| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
Bandit emits errors for request methods without the timeout parameter.
It's better to follow the instruction to avoid hanging.
Added timeout parameters and config options to set timeout.
[1] https://bandit.readthedocs.io/en/1.7.5/plugins/b113_request_without_timeout.html
Change-Id: I0c022c3cc57f30530ebdef6e434753ece2bdf912
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The [keystone_authtoken]/auth_uri middleware parameter has been causing
extreme confusion amongst operators and developers ever since the
keystonemiddleware started accepting keystoneauth plugin parameters
including auth_url. The two parameters look identical and yet have
completely different meanings and are both required. This patch
deprecates auth_uri and renames it to www_authenticate_uri, which more
accurately describes the WWW-Authenticate header it is configuring and
is dissimilar to any other keystone_authtoken middleware parameter. This
also renames the internal variable names for consistency with the config
option.
Change-Id: I0cf11da3d395749df28077427689fdafc8a6b981
|
|
|
|
|
|
|
|
|
|
|
|
| |
Log messages are no longer being translated. This removes all use of
the _LE, _LI, and _LW translation markers to simplify logging and to
avoid confusion with new contributions.
See:
http://lists.openstack.org/pipermail/openstack-i18n/2016-November/002574.html
http://lists.openstack.org/pipermail/openstack-dev/2017-March/113365.html
Change-Id: I73ca5fc046ad04505b52ca93c9bbdbfd72405aed
|
|
|
|
|
|
|
|
|
| |
The constants of log levels were added in the 1.8 version
of the oslo.log library.
So we can replace all usage of system logging module
with log module from oslo.log
Change-Id: I97a1d913b543dc9dbd4d228b04adbdf7ee320df5
|
|
|
|
|
|
|
| |
We added method split_path in version 3.11 of oslo.utils,
so don't maintain it by keystonemiddleware.
Change-Id: Iaba3d3f8b10392c0ee3fbb076f1e364f0c97ca88
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
s3token middleware only allows configuring host and port for the
auth URI. This doesn't allow the auth server to be on a path.
A new auth_uri config option is added that allows the deployer to
specify the full URL for auth. This overrides auth_host, auth_port,
and auth_protocol. auth_host, auth_port, and auth_protocol are
deprecated.
DocImpact
Change-Id: I1fe13f0365ca4704717fe680a0c8f54c64a9f06c
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently tox ignores D400:
D400: First line should end with a period.
This change makes keystonemiddleware docstrings compliant with D400.
Change-Id: Icff2b744d72ae74492cfc6515b91f393fa2b50bf
|
|/
|
|
|
|
|
|
|
|
|
| |
Currently tox ignores D401 and H403:
401: First line should be in imperative mood.
403: multi line docstrings should end on a new line
This change makes keystonemiddleware docstrings compliant with D401.
H403 is already passing, so this commit also enables it.
Change-Id: I9471721220c99f9c4ed055840ed626bb7750eb3f
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mixing "str" and "unicode" can lead to a UnicodeDecodeError. We encode unicode
values before using them with text strings.
The bug occurs if the URL contains a non-ASCII character in the path:
"hého" in "/v1/AUTH_cfa/c/hého" ("/v1/AUTH_cfa/c/h\xc3\xa9ho" in UTF-8) for
example.
The bug occurs on Python 2 in s3_token.py because the tenant id is retrieved
from identity_info['access']['token']['tenant'] and identity_info comes from
resp.json().
The problem is that in Python, the JSON decoder always create Unicode strings.
Example in Python 2:
>>> json.loads('{"key": "value"}') {u'key': u'value'}
There is no issue in Python 3, since all text strings are Unicode.
Change-Id: Ib7fdf60f8369ea9546fcd92f1ac385c777478d10
Closes-Bug: #1428706
Co-Authored-By: Victor Stinner <vstinner@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The "insecure" option was being treated as a bool when it was
actually provided as a string. The fix is to parse the string to
a bool.
Change-Id: Id674f40532215788675c97a8fdfa91d4420347b3
Closes-Bug: 1411063
|
|
|
|
|
|
|
|
| |
oslo_serialization moved out of the oslo namespace.
bp drop-namespace-packages
Change-Id: Iff3c62018d5008f9451dd54a8cf63700c9b61f5d
|
|\ |
|
| |
| |
| |
| |
| |
| | |
Minor cleanups for the doc strings in middleware.
Change-Id: I96058ee05645f03b6d9946f4db73b76b0a368d08
|
|/
|
|
|
|
|
|
|
|
| |
The strings weren't marked for translation.
DocImpact
implements bp keystonemiddleware-i18n
Change-Id: Ic7da29b54b1547ff8df002bd77f61f2ebff35217
|
|
|
|
|
|
| |
Update to commit 9ce1d96fb2e075fcd5b9ddbee728c0ee49d2be56
Change-Id: I27e20f76fb0f4b858230b2c36e6ff960e1ec9d09
|
|
|
|
|
|
|
|
|
|
| |
Make s3_token and ec2_token middleware match auth_token and all
properties except the class itself are now private.
The memcache_crypt module is now private to the keystonemiddleware
package.
Change-Id: Id5103f4e9689bc2dbc6f79705030c903ae5cc406
|
|
|
|
|
| |
Update the middleware code and the tests to run with the new
package name.
|
|
Move the middleware code to the new location within the
keystonemiddleware directory.
|