summaryrefslogtreecommitdiff
path: root/keystoneclient/contrib
Commit message (Collapse)AuthorAgeFilesLines
* Update hacking for Python3Andreas Jaeger2020-03-311-1/+1
| | | | | | | | | The repo is Python 3 now, so update hacking to version 3.0 which supports Python 3. Fix problems found. Change-Id: Ic161a8f88c28d88898863e5b9d9380016fbb0d08
* fix a typo in docstringmelissaml2018-06-071-1/+1
| | | | Change-Id: I56e9c3b03ed85c1c6031390b835d678c43e51e17
* Remove use of positional decoratorMorgan Fainberg2017-08-071-2/+0
| | | | | | | | | The positional decorator results in poorly maintainable code in a misguided effort to emulate python3's key-word-arg only notation and functionality. This patch removes keystoneclient's dependance on the positional decorator. Change-Id: I9e691cc8b0c04992f4a8dabd67e1b413d3220d23
* Replace six.iteritems() with .items()M V P Nitesh2017-04-031-1/+1
| | | | | | | | | | | | 1.As mentioned in [1], we should avoid using six.iteritems to achieve iterators. We can use dict.items instead, as it will return iterators in PY3 as well. And dict.items/keys will more readable. 2.In py2, the performance about list should be negligible, see the link [2]. [1] https://wiki.openstack.org/wiki/Python3 [2] http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html Change-Id: I18a6890935ebdbb589269379f21a0dd47d07eb3a
* Fix boto version strip regexMarounMaroun2017-01-271-1/+1
| | | | | | | | the current regex pattern will match incorrect strings like: Boto/2x0t2 Change-Id: I260f4e0d98f082172a3a67a1fbaa05da5369ea49 Closes-Bug: #1658639
* Remove revocation event codeBoris Bobrov2016-11-102-318/+0
| | | | | | | | It was added in 2014 and was supposed to be used for sharing revocation events with keystonemiddleware. It was never finished, and the code is untested and is not used by anything. Change-Id: I905b7b3d95274b3c501b1e584e492eefa72158c1
* Fixing D202 and D203 PEP257 violation.Navid Pustchi2016-05-043-6/+0
| | | | | | | | | Currently tox ignores D202 and D203. D202: No blank lines allowed after function docstring. D203: 1 blank required before class docstring. This change removes D202 and D203 ignores in tox and fix violations. Change-Id: I97ef88c9cfd56774e47f789cbbcf8ccfe85d7737
* Fixing D301 PEP257 violation.Navid Pustchi2016-05-022-2/+2
| | | | | | | | Currently tox ignores D301. D301: Use r”“” if any backslashes in adocstring. This change removes D301 ignore and fix violations. Change-Id: I9dbe2c9d59e2c2d8585a53840a579a9b9c57a09c
* Fix D400 PEP257 violation.Navid Pustchi2016-04-232-4/+6
| | | | | | | | Currently tox ignores D400. D400: First line should end with a period. This change removes it and make keystoneclient docstrings compliant with it. Change-Id: I29ecb4c58bb03c0b9a3be0b7a74d18fb06a350f2
* Fix D401 PEP257 violation.Navid Pustchi2016-04-231-1/+1
| | | | | | | | Currently tox ignores D401. 401: First line should be in imperative mood. This change removes it and make keystoneclient docstrings compliant with it. Change-Id: If34ff12d18390b357342cf29f2d116dd3c86a44d
* Removing bandit.yaml in favor of defaultsChristopher J Schaefer2016-04-193-5/+8
| | | | | | | | | | | Removing old configuration options for build-in defaults of latest bandit functionality. Also, marking flagged items with _# nosec_ with a descriptive comment on why the code is acceptable as is. Co-Authored-By: Christopher J Schaefer <cjschaef@us.ibm.com> Co-Authored-By: Tom Cocozzello <tjcocozz@us.ibm.com> Change-Id: I138ebd46a8be195177361a9c3306bb70423b639d
* remove CLI from keystoneclientSteve Martinelli2016-03-102-40/+0
| | | | | | | | | | | | | | | the CLI has been deprecated for a long time, and many docs and install guides recommend using OSC instead of `keystone`. - removes CLI - removes man page from docs - removes CLI tests - removes `bootstrap` from contrib - removes entrypoint from setup.cfg implements bp: remove-cli Change-Id: Icbe15814bc4faf33f513f9654440068795eae807
