openstack
/
keystone
Code Issues Proposed changes
keystone/keystone/api
History
Stuart Grace 36d6fc7f8f Accept STS and IAM services from Ceph Obj Gateway 
Ceph Object Gateway can use keystone for authenticating user requests
to its S3-compatible API, but recent versions also provide two other
AWS-compatible APIs for managing user access: Security Token Service
(STS) and Identity and Access Management (IAM). These attempt to
authenticate requests with Keystone but always receive 403 Access
Denied because _calculate_signature_v4() in api/s3tokens.py only
accepts "s3" as the service name. This patch accepts any of "s3" or
"sts" or "iam" as valid service names.

Change-Id: I69f16ed55dd9852859307b701a8391ba1e71c042
Closes-Bug: #1897280
 		2021-11-24 16:09:21 +00:00
..
_shared Fix security issues with EC2 credentials 2020-05-02 12:34:20 -07:00
__init__.py Revert "Add API for /v3/access_rules_config" 2019-05-28 08:38:39 -07:00
auth.py NIT: Fix spelling 2020-03-06 12:52:15 +05:30
credentials.py Disable EC2 credentials access_id update 2020-05-19 17:35:05 +05:30
discovery.py Add expiring user group memberships on mapped authentication 2020-04-07 19:30:57 -04:00
domains.py Remove six usage 2020-01-30 06:06:51 +00:00
ec2tokens.py Remove six usage 2020-01-30 06:06:51 +00:00
endpoints.py Remove six usage 2020-01-30 06:06:51 +00:00
groups.py Remove six usage 2020-01-30 06:06:51 +00:00
limits.py Remove six usage 2020-01-30 06:06:51 +00:00
os_ep_filter.py Remove six usage 2020-01-30 06:06:51 +00:00
os_federation.py Expiring Group Memberships API - Allow set idp authorization_ttl 2020-04-09 01:59:58 +00:00
os_inherit.py Remove six usage 2020-01-30 06:06:51 +00:00
os_oauth1.py Remove six usage 2020-01-30 06:06:51 +00:00
os_revoke.py Move json_home "extension" rel functions 2018-08-16 20:49:01 +00:00
os_simple_cert.py Fix missing print format and missing ws between words 2019-08-06 08:29:34 +08:00
policy.py Remove six usage 2020-01-30 06:06:51 +00:00
projects.py Remove six usage 2020-01-30 06:06:51 +00:00
regions.py Remove six usage 2020-01-30 06:06:51 +00:00
registered_limits.py Remove six usage 2020-01-30 06:06:51 +00:00
role_assignments.py Fix validation of role assignment subtree list 2019-09-17 23:12:47 -07:00
role_inferences.py Update hacking for Python3 2020-04-15 07:17:58 +02:00
roles.py Remove six usage 2020-01-30 06:06:51 +00:00
s3tokens.py Accept STS and IAM services from Ceph Obj Gateway 2021-11-24 16:09:21 +00:00
services.py Remove six usage 2020-01-30 06:06:51 +00:00
system.py Remove six usage 2020-01-30 06:06:51 +00:00
trusts.py Remove six usage 2020-01-30 06:06:51 +00:00
users.py Use app cred user ID in policy enforcement 2020-11-11 11:01:20 -06:00