', driver='sql')
|
||||||
self.config_fixture.config(group='revoke', driver='sql')
|
|
||||||
self.config_fixture.config(group='token', driver='sql')
|
self.config_fixture.config(group='token', driver='sql')
|
||||||
self.config_fixture.config(group='trust', driver='sql')
|
self.config_fixture.config(group='trust', driver='sql')
|
||||||
|
|
||||||
|
|
|
@ -21,6 +21,7 @@ import six
|
||||||
from keystone.common import utils
|
from keystone.common import utils
|
||||||
from keystone import exception
|
from keystone import exception
|
||||||
from keystone.tests import unit
|
from keystone.tests import unit
|
||||||
|
from keystone.tests.unit.ksfixtures import database
|
||||||
from keystone.tests.unit import test_backend
|
from keystone.tests.unit import test_backend
|
||||||
|
|
||||||
|
|
||||||
|
@ -107,6 +108,7 @@ class KvsTokenCacheInvalidation(unit.TestCase,
|
||||||
test_backend.TokenCacheInvalidation):
|
test_backend.TokenCacheInvalidation):
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(KvsTokenCacheInvalidation, self).setUp()
|
super(KvsTokenCacheInvalidation, self).setUp()
|
||||||
|
self.useFixture(database.Database(self.sql_driver_version_overrides))
|
||||||
self.load_backends()
|
self.load_backends()
|
||||||
self._create_test_data()
|
self._create_test_data()
|
||||||
|
|
||||||
|
|
|
@ -184,27 +184,12 @@ class RevokeTests(object):
|
||||||
class SqlRevokeTests(test_backend_sql.SqlTests, RevokeTests):
|
class SqlRevokeTests(test_backend_sql.SqlTests, RevokeTests):
|
||||||
def config_overrides(self):
|
def config_overrides(self):
|
||||||
super(SqlRevokeTests, self).config_overrides()
|
super(SqlRevokeTests, self).config_overrides()
|
||||||
self.config_fixture.config(group='revoke', driver='sql')
|
|
||||||
self.config_fixture.config(
|
self.config_fixture.config(
|
||||||
group='token',
|
group='token',
|
||||||
provider='pki',
|
provider='pki',
|
||||||
revoke_by_id=False)
|
revoke_by_id=False)
|
||||||
|
|
||||||
|
|
||||||
class KvsRevokeTests(unit.TestCase, RevokeTests):
|
|
||||||
def config_overrides(self):
|
|
||||||
super(KvsRevokeTests, self).config_overrides()
|
|
||||||
self.config_fixture.config(group='revoke', driver='kvs')
|
|
||||||
self.config_fixture.config(
|
|
||||||
group='token',
|
|
||||||
provider='pki',
|
|
||||||
revoke_by_id=False)
|
|
||||||
|
|
||||||
def setUp(self):
|
|
||||||
super(KvsRevokeTests, self).setUp()
|
|
||||||
self.load_backends()
|
|
||||||
|
|
||||||
|
|
||||||
class RevokeTreeTests(unit.TestCase):
|
class RevokeTreeTests(unit.TestCase):
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(RevokeTreeTests, self).setUp()
|
super(RevokeTreeTests, self).setUp()
|
||||||
|
|
|
@ -1395,7 +1395,6 @@ class V2TestCase(RestfulTestCase, CoreApiTests, LegacyV2UsernameTests):
|
||||||
class RevokeApiTestCase(V2TestCase):
|
class RevokeApiTestCase(V2TestCase):
|
||||||
def config_overrides(self):
|
def config_overrides(self):
|
||||||
super(RevokeApiTestCase, self).config_overrides()
|
super(RevokeApiTestCase, self).config_overrides()
|
||||||
self.config_fixture.config(group='revoke', driver='kvs')
|
|
||||||
self.config_fixture.config(
|
self.config_fixture.config(
|
||||||
group='token',
