| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A bandit patch to block sha1 hash is failing CI [1], due to a false
positive on hashlib.sha1 (which actually uses HMAC-SHA1 in keystone
that is considered more secure then standard SHA1)
This change marks a # nosec comment against the line which is
triggering the false positive in Bandit.
[1] https://review.openstack.org/#/c/437563/6
Change-Id: Ib9618119c77f41fba0e612e37c7511676bed47e8
|
|
|
|
|
|
|
|
|
| |
The positional decorator results in poorly maintainable code in
a misguided effort to emulate python3's key-word-arg only notation
and functionality. This patch removes keystoneclient's dependance
on the positional decorator.
Change-Id: I9e691cc8b0c04992f4a8dabd67e1b413d3220d23
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1.As mentioned in [1], we should avoid using six.iteritems to achieve
iterators. We can use dict.items instead, as it will return iterators
in PY3 as well. And dict.items/keys will more readable.
2.In py2, the performance about list should be negligible, see the
link [2].
[1] https://wiki.openstack.org/wiki/Python3
[2] http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html
Change-Id: I18a6890935ebdbb589269379f21a0dd47d07eb3a
|
|\ \
| |/
|/| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Log messages are no longer being translated. This removes all use of
the _LE, _LI, and _LW translation markers to simplify logging and to
avoid confusion with new contributions.
See:
http://lists.openstack.org/pipermail/openstack-i18n/2016-November/002574.html
http://lists.openstack.org/pipermail/openstack-dev/2017-March/113365.html
Change-Id: Ia77819cbb133903d20e821bff0c45766b11ef07b
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In debug mode, when a response's header Content-Type is set
to "application/json" with a parameter, i.e.,
"application/json; charset=UTF-8". This patch set ignores
the additional parameter and only match the mimetype.
Change-Id: Ie8fcb1061e0e49b039436947524cfdc704c83846
Closes-Bug: #1656981
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When whitelisting content types to debug print from session we chose
application/json and application/text. application/text is not a real
mime type, text is typically text/plain.
Rather than guess at mime types only print application/json to start
with, but make it easy for additional types to be added later.
Adapted from keystoneauth: Ica5fee076cdab8b1d5167161d28af7313fad9477
Related-Bug: 1616105
Change-Id: Ieaa8fb3ea8d25e09b89498f23b70b18c0f6153f1
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, logs display the hash values of X-Auth-Token,
Authorization, and X-Subject-Token, but not the value of
the X-Service-Token. This patch set adds the X-Service-Token
to the list of header fields to be hashed for logging purposes.
Change-Id: Iaa3a27f4b6c3baf964fa0c71328ffe9df43b2c0a
Closes-Bug: #1654847
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not log binary data during debug logging of a session.
Replace the binary data with the string <binary_data> instead.
sort of a backport of: I5184002f3a21c5e0ee510b21b9a7884c8dccd1e3
Change-Id: I07ddbc3967f297597542f1975004d94c490f6e6b
Related-Bug: 1616105
|
|\ \
| |/
|/| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Response bodies are loaded into memory prior to
being logged.
Loading huge response bodies may result in a
MemoryError.
This patch proposes that only JSON and TEXT
responses be logged, i.e when the Content-Type
header is application/json or application/text.
Responses that do not include or have a different
Content-Type header will have their body omitted.
This is a sort of backport of the fix for
keystoneauth sessions, see
I93b6fff73368c4f58bdebf8566c4948b50980cee
Co-Authored-By: Samuel de Medeiros Queiroz <samueldmq@gmail.com>
Closes-bug: 1616105
Change-Id: I8f43eee3a0b35041c6cf672e476f8151cf2f8d14
|
|/
|
|
|
|
|
|
| |
Assigments replaced with argument assigment: endpoints.py, service_catalog.py
Note added: 'original_ip' value is never used: session.py
Refactor 'find()' method to increase readability: base.py
Change-Id: I469331b123fdf03e9e7c5d93e1c95da57d30fbbe
|
|
|
|
|
|
|
|
|
| |
Currently tox ignores D202 and D203.
D202: No blank lines allowed after function docstring.
D203: 1 blank required before class docstring.
This change removes D202 and D203 ignores in tox and fix violations.
Change-Id: I97ef88c9cfd56774e47f789cbbcf8ccfe85d7737
|
|
|
|
|
|
|
|
|
|
| |
Currently tox ignores D204, D205, and D207.