* use positional library instead of utilsSteve Martinelli2016-01-251-2/+2
| | | | | | swap instances of utils.positional with the positional library. Change-Id: Id8a9961e68d287a802f25512fc970829e9feb5c2
* Merge "Address hacking check H405"Jenkins2016-01-231-10/+17
|\
| * Address hacking check H405lin-hua-cheng2016-01-131-10/+17
| | | | | | | | | | | | | | | | | | Previously, there were a string of commits to keystone that addresed ignored hacking checks. This commit does the same for H405 in keystoneclient. This also modifies our tox.ini so that we no longer ignore H405 violations. Change-Id: I2af152e5425a0e9c82314039fdbb90d661c22680 Closes-Bug: 1482773
* | Mark password/secret options as secretBrant Knudson2016-01-142-3/+4
|/ | | | | | | | | Password, token, and secret options should be marked as secret=True so that when the value is logged the logger knows to obfuscate the value. Change-Id: I6ebdfa3bf6faf37bc11640a5826b3b55bb920fc4 Closes-Bug: 1534299
* Wrong usage of "a/an"hgangwx2015-12-301-1/+1
| | | | | | | | | | | | | | Wrong usage of "a/an" in the messages: "string that is the id field for an pre-existing" "build a etree.XML object filling certain" Should be: "string that is the id field for a pre-existing" "build an etree.XML object filling certain" Totally 2 occurrences in python-keystoneclient base code. Change-Id: Icef5247672f95af87375a4a135a961aefb0a4906
* Swap the order of username deprecationMonty Taylor2015-11-191-2/+2
| | | | | | | | | | | | | The attempt at a move to user-name is an exercise in churn, and is filling everyone's logs with admonitions to change the name of their variables - which does not work if they do. Swap this, effectively reverting the attempt at a move. user-name will continue to work on the off chance anyone started consuming that path, which is unlikely because none of the consuming programs expose that as an actual option. Closes-Bug: 1498247 Change-Id: I62d991fda1df63c9cbabfde2f6836bc031f5147c
* Merge "Use dictionary literal for dictionary creation"Jenkins2015-10-071-3/+3
|\
| * Use dictionary literal for dictionary creationAnkit Agrawal2015-09-241-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dictionary creation could be rewritten as a dictionary literal. for example: token_values = {} token_values['user_id'] = access.get('user', {}).get('id') could be rewritten as token_values = {'user_id': access.get('user', {}).get('id')} TrivialFix Change-Id: I0c5677b527d440b8faded31bf4d9d62805391ae3
* | Redirect on 303 in SAML pluginJamie Lennox2015-10-021-8/+10
|/ | | | | | | | | | | The SAML plugin handles redirects in a custom manner but currently only checks for the 302 redirect code. This doesn't cover the mod_auth_mellon case which responds with a 303. Also handle the 303 redirect case. Change-Id: Idab5f381fcbfb8c561184845d3aa5c8aab142ecd Closes-Bug: #1501918
* Fix Accept header in SAML2 requestsJamie Lennox2015-08-261-1/+1
| | | | | | | | | The ; separator allows providing parameters to a type not separating type options. This means that in strict type checks like those performed by mod_auth_mellon the check for accept type fails. Change-Id: Ieeaa74b304921daef68497fec77cc6629ab2f0a2 Closes-Bug: #1488722
* Proper deprecation for BaseIdentityPlugin username, password, token_id ↵Brant Knudson2015-07-262-4/+64
| | | | | | | | | | | | | | | | properties BaseIdentityPlugin's username, password, and token_id properties weren't properly deprecated since all they had was a comment in the code. Proper deprecation requires use of warnings and documentation. Where the plugins already provide their own properties, the properties need to be un-deprecated. bp deprecations Change-Id: Ic9fce89b8544d8c01f16e8f9c2f9dd2659d03c18
* Switch from deprecated isotimeBrant Knudson2015-06-301-4/+7
