openstack/keystone
Code Issues Proposed changes
OpenStack Identity (Keystone)
14,980 Commits 10 Branches 43 Tags 233 MiB
Python 99.5%
Shell 0.5%
c3c6d9854c
Go to file
gtema c3c6d9854c Fix implied roles in the application credentials 
When user requests new application credentials without specifying roles
explicitly all current roles from the token are being used for that
(including implied roles).
When new application credentials are requested specifying a role that
implies another role (i.e. member) only that role is added into the
list. This is not what is expected, so change it by looping through
every requested role and add every implied role into the list if it is
not already there.

Related-Bug: https://bugs.launchpad.net/keystone/+bug/2030061

Change-Id: I452313ac7e1e6960748bcd1e667fb7c0076eb7a2
2024-07-15 15:09:41 +02:00
api-ref/source Merge "Replace CRLF by LF" 2024-03-29 17:24:57 +00:00
config-generator Move policy generator config to config-generator/ 2017-04-21 21:47:32 +00:00
devstack Run Secure RBAC tests as project-admin 2024-04-02 20:56:48 -05:00
doc Merge "Improve configuration of out-of-tree identity drivers" 2024-07-12 18:16:30 +00:00
etc Deprecate templated catalog driver 2024-03-13 22:09:30 +09:00
examples/pki Remove support for PKI and PKIz tokens 2016-11-01 22:05:01 +00:00
httpd Remove admin interface in sample Apache file 2018-03-24 12:56:02 +01:00
keystone Fix implied roles in the application credentials 2024-07-15 15:09:41 +02:00
keystone_tempest_plugin Replace git.openstack.org URLs with opendev.org URLs 2019-04-24 11:51:00 +08:00
playbooks Add FIPS check job 2021-08-04 14:25:06 -04:00
rally-jobs fix rally docs url 2018-05-21 16:24:51 +08:00
releasenotes Merge "Improve configuration of out-of-tree identity drivers" 2024-07-12 18:16:30 +00:00
tools Drop remaining references to eventlet options 2024-01-27 21:02:14 +09:00
.coveragerc Change ignore-errors to ignore_errors 2015-09-21 14:27:58 +00:00
.gitignore Tell reno to ignore the kilo branch 2020-02-21 13:51:02 -05:00
.gitreview OpenDev Migration Patch 2019-04-19 19:30:29 +00:00
.mailmap update mailmap with gyee's new email 2015-11-03 16:12:01 -08:00
.stestr.conf Migrate to stestr 2017-09-22 11:07:09 -05:00
.zuul.yaml Merge "Remove SQLAlchemy tips jobs" 2024-06-28 17:14:38 +00:00
bindep.txt Fix bindep.txt for python 3.11 job(Debian Bookworm) 2023-11-29 12:41:29 +09:00
CONTRIBUTING.rst Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
HACKING.rst Merge "Update links in keystone" 2017-10-06 16:10:56 +00:00
LICENSE Added Apache 2.0 License information. 2012-02-15 17:48:33 -08:00
README.rst Moving IRC network reference to OFTC 2021-07-16 13:58:33 +00:00
reno.yaml Update regex to detect closed branch 2024-03-13 19:27:16 +09:00
requirements.txt Remove dependency on pytz 2024-06-10 09:14:41 +00:00
setup.cfg Drop unused pymongodb from requirements 2024-02-04 15:04:55 +00:00
setup.py Cleanup py27 support 2020-04-08 08:37:30 +02:00
test-requirements.txt Remove dependency on pytz 2024-06-10 09:14:41 +00:00
tox.ini Drop unused pymongodb from requirements 2024-02-04 15:04:55 +00:00

README.rst

OpenStack Keystone

image

OpenStack Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.

Developer documentation, the source of which is in doc/source/, is published at:

https://docs.openstack.org/keystone/latest

The API reference and documentation are available at:

https://docs.openstack.org/api-ref/identity

The canonical client library is available at:

https://opendev.org/openstack/python-keystoneclient

Documentation for cloud administrators is available at:

https://docs.openstack.org/

The source of documentation for cloud administrators is available at:

https://opendev.org/openstack/openstack-manuals

Information about our team meeting is available at:

https://wiki.openstack.org/wiki/Meetings/KeystoneMeeting

Release notes is available at:

https://docs.openstack.org/releasenotes/keystone

Bugs and feature requests are tracked on Launchpad at:

https://bugs.launchpad.net/keystone

Future design work is tracked at:

https://specs.openstack.org/openstack/keystone-specs

Contributors are encouraged to join IRC (#openstack-keystone on OFTC):

https://wiki.openstack.org/wiki/IRC

Source for the project:

https://opendev.org/openstack/keystone

For information on contributing to Keystone, see CONTRIBUTING.rst.