D204: 1 blank required after class docstring.
D205: Blank line required between one-line summary and description.
D207: Docstring is under-indented.
This change removes D204, D205, and D207 ignores in tox and fix violations.
Change-Id: Id20d216fbd7647d468859b960088aac61c582d9b
|
|
|
|
|
|
|
|
| |
Currently tox ignores D401.
401: First line should be in imperative mood.
This change removes it and make keystoneclient docstrings compliant with it.
Change-Id: If34ff12d18390b357342cf29f2d116dd3c86a44d
|
|
|
|
|
|
|
|
|
|
|
| |
Removing old configuration options for build-in defaults of latest
bandit functionality. Also, marking flagged items with _# nosec_
with a descriptive comment on why the code is acceptable as is.
Co-Authored-By: Christopher J Schaefer <cjschaef@us.ibm.com>
Co-Authored-By: Tom Cocozzello <tjcocozz@us.ibm.com>
Change-Id: I138ebd46a8be195177361a9c3306bb70423b639d
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the logging of an HTTP request causes a UnicodeDecodeError,
modify the log entry using oslo_utils.encodeutils.safe_decode
with errors='replace' and try again
Co-Authored-By: Nikita Konovalov <nkonovalov@mirantis.com>
Change-Id: Ic365c654ebca4045208c6c30e232665145db7b4c
Closes-Bug: #1453953
|
|/
|
|
|
|
|
|
| |
Deprecate the keystoneclient Session object in favour of keystoneauth's
Session.
Change-Id: I26e000d626a466f63d10d2a961adc698f8de0636
Implements: bp deprecate-to-ksa
|
|
|
|
|
|
| |
swap instances of utils.positional with the positional library.
Change-Id: Id8a9961e68d287a802f25512fc970829e9feb5c2
|
|
|
|
|
|
|
|
|
| |
Previously, there were a string of commits to keystone that addresed ignored
hacking checks. This commit does the same for H405 in keystoneclient. This
also modifies our tox.ini so that we no longer ignore H405 violations.
Change-Id: I2af152e5425a0e9c82314039fdbb90d661c22680
Closes-Bug: 1482773
|
|
|
|
|
|
|
|
| |
When no valid keystone endpoint exist, EndpointNotFound exception
is raised with an error message
Change-Id: I75b00cb73b18bc19261c061e0ae217ef251f8853
Closes-Bug: #1208991
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Iterate over a copy of session.adapters keys in both Python 2.x and
Python 3.x. In Python 3.x, keys() is not a copy, and therefore
items can't be popped from it while iterating.
Note that this patch addresses the following error message which
is new in Python 3.5. That is, you need to be using Python 3.5+
to reproduce this error.
RuntimeError: OrderedDict mutated during iteration
https://bugs.python.org/issue24369
https://hg.python.org/cpython/rev/0d8679858272
Change-Id: Iaa2be0dc8ef26e51ce5e8f50049c9e8f84418ec0
Closes-Bug: #1483872
|
| |
| |
| |
| |
| |
| | |
These are all object methods, not independent functions.
Change-Id: I3c232d922e61a94c7dc2c2b9a8d3768fd42be1a7
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In _http_log_response method of session.py module,
list "string_parts' is created as below.
string_parts = ['RESP:']
string_parts.append('[%s]' % response.status_code)
Could be rewritten as
string_parts = [
'RESP:',
'[%s]' % response.status_code
]
TrivialFix
Change-Id: I83d04a71e030f3904c84cead4659c230393631db
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On Windows, the 'socket' python module does not contain the
attributes TCP_KEEPCNT or TCP_KEEPINTVL, causing services
consuming the library to malfunction.
Adds conditionals for adding the mentioned socket attributes
to the socket options.
socket.SIO_KEEPALIVE_VALS cannot be added as a socket option
for Windows, as there is another way entirely to enable that
option.
Change-Id: I2e9746ae65400bbd23c3b48dfc3167de9eb66494
Partial-Bug: #1483696
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We should sanitize the response body before logging to make sure we
aren't leaking through credentials like in the case of the response from
the os-initialize_connection volume API.
