Currently, bandit marks usages of SHA1 as insecure, which
results in false positives for instances of SHA1 in keystone.
However, keystone uses HMAC-SHA1 which is currently considered
secure as opposed to just SHA1 hashing.
This change marks a # nosec comment against the lines which
are triggering the false positives in Bandit in order to
tell bandit to avoid these instances of SHA1.
See [1] for HMAC-SHA1 discussion in keystone
[1] https://review.openstack.org/#/c/453365/
Change-Id: Ibb44db1f8727d014d186b412106d0cd4e2f4a6dd