Deprecate the pki and pkiz token providers.

Upon making fernet the default token provider, we should deprecate pki and pkiz due to a security vulnerability. Deprecation should be in favor of fernet. implements: bp deprecated-as-of-mitaka Change-Id: I469758029a9e89e7cdcbac4445eab8eedd6c2859 Depends-On: I34b7b7c34fa34551c0fdf9bdeb1ffaa432c10adc
author: Lance Bragstad <lbragstad@gmail.com> 2015-11-03 22:23:36 +0000
committer: Steve Martinelli <stevemar@ca.ibm.com> 2015-12-04 03:28:29 +0000
commit: 8304ffadc131df09d8646f65177567bdb5498e2e (patch)
tree: d8cba5535f10ac0fcb02b171b95003c243fa14a1 /keystone/token/providers/pki.py
parent: 5f20da9c0de4898262caa29e69f45483b5a4c397 (diff)
download: keystone-8304ffadc131df09d8646f65177567bdb5498e2e.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/keystone/token/providers/pki.py b/keystone/token/providers/pki.py
index af8dc7397..6a5a29998 100644
--- a/keystone/token/providers/pki.py
+++ b/keystone/token/providers/pki.py
@@ -17,6 +17,7 @@
 from keystoneclient.common import cms
 from oslo_config import cfg
 from oslo_log import log
+from oslo_log import versionutils
 from oslo_serialization import jsonutils
 
 from keystone.common import environment
@@ -31,6 +32,10 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)
 
 
+@versionutils.deprecated(
+    as_of=versionutils.deprecated.MITAKA,
+    what='the PKI token provider',
+    in_favor_of='the Fernet or UUID token providers')
 class Provider(common.BaseProvider):
     def _get_token_id(self, token_data):
         try:
author	Lance Bragstad <lbragstad@gmail.com>	2015-11-03 22:23:36 +0000
committer	Steve Martinelli <stevemar@ca.ibm.com>	2015-12-04 03:28:29 +0000
commit	8304ffadc131df09d8646f65177567bdb5498e2e (patch)
tree	d8cba5535f10ac0fcb02b171b95003c243fa14a1 /keystone/token/providers/pki.py
parent	5f20da9c0de4898262caa29e69f45483b5a4c397 (diff)
download	keystone-8304ffadc131df09d8646f65177567bdb5498e2e.tar.gz