keystone/keystone
Gage Hugo 4649fe6bfc Hide AccountLocked exception from end users
This change hides the AccountLocked exception from being returned
to the end user to hide sensitive information that a potential
malicious person could gain insight from.

The notification handler catches the AccountLocked exception as
before, but after sending the audit notification, it instead
bubbles up Unauthorized rather than AccountLocked.

Co-Authored-By: Samuel de Medeiros Queiroz <samueldmq@gmail.com>

Change-Id: Id51241989b22c52810391f3e8e1cadbf8613d873
Related-Bug: #1688137
(cherry picked from commit ac2631ae33)
2021-05-10 15:46:16 +00:00
..
api Use app cred user ID in policy enforcement 2021-01-08 16:49:25 +00:00
application_credential Update hacking for Python3 2020-04-15 07:17:58 +02:00
assignment Delete system role assignments from system_assignment table 2020-10-30 16:01:45 +00:00
auth Add expiring user group memberships on mapped authentication 2020-04-07 19:30:57 -04:00
catalog Remove six usage 2020-01-30 06:06:51 +00:00
cmd Write a symptom for checking memcache connections 2020-08-26 10:28:39 -05:00
common Merge "Update hacking for Python3" 2020-04-25 10:21:07 +00:00
conf Spelling Fix 2020-08-06 19:49:34 +05:30
credential New config option 'user_limit' in credentials 2020-06-12 13:52:45 +05:30
endpoint_policy Remove six usage 2020-01-30 06:06:51 +00:00
federation Support regexes in whitelists/blacklists 2020-05-26 11:00:21 -05:00
identity Retry update_user when sqlalchemy raises StaleDataErrors 2021-03-29 19:19:42 +00:00
limit Remove six usage 2020-01-30 06:06:51 +00:00
locale Imported Translations from Zanata 2020-06-19 07:42:43 +00:00
models Ensure OAuth1 authorized roles are respected 2020-05-01 15:48:58 -07:00
oauth1 Stop to use the __future__ module. 2020-06-02 20:20:37 +02:00
policy Remove six usage 2020-01-30 06:06:51 +00:00
receipt Remove six usage 2020-01-30 06:06:51 +00:00
resource Update hacking for Python3 2020-04-15 07:17:58 +02:00
revoke Remove six usage 2020-01-30 06:06:51 +00:00
server Merge "Stop to use the __future__ module." 2020-07-31 08:42:30 +00:00
tests Hide AccountLocked exception from end users 2021-05-10 15:46:16 +00:00
token Follow-up for bug-1891244 2020-08-13 15:40:35 +05:30
trust Remove six usage 2020-01-30 06:06:51 +00:00
__init__.py Revert "Disable eventlet monkey-patching of DNS" 2013-05-10 10:24:48 -04:00
exception.py New config option 'user_limit' in credentials 2020-06-12 13:52:45 +05:30
i18n.py Fix translated response 2019-08-19 14:49:37 +08:00
notifications.py Hide AccountLocked exception from end users 2021-05-10 15:46:16 +00:00
version.py Add expiring user group memberships on mapped authentication 2020-04-07 19:30:57 -04:00