Deprecating API v2.0
Keystone team decided to deprecate v2.0 on Mitaka. DocImpact: The keystone team recommends using v3 of our Identity API, so we decided to formally deprecate API v2.0 on Mitaka. Authentication routes and EC2 routes will not be deprecated for now, they will be kept around indefinitely. Partially implements: bp deprecated-as-of-mitaka Co-Authored-By: Steve Martinelli <stevemar@ca.ibm.com> Change-Id: Ie3e484f08edd5acd3c89e76ba6a5c24d660a116d
This commit is contained in:
Raildo Mascena
Raildo Mascena
parent
7b62b36960
commit
e63a8311fa
@ -40,7 +40,7 @@ LOG = log.getLogger(__name__)
|
|||||||
class TenantAssignment(controller.V2Controller):
|
class TenantAssignment(controller.V2Controller):
|
||||||
"""The V2 Project APIs that are processing assignments."""
|
"""The V2 Project APIs that are processing assignments."""
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_auth_deprecated
|
||||||
def get_projects_for_token(self, context, **kw):
|
def get_projects_for_token(self, context, **kw):
|
||||||
"""Get valid tenants for token based on token used to authenticate.
|
"""Get valid tenants for token based on token used to authenticate.
|
||||||
|
|
||||||
|
|||||||
@ -36,21 +36,39 @@ CONF = cfg.CONF
|
|||||||
|
|
||||||
|
|
||||||
def v2_deprecated(f):
|
def v2_deprecated(f):
|
||||||
"""No-op decorator in preparation for deprecating Identity API v2.
|
@six.wraps(f)
|
||||||
|
def wrapper(*args, **kwargs):
|
||||||
This is a placeholder for the pending deprecation of v2. The implementation
|
deprecated = versionutils.deprecated(
|
||||||
of this decorator can be replaced with::
|
what=f.__name__ + ' of the v2 API',
|
||||||
|
as_of=versionutils.deprecated.MITAKA,
|
||||||
from oslo_log import versionutils
|
in_favor_of='a similar function in the v3 API',
|
||||||
|
remove_in=+4)
|
||||||
|
return deprecated(f)
|
||||||
|
return wrapper()
|
||||||
|
|
||||||
|
|
||||||
v2_deprecated = versionutils.deprecated(
|
def v2_ec2_deprecated(f):
|
||||||
what='v2 API',
|
@six.wraps(f)
|
||||||
as_of=versionutils.deprecated.JUNO,
|
def wrapper(*args, **kwargs):
|
||||||
in_favor_of='v3 API')
|
deprecated = versionutils.deprecated(
|
||||||
|
what=f.__name__ + ' of the v2 EC2 APIs',
|
||||||
|
as_of=versionutils.deprecated.MITAKA,
|
||||||
|
in_favor_of=('a similar function in the v3 Credential APIs'),
|
||||||
|
remove_in=0)
|
||||||
|
return deprecated(f)
|
||||||
|
return wrapper()
|
||||||
|
|
||||||
"""
|
|
||||||
return f
|
def v2_auth_deprecated(f):
|
||||||
|
@six.wraps(f)
|
||||||
|
def wrapper(*args, **kwargs):
|
||||||
|
deprecated = versionutils.deprecated(
|
||||||
|
what=f.__name__ + ' of the v2 Authentication APIs',
|
||||||
|
as_of=versionutils.deprecated.MITAKA,
|
||||||
|
in_favor_of=('a similar function in the v3 Authentication APIs'),
|
||||||
|
remove_in=0)
|
||||||
|
return deprecated(f)
|
||||||
|
return wrapper()
|
||||||
|
|
||||||
|
|
||||||
def _build_policy_check_credentials(self, action, context, kwargs):
|
def _build_policy_check_credentials(self, action, context, kwargs):
|
||||||
|
|||||||
@ -261,7 +261,7 @@ class Ec2ControllerCommon(object):
|
|||||||
@dependency.requires('policy_api', 'token_provider_api')
|
@dependency.requires('policy_api', 'token_provider_api')
|
||||||
class Ec2Controller(Ec2ControllerCommon, controller.V2Controller):
|
class Ec2Controller(Ec2ControllerCommon, controller.V2Controller):
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_ec2_deprecated
|
||||||
def authenticate(self, context, credentials=None, ec2Credentials=None):
