7def56f92f
This converts some more testing to rspec-puppet-facts so there is only these three missing now until done: * keystone_init_spec.rb * keystone_federation_identity_provider_spec.rb * keystone_ldap_spec.rb Also does cleanup of some formatting for documentation and testing specs. Change-Id: Ifd74aa8cedf630d98f9e12ab276300409a68eecd
34 lines
859 B
Puppet
34 lines
859 B
Puppet
# == Class: keystone::federation
|
|
#
|
|
# == Parameters
|
|
#
|
|
# [*trusted_dashboards*]
|
|
# (Optional) URL list of trusted horizon servers.
|
|
# This setting ensures that keystone only sends token data back to trusted
|
|
# servers. This is performed as a precaution, specifically to prevent man-in-
|
|
# the-middle (MITM) attacks.
|
|
# Defaults to undef
|
|
#
|
|
# [*remote_id_attribute*]
|
|
# (Optional) Value to be used to obtain the entity ID of the Identity
|
|
# Provider from the environment.
|
|
# Defaults to undef
|
|
#
|
|
class keystone::federation (
|
|
$trusted_dashboards = undef,
|
|
$remote_id_attribute = undef,
|
|
) {
|
|
|
|
include keystone::deps
|
|
|
|
keystone_config {
|
|
'federation/trusted_dashboard': value => any2array($trusted_dashboards);
|
|
}
|
|
|
|
if $remote_id_attribute {
|
|
keystone_config {
|
|
'federation/remote_id_attribute': value => $remote_id_attribute;
|
|
}
|
|
}
|
|
}
|