From e63a8311fa2e5d7cccdb76b4cd3fc17719cc86c6 Mon Sep 17 00:00:00 2001 From: Raildo Mascena Date: Mon, 30 Nov 2015 17:17:00 -0300 Subject: [PATCH] Deprecating API v2.0 Keystone team decided to deprecate v2.0 on Mitaka. DocImpact: The keystone team recommends using v3 of our Identity API, so we decided to formally deprecate API v2.0 on Mitaka. Authentication routes and EC2 routes will not be deprecated for now, they will be kept around indefinitely. Partially implements: bp deprecated-as-of-mitaka Co-Authored-By: Steve Martinelli Change-Id: Ie3e484f08edd5acd3c89e76ba6a5c24d660a116d --- keystone/assignment/controllers.py | 2 +- keystone/common/controller.py | 42 +++++++++++++------ keystone/contrib/ec2/controllers.py | 10 ++--- keystone/token/controllers.py | 2 +- .../deprecate-v2-apis-894284c17be881d2.yaml | 8 ++++ 5 files changed, 45 insertions(+), 19 deletions(-) create mode 100644 releasenotes/notes/deprecate-v2-apis-894284c17be881d2.yaml diff --git a/keystone/assignment/controllers.py b/keystone/assignment/controllers.py index 1cd514eacb..c80669bd65 100644 --- a/keystone/assignment/controllers.py +++ b/keystone/assignment/controllers.py @@ -40,7 +40,7 @@ LOG = log.getLogger(__name__) class TenantAssignment(controller.V2Controller): """The V2 Project APIs that are processing assignments.""" - @controller.v2_deprecated + @controller.v2_auth_deprecated def get_projects_for_token(self, context, **kw): """Get valid tenants for token based on token used to authenticate. diff --git a/keystone/common/controller.py b/keystone/common/controller.py index 32d1574c6c..76814382d0 100644 --- a/keystone/common/controller.py +++ b/keystone/common/controller.py @@ -36,21 +36,39 @@ CONF = cfg.CONF def v2_deprecated(f): - """No-op decorator in preparation for deprecating Identity API v2. - - This is a placeholder for the pending deprecation of v2. The implementation - of this decorator can be replaced with:: - - from oslo_log import versionutils + @six.wraps(f) + def wrapper(*args, **kwargs): + deprecated = versionutils.deprecated( + what=f.__name__ + ' of the v2 API', + as_of=versionutils.deprecated.MITAKA, + in_favor_of='a similar function in the v3 API', + remove_in=+4) + return deprecated(f) + return wrapper() - v2_deprecated = versionutils.deprecated( - what='v2 API', - as_of=versionutils.deprecated.JUNO, - in_favor_of='v3 API') +def v2_ec2_deprecated(f): + @six.wraps(f) + def wrapper(*args, **kwargs): + deprecated = versionutils.deprecated( + what=f.__name__ + ' of the v2 EC2 APIs', + as_of=versionutils.deprecated.MITAKA, + in_favor_of=('a similar function in the v3 Credential APIs'), + remove_in=0) + return deprecated(f) + return wrapper() - """ - return f + +def v2_auth_deprecated(f): + @six.wraps(f) + def wrapper(*args, **kwargs): + deprecated = versionutils.deprecated( + what=f.__name__ + ' of the v2 Authentication APIs', + as_of=versionutils.deprecated.MITAKA, + in_favor_of=('a similar function in the v3 Authentication APIs'), + remove_in=0) + return deprecated(f) + return wrapper() def _build_policy_check_credentials(self, action, context, kwargs): diff --git a/keystone/contrib/ec2/controllers.py b/keystone/contrib/ec2/controllers.py index 0a8e1210a0..e276a6e343 100644 --- a/keystone/contrib/ec2/controllers.py +++ b/keystone/contrib/ec2/controllers.py @@ -261,7 +261,7 @@ class Ec2ControllerCommon(object): @dependency.requires('policy_api', 'token_provider_api') class Ec2Controller(Ec2ControllerCommon, controller.V2Controller): - @controller.v2_deprecated + @controller.v2_ec2_deprecated def authenticate(self, context, credentials=None, ec2Credentials=None): (user_ref, tenant_ref, metadata_ref, roles_ref, catalog_ref) = self._authenticate(credentials=credentials, @@ -281,27 +281,27 @@ class Ec2Controller(Ec2ControllerCommon, controller.V2Controller): auth_token_data, roles_ref, catalog_ref) return token_data - @controller.v2_deprecated + @controller.v2_ec2_deprecated def get_credential(self, context, user_id, credential_id): if not self._is_admin(context): self._assert_identity(context, user_id) return super(Ec2Controller, self).get_credential(user_id, credential_id) - @controller.v2_deprecated + @controller.v2_ec2_deprecated def get_credentials(self, context, user_id): if not self._is_admin(context): self._assert_identity(context, user_id) return super(Ec2Controller, self).get_credentials(user_id) - @controller.v2_deprecated + @controller.v2_ec2_deprecated def create_credential(self, context, user_id, tenant_id): if not self._is_admin(context): self._assert_identity(context, user_id) return super(Ec2Controller, self).create_credential(context, user_id, tenant_id) - @controller.v2_deprecated + @controller.v2_ec2_deprecated def delete_credential(self, context, user_id, credential_id): if not self._is_admin(context): self._assert_identity(context, user_id) diff --git a/keystone/token/controllers.py b/keystone/token/controllers.py index 59b56b129a..c5496f76ee 100644 --- a/keystone/token/controllers.py +++ b/keystone/token/controllers.py @@ -59,7 +59,7 @@ class Auth(controller.V2Controller): data = cert_file.read() return data - @controller.v2_deprecated + @controller.v2_auth_deprecated def authenticate(self, context, auth=None): """Authenticate credentials and return a token. diff --git a/releasenotes/notes/deprecate-v2-apis-894284c17be881d2.yaml b/releasenotes/notes/deprecate-v2-apis-894284c17be881d2.yaml new file mode 100644 index 0000000000..5968027425 --- /dev/null +++ b/releasenotes/notes/deprecate-v2-apis-894284c17be881d2.yaml @@ -0,0 +1,8 @@ +--- +deprecations: + - > + [`blueprint deprecated-as-of-mitaka `_] + Deprecated all v2.0 APIs. The keystone team recommends using v3 APIs instead. + Most v2.0 APIs will be removed in the 'Q' release. However, the authentication + APIs and EC2 APIs are indefinitely deprecated and will not be removed in + the 'Q' release.