openstack
/
keystone
Code Issues Proposed changes
OpenStack Identity (Keystone)
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10,053 Commits
11 Branches
24 Tags
227 MiB
Python 99.4%
Shell 0.6%
 
 
master
stable/xena
stable/2023.1
stable/yoga
stable/zed
stable/wallaby
stable/train
stable/ussuri
stable/victoria
stable/stein
stable/rocky
xena-em
23.0.0
23.0.0.0rc1
20.0.1
queens-eol
wallaby-em
22.0.0
22.0.0.0rc1
pike-eol
19.0.1
victoria-em
21.0.0
21.0.0.0rc1
18.1.0
ussuri-em
20.0.0
20.0.0.0rc1
17.0.1
ocata-eol
train-em
16.0.2
19.0.0
19.0.0.0rc2
19.0.0.0rc1
stein-em
18.0.0
18.0.0.0rc1
17.0.0
16.0.1
15.0.1
17.0.0.0rc2
17.0.0.0rc1
rocky-em
14.2.0
queens-em
13.0.4
13.0.3
16.0.0
16.0.0.0rc2
16.0.0.0rc1
pike-em
12.0.3
ocata-em
15.0.0
14.1.0
15.0.0.0rc2
15.0.0.0rc1
14.0.1
12.0.2
13.0.2
14.0.0
14.0.0.0rc2
14.0.0.0rc1
12.0.1
11.0.4
13.0.1
14.0.0.0b3
14.0.0.0b2
14.0.0.0b1
13.0.0
13.0.0.0rc2
13.0.0.0rc1
13.0.0.0b3
13.0.0.0b2
newton-eol
13.0.0.0b1
12.0.0
12.0.0.0rc2
12.0.0.0rc1
12.0.0.0b3
10.0.3
11.0.3
mitaka-eol
10.0.2
12.0.0.0b2
11.0.2
11.0.1
12.0.0.0b1
11.0.0
11.0.0.0rc1
9.3.0
10.0.1
11.0.0.0b3
11.0.0.0b2
liberty-eol
11.0.0.0b1
10.0.0
10.0.0.0rc3
10.0.0.0rc2
9.2.0
10.0.0.0rc1
10.0.0.0b3
10.0.0.0b2
9.1.0
10.0.0.0b1
8.1.2
9.0.2
9.0.1
kilo-eol
2015.1.4
9.0.0
9.0.0.0rc3
9.0.0.0rc2
9.0.0.0rc1
8.1.0
9.0.0.0b3
2015.1.3
9.0.0.0b2
8.0.1
juno-eol
9.0.0.0b1
2014.2.4
8.0.0
2015.1.2
8.0.0.0rc2
8.0.0.0rc1
8.0.0.0b3
8.0.0.0b2
2015.1.1
icehouse-eol
8.0.0.0b1
2014.1.5
8.0.0a0
2015.1.0
2015.1.0rc2
2014.2.3
2015.1.0rc1
2015.1.0b3
2014.1.4
2014.2.2
2015.1.0b2
2015.1.0b1
2014.2.1
2014.2
2014.2.rc2
2014.1.3
2014.2.rc1
havana-eol
2013.2.4
2014.2.b3
2014.1.2.1
2014.1.2
2014.2.b2
2014.2.b1
2014.1.1
2014.1
2014.1.rc2
2013.2.3
grizzly-eol
2014.1.rc1
2013.1.5
2014.1.b3
2013.2.2
2014.1.b2
2013.2.1
2014.1.b1
folsom-eol
2013.1.4
2013.2
2013.2.rc4
2013.2.rc3
2013.2.rc2
2013.2.rc1
2013.2.b3
2013.1.3
2013.2.b2
2013.1.2
2013.2.b1
2013.1.1
essex-eol
diablo-eol
2012.2.4
2013.1
2013.1.rc3
2013.1.rc2
2013.1.rc1
2013.1.g3
2012.2.3
grizzly-2
2012.2.1
grizzly-1
2012.1.3
2012.2
folsom-rc2
folsom-rc1
folsom-3
2012.1.2
folsom-2
2012.1.1
folsom-1
2012.1
essex-rc2
essex-rc1
2011.3
2011.3.1
essex-1
essex-2
essex-3
essex-4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1d7c96d6a3'
${ noResults }
Go to file
Jamie Lennox 1d7c96d6a3 Require auth_context middleware in the pipeline 
Keystone has shipped with the auth_context middleware in the pipeline
now for a number of releases. In newer parts of the code we rely on it
for auth information and in others we don't.

