openstack
/
keystone
Code Issues Proposed changes
OpenStack Identity (Keystone)
12,727 Commits 9 Branches 40 Tags 231 MiB
Python 99.5%
Shell 0.5%
Go to file
Lance Bragstad d57733f4e8 Add test case for expanding implied roles in system tokens 
This change is being backported because it provides a helper method in
the unit tests that another change relies on.

If a user has a role assignment on the system, which implies another
role assignment, the system-scoped token response should include
both role assignments.

This patch exposes a bug in the system-scoped token implementation
where implied roles aren't expanded out before returning the
token response to the user.

Change-Id: I176bbbda9658a54f6873a4009938f140a5b1a33e
Related-Bug: 1788694
(cherry picked from commit 6d7cfdb4ba)
(cherry picked from commit 1403a9645d)
 		2019-10-22 11:49:29 -07:00
api-ref/source Update 3.10 versioning to limits and system scope 2018-02-21 20:14:15 +00:00
config-generator Move policy generator config to config-generator/ 2017-04-21 21:47:32 +00:00
devstack Update links in keystone 2017-09-12 15:18:13 +08:00
doc Replace openstack.org git:// URLs with https:// 2019-03-24 20:33:59 +00:00
etc Update sample configuration file for Queens 2018-02-06 21:19:35 +00:00
examples/pki Remove support for PKI and PKIz tokens 2016-11-01 22:05:01 +00:00
httpd Remove apache-httpd related link 2017-11-23 14:05:17 +08:00
keystone Add test case for expanding implied roles in system tokens 2019-10-22 11:49:29 -07:00
keystone_tempest_plugin Remove the local tempest plugin 2017-06-06 11:48:37 +00:00
playbooks/legacy OpenDev Migration Patch 2019-04-19 19:30:42 +00:00
rally-jobs [rally] remove deprecated arg 2015-10-29 16:34:58 +02:00
releasenotes Merge "Add retry for DBDeadlock in credential delete" into stable/queens 2019-10-19 00:49:17 +00:00
tools Increase MySQL max_connections for unit tests 2018-01-30 23:49:04 +01:00
.coveragerc Change ignore-errors to ignore_errors 2015-09-21 14:27:58 +00:00
.gitignore Migrate to stestr 2017-09-22 11:07:09 -05:00
.gitreview OpenDev Migration Patch 2019-04-19 19:30:42 +00:00
.mailmap update mailmap with gyee's new email 2015-11-03 16:12:01 -08:00
.stestr.conf Migrate to stestr 2017-09-22 11:07:09 -05:00
.zuul.yaml Import LDAP job into project 2019-10-17 09:14:49 -07:00
CONTRIBUTING.rst Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
HACKING.rst Merge "Update links in keystone" 2017-10-06 16:10:56 +00:00
LICENSE Added Apache 2.0 License information. 2012-02-15 17:48:33 -08:00
README.rst Update API reference link in README 2017-09-14 14:07:09 -06:00
babel.cfg setting up babel for i18n work 2012-06-21 18:03:09 -07:00
bindep.txt Differentiate between dpkg and rpm for libssl-dev 2017-03-31 11:27:25 -04:00
requirements.txt Updated from global requirements 2018-01-17 20:36:58 +00:00
setup.cfg Cap bandit 2019-08-22 08:31:02 +02:00
setup.py Updated from global requirements 2017-03-06 01:10:37 +00:00
test-requirements.txt Updated from global requirements 2018-01-17 20:36:58 +00:00
tox.ini Update UPPER_CONSTRAINTS_FILE for stable/queens 2018-02-09 15:26:07 +00:00

README.rst

Team and repository tags

image

OpenStack Keystone

Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.

Developer documentation, the source of which is in doc/source/, is published at:

https://docs.openstack.org/keystone/latest

The API reference and documentation are available at:

https://developer.openstack.org/api-ref/identity

The canonical client library is available at:

https://git.openstack.org/cgit/openstack/python-keystoneclient

Documentation for cloud administrators is available at:

https://docs.openstack.org/

The source of documentation for cloud administrators is available at:

https://git.openstack.org/cgit/openstack/openstack-manuals

Information about our team meeting is available at:

https://wiki.openstack.org/wiki/Meetings/KeystoneMeeting

Bugs and feature requests are tracked on Launchpad at:

https://bugs.launchpad.net/keystone

Future design work is tracked at:

https://specs.openstack.org/openstack/keystone-specs

Contributors are encouraged to join IRC (#openstack-keystone on freenode):

https://wiki.openstack.org/wiki/IRC

For information on contributing to Keystone, see CONTRIBUTING.rst.