diff options
author | Lance Bragstad <lbragstad@gmail.com> | 2015-11-03 22:23:36 +0000 |
---|---|---|
committer | Steve Martinelli <stevemar@ca.ibm.com> | 2015-12-04 03:28:29 +0000 |
commit | 8304ffadc131df09d8646f65177567bdb5498e2e (patch) | |
tree | d8cba5535f10ac0fcb02b171b95003c243fa14a1 /keystone/token/providers/pki.py | |
parent | 5f20da9c0de4898262caa29e69f45483b5a4c397 (diff) | |
download | keystone-8304ffadc131df09d8646f65177567bdb5498e2e.tar.gz |
Deprecate the pki and pkiz token providers.
Upon making fernet the default token provider, we
should deprecate pki and pkiz due to a security
vulnerability. Deprecation should be in favor of fernet.
implements: bp deprecated-as-of-mitaka
Change-Id: I469758029a9e89e7cdcbac4445eab8eedd6c2859
Depends-On: I34b7b7c34fa34551c0fdf9bdeb1ffaa432c10adc
Diffstat (limited to 'keystone/token/providers/pki.py')
-rw-r--r-- | keystone/token/providers/pki.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/keystone/token/providers/pki.py b/keystone/token/providers/pki.py index af8dc7397..6a5a29998 100644 --- a/keystone/token/providers/pki.py +++ b/keystone/token/providers/pki.py @@ -17,6 +17,7 @@ from keystoneclient.common import cms from oslo_config import cfg from oslo_log import log +from oslo_log import versionutils from oslo_serialization import jsonutils from keystone.common import environment @@ -31,6 +32,10 @@ CONF = cfg.CONF LOG = log.getLogger(__name__) +@versionutils.deprecated( + as_of=versionutils.deprecated.MITAKA, + what='the PKI token provider', + in_favor_of='the Fernet or UUID token providers') class Provider(common.BaseProvider): def _get_token_id(self, token_data): try: |