CHANGES¶

4.14.0¶

Updated from global requirements
fix broken links
use oslo.log instead of logging
Removes unnecessary utf-8 coding
Remove references to Python 3.4
Switch tox unit test command to use ostestr

4.13.1¶

Add Constraints support
Auth token, set the correct charset

4.13.0¶

Limit deprecated token message to single warning
auth_token: set correct charset when replying with 401
Updated from global requirements

4.12.0¶

Pass ?allow_expired
Updated from global requirements
clean up a few doc building warnings
Add docutils contraint on 0.13.1 to fix building
Updated from global requirements
Updated from global requirements
Updated from global requirements

4.11.0¶

Drop MANIFEST.in - it’s not needed by pbr
Show team and repo badges on README
Updated from global requirements
Deprecate PKI token format options
Updated from global requirements
Mock log only after app creation
Updated from global requirements
Update .coveragerc after the removal of respective directory
Updated from global requirements
Updated from global requirements
Updated from global requirements
Updated from global requirements
Updated from global requirements
Updated from global requirements
Updated from global requirements
Add service token to user token plugin
Specify that unknown arguments can be passed to fetch_token
Enable release notes translation
Changed the home-page link

4.10.0¶

Return and use an app wherever possible
Refactor audit tests to use create_middleware
Use oslo_messaging conf fixture
Extract oslo_messaging specific audit tests
Use the mocking fixture in notifier tests
Updated from global requirements
Use method constant_time_compare from oslo.utils
Raise NotImplementedError instead of NotImplemented
Updated from global requirements
Updated from global requirements
Update code to use Newton as the code name
standardize release note page ordering
Update reno for stable/newton
Globalize authentication failure error
Updated from global requirements

4.9.0¶

Updated from global requirements
Updated from global requirements
Updated from global requirements
Updated from global requirements

4.8.0¶

Updated from global requirements
Updated from global requirements
Fix description of option cache

4.7.0¶

Add Python 3.5 classifier
Updated from global requirements
Updated from global requirements
Updated from global requirements
Use jsonutils instead of ast for loading the service catalog
Use AccessInfo in UserAuthPlugin instead of custom
Remove the _is_v2 and _is_v3 helpers
Remove oslo-incubator

4.6.0¶

Updated from global requirements
Use extras for oslo.messaging dependency
Refactor API tests to not run middleware
Refactor audit api tests into their own file
Refactor create_event onto the api object
Extract a common notifier pattern
Break out the API piece into its own file
Use createfile fixture in audit test
Move audit into its own folder
use local config options if available in audit middleware
Use oslo.config fixture in audit tests
Pop oslo_config_config before doing paste convert
Updated from global requirements
Fix typo ‘olso’ to ‘oslo’
Config: no need to set default=None
Fix an issue with oslo_config_project paste config
Updated from global requirements
Pass X_IS_ADMIN_PROJECT header from auth_token
Clean up middleware architecture
Updated from global requirements
Add a fixture method to add your own token data
Move auth token opts calculation into auth_token
Make audit middleware use common config object
Consolidate user agent calculation
Create a Config object
Updated from global requirements
Updated from global requirements
Improve documentation for auth_uri
PEP257: Ignore D203 because it was deprecated
Updated from global requirements
Use method split_path from oslo.utils
Updated from global requirements
Make sure audit can handle API requests which does not require a token
Updated from global requirements
Updated from global requirements
Updated from global requirements
Determine project name from oslo_config or local config

4.5.1¶

Fix AttributeError on cached-invalid token checks

4.5.0¶

Updated from global requirements
Updated from global requirements
Fix D105: Missing docstring in magic method (PEP257)
Fix D200: One-line docstring should fit on one line with quotes (PEP257)
Fix D202: No blank lines allowed after function docstring (PEP257)
Adding audit middleware specific notification driver conf
remove old options from documentation
generate sample config automatically
Return default value for pkg_version if missing
Updated from global requirements
Fix D204 PEP257 violation and enable D301 and D209
Fix D400 PEP257 violation
Fix D401 PEP257 violation and enable H403
Update config options
s3token config with auth URI
Updated from global requirements
Return JSON for Unauthorized message
Updated from global requirements
Fix doc build if git is absent
PEP257: add flake8-docstring testing
Only confirm token binding on one token
Create signing_dir upon first usage
Updated from global requirements
Updated from global requirements
Handle cache invalidate outside cache object
Update reno for stable/mitaka
Remove bandit.yaml in favor of defaults
use the same context across a request
Updated from global requirements
Update documentation for running tests
Updated from global requirements
Add back a bandit tox job

4.3.0¶

argparse expects a list not a dictionary
update deprecation message to indicate when deprecations were made
Updated from global requirements
Split oslo_config and list all opts
Updated from global requirements
Make pep8 the linting interface
Remove clobbering of passed oslo_config_config
Updated from global requirements
Use positional instead of keystoneclient version
Updated from global requirements
Remove Babel from requirements.txt