|
group='token',
|
||||||
provider='pki',
|
provider='pki',
|
||||||
|
|
|
@ -816,7 +816,6 @@ class TestTokenRevokeById(test_v3.RestfulTestCase):
|
||||||
|
|
||||||
def config_overrides(self):
|
def config_overrides(self):
|
||||||
super(TestTokenRevokeById, self).config_overrides()
|
super(TestTokenRevokeById, self).config_overrides()
|
||||||
self.config_fixture.config(group='revoke', driver='kvs')
|
|
||||||
self.config_fixture.config(
|
self.config_fixture.config(
|
||||||
group='token',
|
group='token',
|
||||||
provider='pki',
|
provider='pki',
|
||||||
|
@ -1502,9 +1501,6 @@ class TestTokenRevokeByAssignment(TestTokenRevokeById):
|
||||||
|
|
||||||
def config_overrides(self):
|
def config_overrides(self):
|
||||||
super(TestTokenRevokeById, self).config_overrides()
|
super(TestTokenRevokeById, self).config_overrides()
|
||||||
self.config_fixture.config(
|
|
||||||
group='revoke',
|
|
||||||
driver='kvs')
|
|
||||||
self.config_fixture.config(
|
self.config_fixture.config(
|
||||||
group='token',
|
group='token',
|
||||||
provider='uuid',
|
provider='uuid',
|
||||||
|
@ -1565,7 +1561,6 @@ class TestTokenRevokeApi(TestTokenRevokeById):
|
||||||
|
|
||||||
def config_overrides(self):
|
def config_overrides(self):
|
||||||
super(TestTokenRevokeApi, self).config_overrides()
|
super(TestTokenRevokeApi, self).config_overrides()
|
||||||
self.config_fixture.config(group='revoke', driver='kvs')
|
|
||||||
self.config_fixture.config(
|
self.config_fixture.config(
|
||||||
group='token',
|
group='token',
|
||||||
provider='pki',
|
provider='pki',
|
||||||
|
@ -3317,7 +3312,6 @@ class TestTrustAuth(test_v3.RestfulTestCase):
|
||||||
|
|
||||||
def config_overrides(self):
|
def config_overrides(self):
|
||||||
super(TestTrustAuth, self).config_overrides()
|
super(TestTrustAuth, self).config_overrides()
|
||||||
self.config_fixture.config(group='revoke', driver='kvs')
|
|
||||||
self.config_fixture.config(
|
self.config_fixture.config(
|
||||||
group='token',
|
group='token',
|
||||||
provider='pki',
|
provider='pki',
|
||||||
|
|
|
@ -38,3 +38,7 @@ other:
|
||||||
[`blueprint removed-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/removed-as-of-mitaka>`_]
|
[`blueprint removed-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/removed-as-of-mitaka>`_]
|
||||||
The LDAP backend for Role has been removed. This was deprecated in the
|
The LDAP backend for Role has been removed. This was deprecated in the
|
||||||
Kilo release.
|
Kilo release.
|
||||||
|
- >
|
||||||
|
[`blueprint removed-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/removed-as-of-mitaka>`_]
|
||||||
|
Removed Revoke KVS backend (``keystone.revoke.backends.kvs.Revoke``).
|
||||||
|
This was deprecated in the Juno release.
|
||||||
|
|
|
@ -163,7 +163,6 @@ keystone.oauth1 =
|
||||||
sql = keystone.oauth1.backends.sql:OAuth1
|
sql = keystone.oauth1.backends.sql:OAuth1
|
||||||
|
|
||||||
keystone.revoke =
|
keystone.revoke =
|
||||||
kvs = keystone.revoke.backends.kvs:Revoke
|
|
||||||
sql = keystone.revoke.backends.sql:Revoke
|
sql = keystone.revoke.backends.sql:Revoke
|
||||||
|
|
||||||
oslo.config.opts =
|
oslo.config.opts =
|
||||||
|
|
Loading…
Reference in New Issue