| | | | | | | | | | | | | | | | | oslo_utils.timeutils.isotime() is deprecated as of 1.6 so we need to stop using it. The deprecation message says to use datetime.datetime.isoformat() instead, but the format of the string generated by isoformat isn't the same as the format of the string generated by isotime. The string is used in tokens and other public APIs and we can't change it without potentially breaking clients. So the workaround is to copy the current implementation from oslo_utils.timeutils.isotime() to keystone.common.utils.isotime(). Change-Id: I34b12b96de3ea21beaf935ed8a9f6bae2fe0d0bc Closes-Bug: 1461251
* Add openid connect client supportSteve Martinelli2015-06-171-0/+189
| | | | | | | | | | | | This patch allows a federated user to obtain an unscoped token by providing login credentials for a keystone identity provider. The current implementation should work with any properly configured openid connect provider. partially implements bp openid-connect Change-Id: Iade52b5c1432d64582cbaa8bac41ac6366c210f9
* Merge "Change oslo.config to oslo_config"Jenkins2015-02-101-1/+1
|\
| * Change oslo.config to oslo_configBrant Knudson2015-01-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | The oslo.config libraries are moving away from oslo-namespaced packages. Note that his requires oslo.config>=1.6.0 bp drop-namespace-packages Change-Id: Ic0d4053875da0628f2359c109f2779d12aadc3eb
* | Merge "Switch from oslo.utils to oslo_utils"Jenkins2015-02-101-1/+1
|\ \ | |/
| * Switch from oslo.utils to oslo_utilsBrant Knudson2015-01-311-1/+1
| | | | | | | | | | | | | | | | oslo_utils moved out of the oslo namespace. bp drop-namespace-packages Change-Id: I72e67dc1f649ba137dd06f5ab7133858c6abd67d
* | Fix typo in Ec2Signer class docstringMatt Riedemann2015-01-281-1/+1
|/ | | | Change-Id: Ie2a05aab512feeac967a64527d649377fd5bc6b9
* Correct documenting constructor parametersBrant Knudson2014-12-041-55/+50
| | | | | | | | | | When the docs are rendered to HTML, any docs on __init__ are not displayed. The parameters to the constructor have to be documented on the class rather than on the __init__ method. Also, corrected other minor issues in the same areas. Change-Id: Ic56da33f6b99fe5efb636c289e3c4e1569f0c84c
* Merge "Docstring cleanup for return type"Jenkins2014-12-022-5/+6
|\
| * Docstring cleanup for return typeBrant Knudson2014-10-152-5/+6
| | | | | | | | | | | | | | The :returns: directive doesn't take an argument. To specify the return type, use the :rtype: directive. Change-Id: I3aaab824792333b3f75a10af92f5b712cc9b4ff6
* | Removes confusing _uuid propertyDavid Stanek2014-11-261-6/+2
| | | | | | | | | | | | | | | | I think the original author had good intentions and didn't want to duplicate code. Unfortunately I think this is more confusing since the property returns a new value every time it is referenced. Change-Id: I41db60f28cf15038a8430e238b9204d652e878b1
* | Merge "Cleanup docs - raises class"Jenkins2014-11-181-8/+9
|\ \
| * | Cleanup docs - raises classBrant Knudson2014-10-181-8/+9
| |/ | | | | | | | | | | | | | | | | The argument to the :raises: directive is the class name. If the class name is a valid reference it's rendered as a link to the class. This change cleans up the :raises: directives to use the reference correctly and use a valid class reference. Change-Id: I84188b60de0ab4c6b5b2fb5a203c43bfde094707
* | I18nBrant Knudson2014-10-282-18/+22
| | | | | | | | | | | | | | | | | | | | | | Keystoneclient didn't provide translated messages. With this change, the messages are marked for translation. DocImpact Implements: blueprint keystoneclient-i18n Change-Id: I85263a71671a1dffed524185266e6bb7ae559630
* | Merge "Use oslo.utils and oslo.serialization"Jenkins2014-10-161-1/+1
|\ \ | |/ |/|
| * Use oslo.utils and oslo.serializationSteve Martinelli2014-10-151-1/+1
| | | | | | | | | | | | | | Left timeutils and strutils in openstack/common since they are used in openstack/common/apiclient and memorycache. Change-Id: Idb5f09c159d907dfba84cd1f7501f650318af7d9