4.2.0¶

Updated from global requirements
Deprecate in-process cache
Revert “Disable memory caching of tokens”
Revert “Don’t cache signed tokens”
Updated from global requirements
Remove bandit tox environment
Remove unnecessary _reject_request function
Group common PKI validation code - Refactor
Group common PKI validation code - Tests
Remove except Exception handler
Fix tests to work with keystoneauth1 2.2.0
Bandit profile updates
Replace deprecated library function os.popen() with subprocess

4.1.0¶

Add project_name to the auth_token fixture
Revert “Stop using private keystoneclient functions”
create release notes for ksm 4.1.0
Don’t cache signed tokens
Disable memory caching of tokens
Updated from global requirements
Use oslo_config choices support
Stop using private keystoneclient functions
Use fixture for mock patch
auth_token verify revocation by audit_id
Updated from global requirements
Deprecated tox -downloadcache option removed
Updated from global requirements
Make BaseAuthProtocol public
Use load_from_options_getter for auth plugins
Configuration is outdated
Updated from global requirements
Use keystoneauth for auth_token fixture
Don’t list deprecated opts in sample config
Updated from global requirements
Put py34 first in the env order of tox

4.0.0¶

Add release notes for keystonemiddleware
Updated from global requirements
Adding parse of protocol v4 of AWS auth to ec2_token
Add a mock-fixture for keystonemiddleware auth_protocol
Add domain and trust details to user plugin
Remove py26 target from tox.ini
Use keystoneauth
Updated from global requirements
Address hacking check H405
update middlewarearchitecture.rst
Make “Auth Token confirmed use of %s apis” debug level
Define entry points for filter factories for Paste Deployment
Updated from global requirements
Updated from global requirements

3.0.0¶

Updated from global requirements
drop use of norm_ns

2.4.1¶

Updated from global requirements
Straighten up exceptions imports
Separate setting catalog on headers from others

2.4.0¶

Updated from global requirements
Updated from global requirements
Remove auth headers in AuthProtocol
Use request helpers for token_info/token_auth
Make __all__ immutable
Move response status check to the call
only make token invalid when it really is
auto-generate release history
Add shields.io version/downloads links/badges into README.rst
Updated from global requirements
Change ignore-errors to ignore_errors
Ensure auth_plugin options are in generated CONF
Cleanup a few auth_token comments

2.3.0¶

Updated from global requirements
Remove unused group parameter from tests
auth_token tests use clean config
Docstring updates
Use ConnectionRefused for auth_token tests

2.2.0¶

Seperate standalone cache tests
Import _memcache_pool normally
Create Environment cache pool
Handle memcache pool arguments collectively
Updated from global requirements
Allow specifying a region name to auth_token
Updated from global requirements
Allow to use oslo.config without global CONF
Updated from global requirements
Updated from global requirements
Updated from global requirements
Updated from global requirements
Move common request processing to base class
Fix rst
py34 not py33 is tested and supported
Refactor extract method for offline validation
Send the correct user-agent to Keystone
Move enforcement and time validation to base class
Separate the fetch and validate parts of auth_token
Fixes modules index generated by Sphinx

2.1.0¶

Add token_auth helper to request
Add user_token and service_token to request
Create a simple base class from AuthProtocol
Switch from deprecated oslo_utils.timeutils.strtime
Updated from global requirements
Refactor _confirm_token_bind takes AccessInfo
Make token bind work with a request
Rename _LOG to log in auth_token middleware
Don’t allow webob to set a default content type
Prevent a UnicodeDecodeError in the s3token middleware
Remove install_venv_common and fix typo in memorycache

2.0.0¶

Ensure cache keys are a known/fixed length
Updated from global requirements
Refactor request methods onto request object
validate_token returns AccessInfo
Updated from global requirements
Fixes a spelling error in a test name
Remove custom header handling
Unit tests catch deprecated function usage
Common base class for unit tests
Stop using function deprecated in py34
Move bandit requirement to test-requirements.txt
Fetch user token from request rather than env
Remove the _msg_format function
Base use webob
Don’t rely on token_info for header building
Move project included validation
Depend on keystoneclient for expiration checking
Don’t store expire into memcache
Removes discover from test-reqs
Drop py2.6 support for keystone middleware
Create new user plugin tests
Add an explicit test failure condition when auth_token is missing
Fixup test-requirements-py3.txt
Fix list_opts test to not check all deps
Refactor certificate fetch functions
tox env for Bandit
Cleanup token hashes generated by cache
Updated from global requirements
Improved handling of endpoints missing urls
Refactor: extract echo_app from enclosing class
Add keystone v3 API to fetch revocation list
Simplify request making in auth_token tests
Change auth_token to use keystoneclient
Deprecate auth_token authentication
Updated from global requirements

1.6.1¶

Ignore cover directory
Remove superfluous / spammy log line
Drop use of ‘oslo’ namespace package
Port keystonemiddleware to Python 3
Remove unused iso8601 dependency
Update README to work with release tools

1.6.0¶

Uncap library requirements for liberty
Remove retry parameter
Fix s3_token middleware parsing insecure option
Updated from global requirements
Pull echo service out of auth_token
Fix typos in keystonemiddleware
Rename requests mock object in testing
Update auth_token config docs
Crosslink to other sites that are owned by Keystone
Move _memcache_pool into auth_token
Move unit tests into tests.unit

