Add support for the service_type parameter in authtoken middleware
Change-Id: Ida59686cf01e4b31db0f99bed9137bc63cf59628
This commit is contained in:
parent
009afc806c
commit
fb9a9d668f
|
@ -71,6 +71,11 @@
|
|||
# true/false
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*service_type*]
|
||||
# (Optional) The name or type of the service as it appears in the service
|
||||
# catalog. This is used to validate tokens that have restricted access rules.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*interface*]
|
||||
# (Optional) Interface to use for the Identity API endpoint. Valid values are
|
||||
# "public", "internal" or "admin".
|
||||
|
@ -109,6 +114,7 @@ class swift::proxy::authtoken(
|
|||
$include_service_catalog = false,
|
||||
$service_token_roles = $::os_service_default,
|
||||
$service_token_roles_required = $::os_service_default,
|
||||
$service_type = $::os_service_default,
|
||||
$interface = $::os_service_default,
|
||||
# DEPRECATED PARAMETERS
|
||||
$signing_dir = undef,
|
||||
|
@ -153,6 +159,7 @@ Please set password parameter')
|
|||
'filter:authtoken/include_service_catalog': value => $include_service_catalog;
|
||||
'filter:authtoken/service_token_roles': value => $service_token_roles;
|
||||
'filter:authtoken/service_token_roles_required': value => $service_token_roles_required;
|
||||
'filter:authtoken/service_type': value => $service_type;
|
||||
'filter:authtoken/interface': value => $interface,
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The new ``swift::proxy::authtoken::service_type`` parameter has been
|
||||
added to configure the service_type parameter in authtoken middleware.
|
|
@ -19,6 +19,7 @@ describe 'swift::proxy::authtoken' do
|
|||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/include_service_catalog').with_value('false') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_token_roles').with_value('<SERVICE DEFAULT>') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_type').with_value('<SERVICE DEFAULT>') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/interface').with_value('<SERVICE DEFAULT>') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/auth_plugin').with_ensure('absent') }
|
||||
end
|
||||
|
@ -34,6 +35,7 @@ describe 'swift::proxy::authtoken' do
|
|||
:delay_auth_decision => '0',
|
||||
:service_token_roles => ['service'],
|
||||
:service_token_roles_required => true,
|
||||
:service_type => 'identity',
|
||||
:interface => 'internal',
|
||||
}
|
||||
end
|
||||
|
@ -54,6 +56,7 @@ describe 'swift::proxy::authtoken' do
|
|||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/include_service_catalog').with_value('false') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_token_roles').with_value(['service']) }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_token_roles_required').with_value(true) }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/service_type').with_value('identity') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/interface').with_value('internal') }
|
||||
it { is_expected.to contain_swift_proxy_config('filter:authtoken/auth_plugin').with_ensure('absent') }
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue