This patch removes any unused parameters in the v2 and v3 api's.
In order to find which parameters were unused, I wrote a script
that found all the parameters used in the `parameters.yaml` files,
then is searched the same api directory (ex: v3/, v3-ext/, etc.)
for any reference to these parameters. Anything unreferenced was
flagged and then removed.
Script: http://cdn.pasteraw.com/8cdh0e76aqhtliuh874veautr7as8k7
Change-Id: I1558ac94e1041f9fbb1d6713b394c4f97f997ada
Some parameters of similar name would follow the convention
such as `region_id` and `region_id_1` which gave no good
information as to the differences.
This patch changes these names to help give such information.
Change-Id: I2dec61ed06042990ff54e86c02dc3fca9d566366
This patch adds filters to list_user that enable the user to query for
unique_id, idp_id, protocol_id, or a mix of these to get back the
corresponding users of the federated attributes.
Partially-Implements: bp support-federated-attr
Change-Id: Iea5681791e521e9b8d96137fe30c388c10a02b30
The token issue response has timestamps like this:
"issued_at": "2017-01-03T22:42:55.000000Z"
"expires_at": "2017-01-03T23:42:55.000000Z"
Which didn't match the format documented in the API spec (the
response has subsecond precision and Z rather than ±HHMM).
Change-Id: I1deeac1776a7716ee66d187d1c1c7c1f5b02235f
Closes-Bug: 1634568
The v3 API spec for tokens documents the format of timestamps.
It says the format is like "CCYY-MM-DDThh:mm:ss±hh:mm".
By this, the timestamps returned by keystone like this:
2016-12-13T15:33:12+0000
Change-Id: I616865c1b12457487c4aeb5b8e907ca01cb79ef9
Closes-Bug:#1634568
New proposal on how we document the password_expires_at query.
bp pci-dss-query-password-expired-users
Co-Authored-By: Samuel Pilla <sp516w@att.com>
Change-Id: I81facd0a84f5c05f72294eb1a143c7632b2406e1
The api documentation for the following queries:
/v3/users?password_expires_at={operator}:{timestamp}
/v3/groups/{group_id}/users?password_expires_at={operator}:{timestamp}
The acceptable operators are lt, lte, gt, gte, eq, and neq.
They allow for querying for a range of timestamps rather than
an exact time for password expiration.
Examples:
- GET /v3/users?password_expires_at=lt:2016-11-06T15:32:17Z
- GET /v3/groups/079c578fd99b428ab61fcd4c9bd88ecd/users?password_expires_at=gt:2016-12-08T22:02:00Z
Partially-Implements: bp pci-dss-query-password-expired-users
Parent-Id: If0b9cc3c8af92b2ea5d41a0e8afeb78e12b7689c
Change-Id: I737dd6b703cc5af16b3d748ebaeebe0fbada039e
A service user from auth_token middleware should be able to fetch a
token that has expired within a certain window so that long running
operations can finish.
Implements bp: allow-expired
Change-Id: I784f719be88481048f5aa7a79d34a54907438cf3
The v3 endpoint documentation /v3/auth/tokens/OS-PKI/revoked is missing
in /api-ref. This patch set adds the documentation for v3.
A separate patch set will be submitted for v2.
Change-Id: I3db3356d24cc8885012756016a90a0996fcf14f5
Partial-Bug: #1626778
This patch fixes the following problems found in the api doc:
- The 'service_id' field should not appear in a service create request;
- The 'enabled', 'description' fields should be optional when doing a
service update.
Change-Id: Iac91a9f2d29a458f1e3eb93e64fea6a508b9980c
Add domain_id parameter to the /roles API documentation,
and example request and response json's.
Change-Id: I213883b8402b518e041542ae1c3c169612a096c5
Closes-Bug: #1609171
This patch adds GET /auth/catalog, GET /auth/projects and GET /auth/domains
to the API site.
Change-Id: Ifda4676680bb9759348bbf7f3353741c45308b8c
Closes-bug: #1609178
Add the following query options to the api-ref:
* parents_as_list (key-only, no value expected)
* subtree_as_list (key-only, no value expected)
* parents_as_ids (key-only, no value expected)
* subtree_as_ids (key-only, no value expected)
Change-Id: Ie9362885d57112c81c7141c4238e9e3d5d3e0431
Closes-Bug: #1609175
The "is_domain" query parameter is missing from GET/UPDATE /v3/projects
documentation in the API site.
Change-Id: I059f7e2ac689ec799dbdcc30c071de26d1603c47
Closes-bug: #1609174
This patch adds a new user response attribute, password_expires_at,
to the Identity API v3 documentation.
Passord expires validation implementation:
https://review.openstack.org/333360
Depends-On: I07c10de627898d6ac79578dc24292ded4a2190f1
Partially-implements: blueprint pci-dss
Change-Id: I37136f79488d7469f0b8b24e3f5628899e40cac0
A number of the examples are also updated, since not all of
them were valid combinations of domain_id, parent_id and
is_domain.
Change-Id: Id642762cd6acfdf6142b24caf3de1d16db599065
The response paramaters for listing users who are members of a
group will be added in a later patch, once the users api-ref
has been cleaned up.
Change-Id: Ib08ac374f9e16aa443cc33253a84a67ab98958d0
These inline parameters are not optional, they are required to call the
API, this patch change all of them from optional to required.
Change-Id: I6b1c8893b12e5e88f887c884b9812eb1005dcbdd
Docs at [1] have already been converted from WADL (SGML / XML) to RST
using fairy-slipper [2].
This commit polish the results from the conversion and migrate the docs
to our repository under 'api-ref/source' directory. In addition, it
added missing descriptions for access_token_id and consumer_id to
'parameters.yaml'.
Polishing the generated RST files include:
- Removing unnecessary blank lines;
- Removing empty references.
Polishing the generated RST files do not include:
- Modifying their content;
- Modifying file names;
- Wrapping lines at the maximum of 79 chars.
Updating the documentation will be done after this migration step.
This change also adds a tox environment to build the docs using sphinx
under 'api-ref/build', which in turn is added to '.gitignore'.
Lastly, 'os-api-ref' is added as a test requirement. It provides the
sphinx stanzas rest_method and rest_parameter, used to define OpenStack
APIs in RST docs.
[1] https://github.com/openstack/api-site/tree/master/api-ref/source/identity/v3
[2] https://github.com/russell/fairy-slipper
Change-Id: If1b9a3e1b2e4ea7211c337071254c26b881893a3