openstack/keystone
Code Issues Proposed changes
15,233 Commits 9 Branches 232 Tags
47f155b242586a4ee479cb50b03aeecaa2d3b63a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Grzegorz Grasza 47f155b242 Bytes-vs-str mismatch causes repeated ID mapping creates on list 
LDAP drivers can yield refs with values encoded as bytestrings,
which inclues bytes local IDs, while the ID mapping layer
stores/returns strings.

During list post-processing, this mismatch prevents lookups from hitting
the seeded mapping and triggers create_id_mapping again on each pass,
causing unnecessary churn and latency during token issuance.

This change adds unit test for both cases:
 - bytes IDs: the original behavior was that the cumulative
   create_id_mapping count increased with each iteration.
 - string IDs: seeded mapping is reused; no creates across iterations.
The helper always seeds with a string local_id, normalizing the mapping
list local_id to string. After the fix, the results are the same for
string and bytestring.

Signed-off-by: Grzegorz Grasza <xek@redhat.com>
Change-Id: I89235b2721380544304221a2da67a30971c62bf9
(cherry picked from commit bc3e790f58)
2025-12-01 14:00:01 +00:00
api-ref
Start building openapi doc
2025-05-07 13:30:10 +02:00
config-generator
Move policy generator config to config-generator/
2017-04-21 21:47:32 +00:00
devstack
Replace tabs
2025-03-02 01:01:34 +09:00
doc
Add service user authentication to ec2 and s3 endpoints
2025-11-04 15:08:50 +01:00
etc
Remove templated catalog driver
2025-01-03 10:36:02 +09:00
examples/pki
Remove support for PKI and PKIz tokens
2016-11-01 22:05:01 +00:00
httpd
Remove sample mod_wsgi config file
2025-05-23 17:47:03 +00:00
keystone
Bytes-vs-str mismatch causes repeated ID mapping creates on list
2025-12-01 14:00:01 +00:00
playbooks
Add FIPS check job
2021-08-04 14:25:06 -04:00
rally-jobs
fix rally docs url
2018-05-21 16:24:51 +08:00
releasenotes
Merge "Remove Python 3.9 support"
2025-07-18 16:57:51 +00:00
tools
Remove remaining reference to volume v2 API
2024-10-26 03:08:36 +09:00
.coveragerc
Change ignore-errors to ignore_errors
2015-09-21 14:27:58 +00:00
.git-blame-ignore-revs
Add blackify commit to blame ignore
2024-07-26 10:05:15 +02:00
.gitignore
Start building openapi doc
2025-05-07 13:30:10 +02:00
.gitreview
Update .gitreview for stable/2025.2
2025-09-11 12:36:44 +00:00
.mailmap
update mailmap with gyee's new email
2015-11-03 16:12:01 -08:00
.pre-commit-config.yaml
Update pre-commit hook versions
2025-05-28 11:55:35 +02:00
.stestr.conf
Migrate to stestr
2017-09-22 11:07:09 -05:00
.zuul.yaml
Remove OSA test job
2025-06-13 14:40:10 +00:00
bindep.txt
Replace sphinxcontrib-*diag
2024-11-19 20:45:53 +01:00
CONTRIBUTING.rst
Use https for docs.openstack.org references
2017-01-30 16:05:08 -08:00
HACKING.rst
Merge "Update links in keystone"
2017-10-06 16:10:56 +00:00
LICENSE
Added Apache 2.0 License information.
2012-02-15 17:48:33 -08:00
pyproject.toml
Add pyproject.toml to support pip 23.1
2025-05-09 10:38:13 +01:00
README.rst
Remove tags from README
2025-04-29 22:25:44 +00:00
reno.yaml
Update regex to detect closed branch
2024-03-13 19:27:16 +09:00
requirements.txt
Merge "Add explicit dependency on Werkzeug"
2025-03-28 18:08:03 +00:00
ruff.toml
Ruff the code
2024-10-30 19:11:22 +00:00
setup.cfg
Remove Python 3.9 support
2025-06-26 02:16:32 +00:00
setup.py
Enable black in pre-commit
2024-07-26 11:42:33 +02:00
test-requirements.txt
Remove dependency on pytz
2024-06-10 09:14:41 +00:00
tox.ini
Update TOX_CONSTRAINTS_FILE for stable/2025.2
2025-09-11 12:36:47 +00:00

README.rst

OpenStack Keystone

image

OpenStack Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.

Developer documentation, the source of which is in doc/source/, is published at:

https://docs.openstack.org/keystone/latest

The API reference and documentation are available at:

https://docs.openstack.org/api-ref/identity

The canonical client library is available at:

https://opendev.org/openstack/python-keystoneclient

Documentation for cloud administrators is available at:

https://docs.openstack.org/keystone/latest/

The source of documentation for cloud administrators is available at:

https://opendev.org/openstack/openstack-manuals

Information about our team meeting is available at:

https://wiki.openstack.org/wiki/Meetings/KeystoneMeeting

Release notes is available at:

https://docs.openstack.org/releasenotes/keystone

Bugs and feature requests are tracked on Launchpad at:

https://bugs.launchpad.net/keystone

Future design work is tracked at:

https://specs.openstack.org/openstack/keystone-specs

Contributors are encouraged to join IRC (#openstack-keystone on OFTC):

https://wiki.openstack.org/wiki/IRC

Source for the project:

https://opendev.org/openstack/keystone

For information on contributing to Keystone, see CONTRIBUTING.rst.

View Git Blame Copy Permalink
Description
OpenStack Identity (Keystone)
Readme 242 MiB
Languages
Python 99.5%
Shell 0.5%