diff options
| author | Zuul <zuul@review.opendev.org> | 2020-07-06 10:43:56 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2020-07-06 10:43:56 +0000 |
| commit | 654d31a1bd32968bfa008a117a60b58e18d68df8 (patch) | |
| tree | 31f8dca4e8a7bfa34023d3095b46431bc35732ef | |
| parent | 88ef8df023696b141237a5e434dfde25c27d268d (diff) | |
| parent | 8f9a596fffbb262481b32191a98b9169bc1618b1 (diff) | |
| download | keystonemiddleware-stable/victoria.tar.gz | |
Merge "Change the default Identity endpoint to internal"victoria-em9.1.0stable/victoria
3 files changed, 16 insertions, 5 deletions
diff --git a/keystonemiddleware/auth_token/_opts.py b/keystonemiddleware/auth_token/_opts.py index f16d3f8..15dd4f6 100644 --- a/keystonemiddleware/auth_token/_opts.py +++ b/keystonemiddleware/auth_token/_opts.py @@ -68,9 +68,9 @@ _OPTS = [ cfg.StrOpt('auth_version', help='API version of the Identity API endpoint.'), cfg.StrOpt('interface', - default='admin', + default='internal', help='Interface to use for the Identity API endpoint. Valid' - ' values are "public", "internal" or "admin"(default).'), + ' values are "public", "internal" (default) or "admin".'), cfg.BoolOpt('delay_auth_decision', default=False, help='Do not handle authorization requests within the' diff --git a/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py b/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py index 9801540..67b60de 100644 --- a/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py +++ b/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py @@ -455,8 +455,8 @@ class GeneralAuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest, west_versions = fixture.DiscoveryList(href=west_url) s = token.add_service('identity') - s.add_endpoint(interface='admin', url=east_url, region='east') - s.add_endpoint(interface='admin', url=west_url, region='west') + s.add_endpoint(interface='internal', url=east_url, region='east') + s.add_endpoint(interface='internal', url=west_url, region='west') self.requests_mock.get(auth_url, json=auth_versions) self.requests_mock.get(east_url, json=east_versions) @@ -1808,7 +1808,7 @@ class AuthProtocolLoadingTests(BaseAuthTokenMiddlewareTest): admin_token_id = uuid.uuid4().hex admin_token = fixture.V3Token(project_id=self.project_id) s = admin_token.add_service('identity', name='keystone') - s.add_standard_endpoints(admin=self.KEYSTONE_URL) + s.add_standard_endpoints(internal=self.KEYSTONE_URL) self.requests_mock.post('%s/v3/auth/tokens' % self.AUTH_URL, json=admin_token, diff --git a/releasenotes/notes/change-default-identity-endpoint-fab39579255c31bb.yaml b/releasenotes/notes/change-default-identity-endpoint-fab39579255c31bb.yaml new file mode 100644 index 0000000..48e9506 --- /dev/null +++ b/releasenotes/notes/change-default-identity-endpoint-fab39579255c31bb.yaml @@ -0,0 +1,11 @@ +--- +prelude: > + Since the removal of the Identity API v2 Keystone no longer has any + special functionality that requires using the admin endpoint for it. So + this release changes the default endpoint being used from ``admin`` to + ``internal``, allowing deployments to work without an admin endpoint. +upgrade: + - | + [`bug 1830002 <https://bugs.launchpad.net/keystonemiddleware/+bug/1830002>`_] + The default Identity endpoint has been changed from ``admin`` to + ``internal``. |