diff --git a/keystonemiddleware/ec2_token.py b/keystonemiddleware/ec2_token.py index 5fe6096d..faa59681 100644 --- a/keystonemiddleware/ec2_token.py +++ b/keystonemiddleware/ec2_token.py @@ -31,7 +31,7 @@ from keystonemiddleware.i18n import _ keystone_ec2_opts = [ cfg.StrOpt('url', - default='http://localhost:5000/v2.0/ec2tokens', + default='http://localhost:5000/v3/ec2tokens', help='URL to get token from ec2 request.'), cfg.StrOpt('keyfile', help='Required if EC2 server requires client certificate.'), @@ -185,13 +185,8 @@ class EC2Token(object): msg = _('Error response from keystone: %s') % response.reason self._logger.debug(msg) return self._ec2_error_response("AuthFailure", msg) - result = response.json() try: - if 'token' in result: - # NOTE(andrey-mp): response from keystone v3 - token_id = response.headers['x-subject-token'] - else: - token_id = result['access']['token']['id'] + token_id = response.headers['x-subject-token'] except (AttributeError, KeyError): msg = _("Failure parsing response from keystone") self._logger.exception(msg) diff --git a/keystonemiddleware/tests/unit/test_ec2_token_middleware.py b/keystonemiddleware/tests/unit/test_ec2_token_middleware.py index 51915026..5cd69ff0 100644 --- a/keystonemiddleware/tests/unit/test_ec2_token_middleware.py +++ b/keystonemiddleware/tests/unit/test_ec2_token_middleware.py @@ -23,13 +23,12 @@ from keystonemiddleware.tests.unit import utils TOKEN_ID = 'fake-token-id' -GOOD_RESPONSE = {'access': {'token': {'id': TOKEN_ID, - 'tenant': {'id': 'TENANT_ID'}}}} EMPTY_RESPONSE = {} class FakeResponse(object): reason = "Test Reason" + headers = {'x-subject-token': TOKEN_ID} def __init__(self, json, status_code=400): self._json = json @@ -53,9 +52,9 @@ class EC2TokenMiddlewareTestBase(utils.TestCase): TEST_PROTOCOL = 'https' TEST_HOST = 'fakehost' TEST_PORT = 35357 - TEST_URL = '%s://%s:%d/v2.0/ec2tokens' % (TEST_PROTOCOL, - TEST_HOST, - TEST_PORT) + TEST_URL = '%s://%s:%d/v3/ec2tokens' % (TEST_PROTOCOL, + TEST_HOST, + TEST_PORT) def setUp(self): super(EC2TokenMiddlewareTestBase, self).setUp() @@ -74,7 +73,7 @@ class EC2TokenMiddlewareTestBase(utils.TestCase): class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase): @mock.patch.object( requests, 'request', - return_value=FakeResponse(GOOD_RESPONSE, status_code=200)) + return_value=FakeResponse(EMPTY_RESPONSE, status_code=200)) def test_protocol_old_versions(self, mock_request): req = webob.Request.blank('/test') req.GET['Signature'] = 'test-signature' @@ -85,7 +84,7 @@ class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase): self.assertEqual(TOKEN_ID, req.headers['X-Auth-Token']) mock_request.assert_called_with( - 'POST', 'http://localhost:5000/v2.0/ec2tokens', + 'POST', 'http://localhost:5000/v3/ec2tokens', data=mock.ANY, headers={'Content-Type': 'application/json'}, verify=True, cert=None) @@ -105,7 +104,7 @@ class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase): @mock.patch.object( requests, 'request', - return_value=FakeResponse(GOOD_RESPONSE, status_code=200)) + return_value=FakeResponse(EMPTY_RESPONSE, status_code=200)) def test_protocol_v4(self, mock_request): req = webob.Request.blank('/test') auth_str = ( @@ -120,7 +119,7 @@ class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase): self.assertEqual(TOKEN_ID, req.headers['X-Auth-Token']) mock_request.assert_called_with( - 'POST', 'http://localhost:5000/v2.0/ec2tokens', + 'POST', 'http://localhost:5000/v3/ec2tokens', data=mock.ANY, headers={'Content-Type': 'application/json'}, verify=True, cert=None) diff --git a/releasenotes/notes/ec2-v2-removal-6a886210cbc9d3e9.yaml b/releasenotes/notes/ec2-v2-removal-6a886210cbc9d3e9.yaml new file mode 100644 index 00000000..e90fa684 --- /dev/null +++ b/releasenotes/notes/ec2-v2-removal-6a886210cbc9d3e9.yaml @@ -0,0 +1,7 @@ +--- +other: + - | + [`bug 1845539 `_] + The ec2 'url' config option now defaults to + https://localhost:5000/v3/ec2tokens with the removal of ec2 v2.0 support. + Keystonemiddleware no longer supports ec2tokens using the v2.0 API.