796198f196
Without this patch, the token formatter does not have enough data to construct a token created with an application credential. This means that if the token cache is disabled or expired, when keystone goes to create the token it will not find any application credential information and will not recreate the application_credential_restricted parameter in the token data. This patch creates a new Payload class for application credentials so that the application credential ID is properly persisted in the msgpack'd payload. It also adds more data to the token data object so that the application credential ID and name as well as its restricted status is available when the token is queried. Co-authored-by: Lance Bragstad <lbragstad@gmail.com> Change-Id: I322a40404d8287748fe8c3a8d6dc1256d935d84a Closes-bug: #1750415
Team and repository tags
OpenStack Keystone
Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.
Developer documentation, the source of which is in
doc/source/, is published at:
The API reference and documentation are available at:
The canonical client library is available at:
https://git.openstack.org/cgit/openstack/python-keystoneclient
Documentation for cloud administrators is available at:
The source of documentation for cloud administrators is available at:
Information about our team meeting is available at:
Bugs and feature requests are tracked on Launchpad at:
Future design work is tracked at:
Contributors are encouraged to join IRC
(#openstack-keystone on freenode):
For information on contributing to Keystone, see
CONTRIBUTING.rst.