9450cd9699
In the event that the revocation event is created at the exact same timestamp as the token's creation timestamp, the event's issued_before will equal the token's issued_at and will thus not be revoked (according to the current code). This is much more likely to occur when a token's issue_at timestamp is rounded to whole seconds (rather than carrying microsecond level precision), as they are with Fernet and MySQL. Change-Id: If1f5e546463f189a0b487140a620def545006c25 Closes-Bug: 1484237 Related-Bug: 1488208 |
||
---|---|---|
config-generator | ||
doc | ||
etc | ||
examples/pki | ||
httpd | ||
keystone | ||
rally-jobs | ||
tools | ||
.coveragerc | ||
.gitignore | ||
.gitreview | ||
.mailmap | ||
.testr.conf | ||
CONTRIBUTING.rst | ||
HACKING.rst | ||
LICENSE | ||
MANIFEST.in | ||
README.rst | ||
babel.cfg | ||
bandit.yaml | ||
openstack-common.conf | ||
requirements.txt | ||
run_tests.sh | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
OpenStack Keystone
Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.
Developer documentation, the source of which is in
doc/source/
, is published at:
The API specification and documentation are available at:
The canonical client library is available at:
https://git.openstack.org/cgit/openstack/python-keystoneclient
Documentation for cloud administrators is available at:
The source of documentation for cloud administrators is available at:
Information about our team meeting is available at:
Bugs and feature requests are tracked on Launchpad at:
Future design work is tracked at:
http://specs.openstack.org/openstack/keystone-specs/#identity-program-specifications
Contributors are encouraged to join IRC
(#openstack-keystone
on freenode):
For information on contributing to Keystone, see
CONTRIBUTING.rst
.