A prime example of this is the @protected handlers, if the auth_context
middleware isn't present it rebuilds this information. This is yet
another place where keystone validates a token.

Set a flag on the context to indicate that the request was validated by
auth_context middleware and raise Unauthenticated if not. This
essentially requires deployments to have the middleware enabled and
reduces validation to that point. This will help unify the code that is
behind a protected endpoint as we can rely on the context.

Change-Id: Iceca967e5bf698df13da28d0875c441f2a980e90
 		7 years ago
api-ref/source Merge "Docs: Fix the query params in role_assignments example" 7 years ago
config-generator Remove eventlet support 7 years ago
doc Merge "Mark the domain config via API as stable" 7 years ago
etc Merge "Concrete role assignments for federated users" 7 years ago
examples/pki Correct bashate issues in gen_pki.sh 8 years ago
httpd Keystone uwsgi performance tuning 7 years ago
keystone Require auth_context middleware in the pipeline 7 years ago
keystone_tempest_plugin Replace keystone.common.config with keystone.conf package 7 years ago
rally-jobs [rally] remove deprecated arg 8 years ago
releasenotes Mark the domain config via API as stable 7 years ago
tools Remove helper script for py34 7 years ago
.coveragerc Change ignore-errors to ignore_errors 8 years ago
.gitignore Migrate identity /v3 docs from api-ref repo 7 years ago
.gitreview Add .gitreview config file for gerrit. 12 years ago
.mailmap update mailmap with gyee's new email 8 years ago
.testr.conf Stop using oslotest.BaseTestCase 7 years ago
CONTRIBUTING.rst Workflow documentation is now in infra-manual 8 years ago
HACKING.rst Use oslo.log instead of incubator 8 years ago
LICENSE Added Apache 2.0 License information. 11 years ago
MANIFEST.in Add .mo files to MANIFEST.in 7 years ago
README.rst Replace github reference by git.openstack.org and change a doc link 8 years ago
babel.cfg setting up babel for i18n work 11 years ago
other-requirements.txt Update other-requirements for Xenial 7 years ago
requirements.txt Updated from global requirements 7 years ago
setup.cfg Merge "Revert "Install necessary files in etc/"" 7 years ago
setup.py Updated from global requirements 8 years ago
test-requirements.txt Updated from global requirements 7 years ago
tox.ini Merge "Include doc directory in pep8 checks" 7 years ago

README.rst

OpenStack Keystone

Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.

Developer documentation, the source of which is in doc/source/, is published at:

http://docs.openstack.org/developer/keystone/

The API specification and documentation are available at:

http://specs.openstack.org/openstack/keystone-specs/

The canonical client library is available at:

https://git.openstack.org/cgit/openstack/python-keystoneclient

Documentation for cloud administrators is available at:

http://docs.openstack.org/

The source of documentation for cloud administrators is available at:

https://git.openstack.org/cgit/openstack/openstack-manuals

Information about our team meeting is available at:

https://wiki.openstack.org/wiki/Meetings/KeystoneMeeting

Bugs and feature requests are tracked on Launchpad at:

https://bugs.launchpad.net/keystone

Future design work is tracked at:

http://specs.openstack.org/openstack/keystone-specs/#identity-program-specifications

Contributors are encouraged to join IRC (#openstack-keystone on freenode):

https://wiki.openstack.org/wiki/IRC

For information on contributing to Keystone, see CONTRIBUTING.rst.