|
def authenticate(self, context, credentials=None, ec2Credentials=None):
|
||||||
(user_ref, tenant_ref, metadata_ref, roles_ref,
|
(user_ref, tenant_ref, metadata_ref, roles_ref,
|
||||||
catalog_ref) = self._authenticate(credentials=credentials,
|
catalog_ref) = self._authenticate(credentials=credentials,
|
||||||
@ -281,27 +281,27 @@ class Ec2Controller(Ec2ControllerCommon, controller.V2Controller):
|
|||||||
auth_token_data, roles_ref, catalog_ref)
|
auth_token_data, roles_ref, catalog_ref)
|
||||||
return token_data
|
return token_data
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_ec2_deprecated
|
||||||
def get_credential(self, context, user_id, credential_id):
|
def get_credential(self, context, user_id, credential_id):
|
||||||
if not self._is_admin(context):
|
if not self._is_admin(context):
|
||||||
self._assert_identity(context, user_id)
|
self._assert_identity(context, user_id)
|
||||||
return super(Ec2Controller, self).get_credential(user_id,
|
return super(Ec2Controller, self).get_credential(user_id,
|
||||||
credential_id)
|
credential_id)
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_ec2_deprecated
|
||||||
def get_credentials(self, context, user_id):
|
def get_credentials(self, context, user_id):
|
||||||
if not self._is_admin(context):
|
if not self._is_admin(context):
|
||||||
self._assert_identity(context, user_id)
|
self._assert_identity(context, user_id)
|
||||||
return super(Ec2Controller, self).get_credentials(user_id)
|
return super(Ec2Controller, self).get_credentials(user_id)
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_ec2_deprecated
|
||||||
def create_credential(self, context, user_id, tenant_id):
|
def create_credential(self, context, user_id, tenant_id):
|
||||||
if not self._is_admin(context):
|
if not self._is_admin(context):
|
||||||
self._assert_identity(context, user_id)
|
self._assert_identity(context, user_id)
|
||||||
return super(Ec2Controller, self).create_credential(context, user_id,
|
return super(Ec2Controller, self).create_credential(context, user_id,
|
||||||
tenant_id)
|
tenant_id)
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_ec2_deprecated
|
||||||
def delete_credential(self, context, user_id, credential_id):
|
def delete_credential(self, context, user_id, credential_id):
|
||||||
if not self._is_admin(context):
|
if not self._is_admin(context):
|
||||||
self._assert_identity(context, user_id)
|
self._assert_identity(context, user_id)
|
||||||
|
|||||||
@ -59,7 +59,7 @@ class Auth(controller.V2Controller):
|
|||||||
data = cert_file.read()
|
data = cert_file.read()
|
||||||
return data
|
return data
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_auth_deprecated
|
||||||
def authenticate(self, context, auth=None):
|
def authenticate(self, context, auth=None):
|
||||||
"""Authenticate credentials and return a token.
|
"""Authenticate credentials and return a token.
|
||||||
|
|
||||||
|
|||||||
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
deprecations:
|
||||||
|
- >
|
||||||
|
[`blueprint deprecated-as-of-mitaka <https://blueprints.launchpad.net/keystone/+spec/deprecated-as-of-mitaka>`_]
|
||||||
|
Deprecated all v2.0 APIs. The keystone team recommends using v3 APIs instead.
|
||||||
|
Most v2.0 APIs will be removed in the 'Q' release. However, the authentication
|
||||||
|
APIs and EC2 APIs are indefinitely deprecated and will not be removed in
|
||||||
|
the 'Q' release.
|
||||||
Loading…
Reference in New Issue
Block a user