1d7c96d6a3
Keystone has shipped with the auth_context middleware in the pipeline now for a number of releases. In newer parts of the code we rely on it for auth information and in others we don't. A prime example of this is the @protected handlers, if the auth_context middleware isn't present it rebuilds this information. This is yet another place where keystone validates a token. Set a flag on the context to indicate that the request was validated by auth_context middleware and raise Unauthenticated if not. This essentially requires deployments to have the middleware enabled and reduces validation to that point. This will help unify the code that is behind a protected endpoint as we can rely on the context. Change-Id: Iceca967e5bf698df13da28d0875c441f2a980e90 |
||
|---|---|---|
| .. | ||
| common | ||
| functional | ||
| hacking | ||
| unit | ||
| __init__.py | ||