Closes-Bug: #1490693
Change-Id: Ifd95d3fb624b4636fb72cc11762af62e00a026a0
|
|/
|
|
|
|
|
|
|
| |
The deprecation text should say when the property was deprecated
and when we expect to remove it.
bp deprecations
Change-Id: I9f1af56d03f0251a7cf3f4a4130928bb0780aece
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Session.get_token() wasn't properly deprecated since the deprecation
was only mentioned in the docstring. Proper deprecation requires use
of warnings/debtcollector and documentation.
Also, changed a test to use the non-deprecated function instead where
the test wasn't checking that the deprecated function worked.
bp deprecations
Change-Id: I3d421b35554d58476281e037f90ab9b48e82730a
|
|
|
|
|
|
|
|
|
|
|
| |
There was a comment to deprecate creating a Session with cert and
key rather than a tuple to cert.
Also, fixed places where the deprecated usage was being used.
bp deprecations
Change-Id: I3596635bbc5611dd002a8beb063540a8c284c192
|
|
|
|
|
|
|
|
|
|
| |
Session.construct() wasn't properly deprecated since the deprecation
was only mentioned in the docstring. Proper deprecation requires use
of warnings/debtcollector and documentation.
bp deprecations
Change-Id: Ieff238aff9d39cfbbb80381b2392c33d0359acb3
|
|
|
|
|
|
|
|
| |
Iterating over a dict results in the keys.
Using the 'in' operator on a dict checks if it's a key.
Change-Id: I6affbfa1a79a9e8c0b5b304078a7a8e4e792eecd
|
|
|
|
|
|
|
|
| |
There was a lot of code that would have no effect if kwargs already
had socket_options set. To make the code clearer, only execute the
code if it's going to have an effect.
Change-Id: Ic42f5a0bac07113aff59d36d19293dc6d65cd58a
|
|
|
|
|
|
|
| |
requirements.txt has requests>=2.5.2, so requests version is always
going to be >= 2.4.1 and there's no need to check it.
Change-Id: I8069cfbd54ce716979bc991d137bd2e71790a1e4
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we simply turned on TCP Keep-Alive which relied on
per-distribution, per-operating system defaults for keep-alive options.
Here we set reasonable defaults since long running processes can get
stuck for hours on end by using system defaults. This also adds comments
around the options to explain why they're being set.
Closes-bug: 1477275
Related-bug: 1323862
Change-Id: Ibd53ae2d4d2455db0ebc9951e5c764befc57850f
|
|\ |
|
| |
| |
| |
| |
| |
| | |
Since this code is no longer used I just went ahead and deleted it.
Change-Id: I84978a4974c5a4a9a6dc46116b2a03f6046995d4
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To allow authentication plugins such as using client certificates or
doing kerberos authentication with every request we need a way for the
plugins to manipulate the send parameters.
Change-Id: Ib9e81773ab988ea05869bc27097d2b25e963e59c
Blueprint: generic-plugins
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Python 3 deprecated the logger.warn method in favor of warning.
DeprecationWarning: The 'warn' method is deprecated, use 'warning'
instead
Change-Id: Idbd4de3c7c631fb2c235701c9b300c37a90d9538
|
|/
|
|
|
|
|
| |
Passing a string that is formatted into a translation function doesn't
work. We need to pass the full translatable string.
Change-Id: I94b13f18c19b3b872fab380f8822a88db1b876e9
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The boolean value of a failed response is False and so the way we
populate the log output does not work when the request failed.
When logging check that a response is not None rather than simply
checking it's boolean value.
Change-Id: I07fb46f156fdf8267fd3d4dc7c587cd604838d73
Closes-Bug: #1451625
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Oslo libraries have moved all of their code out of the 'oslo'
namespace package into per-library packages. The namespace package was
retained during kilo for backwards compatibility, but will be removed by
the liberty-2 milestone. This change removes the use of the namespace
package, replacing it with the new package names.
The patches in the libraries will be put on hold until application
patches have landed, or L2, whichever comes first. At that point, new
versions of the libraries without namespace packages will be released as
a major version update.
Please merge this patch, or an equivalent, before L2 to avoid problems
with those library releases.
Blueprint: remove-namespace-packages
https://blueprints.launchpad.net/oslo-incubator/+spec/remove-namespace-packages
Change-Id: I387a7a1a817058a4daca313fe6df60612cb84864
|
|
|
|
|
|
|
| |
This should never have been added in a public way. I feel we are ok
making this private as there is no public use i can foresee.
Change-Id: Ib95365a11fa21146d51bea103c7709943aafdae8
|