Added Keystone and RequestID headers to CORS middleware

CORS middleware's latent configuration feature, new in 3.0.0,
allows adding headers that apply to all valid origins.
This patch adds headers commonly used in openstack to neutron's paste
pipeline, so that operators do not have to be aware of additional
configuration magic to ensure that browsers can talk to the API.

For more information:
http://docs.openstack.org/developer/oslo.middleware/cors.html#configuration-for-pastedeploy

Change-Id: Ic08fcb7833563bbeca3e0ba2d03438d4be594418

etc/api-paste.ini

@@ -17,8 +17,8 @@ paste.filter_factory = oslo_middleware:CatchErrors.factory
 [filter:cors]
 paste.filter_factory = oslo_middleware.cors:filter_factory
 oslo_config_project = neutron
-latent_allow_headers = X-Auth-Token, X-Openstack-Request-Id
-latent_expose_headers = X-Auth-Token, X-Openstack-Request-Id
+latent_allow_headers = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
+latent_expose_headers = X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
 latent_allow_methods = GET, PUT, POST, DELETE, PATCH
 
 [filter:keystonecontext]

neutron/pecan_wsgi/app.py

@@ -83,9 +83,12 @@ def _wrap_app(app):
     # by the browser.
     app = cors.CORS(app, cfg.CONF)
     app.set_latent(
-        allow_headers=['X-Auth-Token', 'X-Openstack-Request-Id'],
+        allow_headers=['X-Auth-Token', 'X-Identity-Status', 'X-Roles',
+                       'X-Service-Catalog', 'X-User-Id', 'X-Tenant-Id',
+                       'X-OpenStack-Request-ID'],
         allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
-        expose_headers=['X-Auth-Token', 'X-Openstack-Request-Id']
+        expose_headers=['X-Auth-Token', 'X-Subject-Token', 'X-Service-Token',
+                        'X-OpenStack-Request-ID']
     )
 
     return app