d97832e8e8
Convert the /auth paths to flask native dispatching. A minor change to additional_urls was implemented to ensure all urls are added at once instead of individually (causing an over- write issue within flask as a single resource may only have a single set of URL mappings). Alternate URLs now support adding alternate JSON Home rel links. This is to support the case of OS-FEDERATION auth routes moving to /auth. The old JSON Home entries must exist but reference the new paths. This port includes the following test changes (needed due to the way flask handles requests and the way requests are passed through the auth system): * Implemented keystone.common.render_token (module) containing render_token_response_from_model and use it instead of keystone.common.controller.render_token_response_from_model. Minor differences occur in render_token_response_from_model in the keystone.common.render_token module, this is simply for referencing data from flask instead of the request object. * Test cases have been modified to no longer rely on the auth controller(s) directly * Test cases now use "make_request" as a context manager since authenticate/authenticate_for_token directly reference the flask contexts and must have an explicit context pushed. * Test cases no longer pass request objects into methods such as authenticate/authenticate_for_token or similar methods on the auth plugins * Test cases for federation reference the token model now where possible instead of the rendered token response. Rendered token responses are generated where needed. * Auth Plugin Configuration is done in test core as well. This is because Auth controller does not exist. NOTE: This is a massive change, but must of these changes were now easily uncoupled because of how far reaching auth is. Change-Id: I636928102875760726cc3493775a2be48e774fd7 Partial-Bug: #1776504 |
||
|---|---|---|
| api-ref/source | ||
| config-generator | ||
| devstack | ||
| doc | ||
| etc | ||
| examples/pki | ||
| httpd | ||
| keystone | ||
| keystone_tempest_plugin | ||
| playbooks/legacy/keystone-dsvm-grenade-multinode | ||
| rally-jobs | ||
| releasenotes | ||
| tools | ||
| .coveragerc | ||
| .gitignore | ||
| .gitreview | ||
| .mailmap | ||
| .stestr.conf | ||
| .zuul.yaml | ||
| babel.cfg | ||
| bindep.txt | ||
| CONTRIBUTING.rst | ||
| HACKING.rst | ||
| LICENSE | ||
| lower-constraints.txt | ||
| README.rst | ||
| requirements.txt | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
Team and repository tags
OpenStack Keystone
Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.
Developer documentation, the source of which is in
doc/source/, is published at:
The API reference and documentation are available at:
The canonical client library is available at:
https://git.openstack.org/cgit/openstack/python-keystoneclient
Documentation for cloud administrators is available at:
The source of documentation for cloud administrators is available at:
Information about our team meeting is available at:
Release notes is available at:
Bugs and feature requests are tracked on Launchpad at:
Future design work is tracked at:
Contributors are encouraged to join IRC
(#openstack-keystone on freenode):
For information on contributing to Keystone, see
CONTRIBUTING.rst.