Add support for the keystone_authtoken/service_type parameter

Change-Id: I53e759bdb9da4f1803d1f5269a7470047e96e594
2020-11-03 17:57:14 +09:00 · 2020-11-03 17:57:14 +09:00 · eab05be305
parent e7f78a05de
commit eab05be305
3 changed files with 14 additions and 0 deletions
--- a/manifests/keystone/authtoken.pp
+++ b/manifests/keystone/authtoken.pp
@ -176,6 +176,11 @@
 #   true/false
 #   Defaults to $::os_service_default.
 #
+# [*service_type*]
+#  (Optional) The name or type of the service as it appears in the service
+#  catalog. This is used to validate tokens that have restricted access rules.
+#  Defaults to $::os_service_default.
+#
 # [*interface*]
 #  (Optional) Interface to use for the Identity API endpoint. Valid values are
 #  "public", "internal" or "admin".
@ -216,6 +221,7 @@ class magnum::keystone::authtoken(
  $token_cache_time               = $::os_service_default,
  $service_token_roles            = $::os_service_default,
  $service_token_roles_required   = $::os_service_default,
+  $service_type                   = $::os_service_default,
  $interface                      = $::os_service_default,
 ) {

@ -260,6 +266,7 @@ class magnum::keystone::authtoken(
    token_cache_time               => $token_cache_time,
    service_token_roles            => $service_token_roles,
    service_token_roles_required   => $service_token_roles_required,
+    service_type                   => $service_type,
    interface                      => $interface,
  }
  magnum_config {
--- a/releasenotes/notes/keystone-authtoken-service_type-842f4de26ec9b00e.yaml
+++ b/releasenotes/notes/keystone-authtoken-service_type-842f4de26ec9b00e.yaml
@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The new ``magnum::keystone::authtoken::service_type`` parameter has been
+    added to configure the service_type parameter in authtoken middleware.
--- a/spec/classes/magnum_keystone_authtoken_spec.rb
+++ b/spec/classes/magnum_keystone_authtoken_spec.rb
@ -48,6 +48,7 @@ describe 'magnum::keystone::authtoken' do
        :token_cache_time               => '<SERVICE DEFAULT>',
        :service_token_roles            => '<SERVICE DEFAULT>',
        :service_token_roles_required   => '<SERVICE DEFAULT>',
+        :service_type                   => '<SERVICE DEFAULT>',
        :interface                      => '<SERVICE DEFAULT>',
      )}

@ -96,6 +97,7 @@ describe 'magnum::keystone::authtoken' do
          :token_cache_time               => '301',
          :service_token_roles            => ['service'],
          :service_token_roles_required   => false,
+          :service_type                   => 'identity',
          :interface                      => 'internal',
        })
      end