* | Docstrings should have :returns: everywhere.Marek Denis2014-10-151-1/+1
|/ | | | | | | Some of the docstrings have ``:return:`` instead of ``:returns:`` keyword. This patch fixes that and make it consistent. Change-Id: I4321a63798ab9e2abdf0bbd716bf2b995be22ba3
* Merge "SAML2 federated authentication for ADFS."Jenkins2014-09-211-41/+490
|\
| * SAML2 federated authentication for ADFS.Marek Denis2014-09-171-41/+490
| | | | | | | | | | | | | | | | | | | | | | Authentication workflow for the Active Directory Federated Services (ADFS) by Microsoft is different from 'standard' ECP based one. This plugin allows for authentication and fetching security token with SAML2 assertion inside, sending to the Service Provide and retrieving an unscoped token. Change-Id: I588de1967a7fb92c5928686d092895847553923a Implements: blueprint add-saml2-cli-authentication
* | fix EC2 Signature Version 4 calculation, in the case of POSTYukinori Sagara2014-09-011-1/+8
|/ | | | | | | | | When calculating the AWS Signature Version 4, in the case of POST, We need to set the CanonicalQueryString to an empty string. this follows the implementation of the AWS and boto clients. Change-Id: Iad4e392119067e246c7b77009da3fef48d251382 Closes-Bug: 1360892
* Don't log sensitive auth dataJamie Lennox2014-07-241-1/+1
| | | | | | | | | | | | | | | | Add the ability to turn off logging from the session object and then handle logging of auth requests within their own sections. This is a very simplistic ability to completely disable logging. Logging more filtered debugging can be added later. This new ability is utilized in this patch to prevent logging of requests that include passwords. This covers authenticate, password change, and user update requests that include passwords. SecurityImpact Change-Id: I3dabb94ab047e86b8730e73416c1a1c333688489 Closes-Bug: #1004114 Closes-Bug: #1327019
* Merge "Rename saml2_token_url to token_url"Jenkins2014-07-231-3/+3
|\
| * Rename saml2_token_url to token_urlMarek Denis2014-07-231-3/+3
| | | | | | | | | | | | | | | | | | For the consisteny a property returning authentication url should be called token_url. This patch renames ``saml2_token_url`` to ``token_url`` in the contrib.auth.v3.saml2.Saml2UnscopedPlugin plugin. Change-Id: I435a118bb31338a37a29eec68b8e9ce50d163675
* | Enforce authenticated=False in saml2 pluginMarek Denis2014-07-231-2/+4
|/ | | | | | | | All underlying HTTP calls executed via ``keystoneclient.session.Session`` object should have ``authenticated=False`` option enforced indicating the plugin is not authenticated with the Identity Service yet. Change-Id: I946f1ed6a55c4172d8f4bf6a24e5cbc3a00d1154
* Scope unscoped saml2 tokens.Marek Denis2014-07-221-1/+25
| | | | | | | | Scope unscoped federation token. The plugin mimics standard v3.Token behaviour. Change-Id: I81f30a7c893be15e715c57bd43035b12d8435f58 Implements: blueprint add-saml2-cli-authentication
* SAML2 ECP auth pluginMarek Denis2014-07-153-0/+411
| | | | | | | | | | | | | | | Auth plugin authenticating against remote SAML based Identity Providers. Upon successful authentication the plugin retrieves and stores unscoped token. Plugin object should be later used for scoping the token. Currently only HTTP BasicAuth Method is supported as an IdP authn method. Will not work for ADFS, as that has extensions to the document formats as well as a different workflow. Change-Id: Ieea40505a406bedf7219fa6f9e6cf29a45ad6e88 Implements: blueprint add-saml2-cli-authentication
* Direct move of the revoke model from keystone serverAdam Young2014-07-092-0/+314
| | | | | | | | | | | | This commit copies the revoke model from Keystone to keystoneclient. The only difference in the model.py file between keystoneclient and keystone is the import due to a change of the oslo-incubator path (project name is keystoneclient not keystone). Blueprint: revocation-event-api Change-Id: I6215d6679f9bb0dff6941c2a65ceeefd1ff9d88a
View Lorry Controller Status