1.5.0¶

Allow loading auth plugins via overrides
Updated from global requirements
Delay denial when service token is invalid
Updated from global requirements
Move UserAuthPlugin into its own file
Extract IdentityServer into file
Extract all TokenCache related classes to file
Break default auth plugin into file
Extract revocations to file
Extract SigningDirectory into file
Separate exceptions into their own file
Updated from global requirements
Updated from global requirements
Move auth_token into its own folder
Updated from global requirements

1.4.0¶

Refactor auth_token revocation list members to new class
Refactor extract class for signing directory
Turn our auth plugin into a token interface
iso expires should be returned in one place
move add event creation logic to keystonemiddleware
Updated from global requirements
Sync with oslo-incubator
Use oslo.context instead of incubator code
Refactor auth_uri handling
make audit event scoped to request session and not middleware
Updated from global requirements
Remove custom string truth handling
Updated from global requirements
incorrect reference in enabling audit middleware
Updated from global requirements
Enforce check F821 and H304
Switch from oslo.config to oslo_config
Switch from oslo.serialization to oslo_serialization
Switch from oslo.utils to oslo_utils
Add python-memcached to test-requirements
Correct failures for check E122
Correct failures for check H703
Updated from global requirements
Correct failures for check H238
Move to hacking 0.10
Updated from global requirements
Use a test fixture for mocking time
Fix environ keys missing HTTP_ prefix
support micro version if sent
Fix passing parameters to log message
Correct incorrect rst in docstrings
remove unused variable in _IdentityServer

1.3.1¶

Fix auth_token does version request for no token
Adds Memcached dependencies doc
fallback to online validation if offline validation fails

1.3.0¶

documentation for audit middleware
remove the unused method _will_expire_soon
Updated from global requirements
Use newer requests-mock syntax
Allow loading other auth methods in auth_token
Auth token tests create temp cert directory
Add a test to ensure the version check error
Split identity server into v2 and v3
Workflow documentation is now in infra-manual
Use real discovery object in auth_token middleware
Updated from global requirements
Make everything in audit middleware private
Updated from global requirements
Adding audit middleware to keystonemiddleware
Fix paste config option conversion for auth options
Auth token supports deprecated names for paste conf options
Correct tests to use strings in conf
Change occurrences of keystone to identity server
Updated from global requirements
Updated from global requirements
Updated from global requirements
I18n
Adds space after # in comments
Update python-keystoneclient reference
Use Discovery fixtures for auth token tests
Convert authentication into a plugin
Add versions to requests
Use an adapter in IdentityServer
Use connection retrying from keystoneclient
Updated from global requirements
Use correct name of oslo debugger script
Use new ksc features in User Token Plugin
Remove netaddr package requirement
add context to keystonemiddleware
Updated from global requirements
Improve help strings
Updated from global requirements
Changing the value type of http_connect_timeout
Revert “Support service user and project in non-default domain”
Replace httpretty with requests-mock
Encode middleware error message as bytes
Docstring cleanup
Remove HTTP_X_STORAGE_TOKEN doc
Fix reference to middleware architecture doc
Clean up the middleware docs
Update oslo-incubator and switch to oslo.{utils,serialization}
Refactor auth_token cache

1.2.0¶

Add an optional advanced pool of memcached clients
Fix auth_token for old oslo.config
Support service user and project in non-default domain
Add composite authentication support
Fix test failure after discovery hack
Updated from global requirements
BaseAuthTokenMiddlewareTest.setUp call super normally
Remove unused iso8601
Use oslo_debug_helper and remove our own version
convert the conf value into correct type
Always add auth URI to unauthorized requests
Work toward Python 3.4 support and testing
warn against sorting requirements
Always supply a username to auth_token tests setup
Create an Auth Plugin to pass to users
Updated from global requirements

1.1.1¶

Hash for PKIZ
auth_token cached token handling
Add a test for re-caching a token
Updated from global requirements
Remove intersphinx mappings
Use oslosphinx in keystonemiddlware for documentation
Updated from global requirements
Convert auth_token middleware to use sessions

1.1.0¶

Updated from global requirements
Remove mox dependency
move webob from test-requirements to requirements
remove unused dep: stevedore
remove unused dep: prettytable
Example JSON files should be human-readable
Updated from global requirements
Mark keystonemiddleware as being a universal wheel
Use keystoneclient fixtures in middleware tests
prefer identity API v3 over v2 in auth_token
Clean up openstack-common.conf
Sync with oslo-incubator 569979adf
Refactor auth_token, move identity server members to class

1.0.0¶

Expose an entry point to list auth_token middleware config options
Privatize Everything
Privatize Everything
add CONTRIBUTING.rst
add README
Update setup.cfg to remove keystoneclient ref
Bring over debug_helper.sh
Update requirement files
Update .gitignore files
Correct Doc location and update for middleware only
Move Docs to the right location
Remove .update-venv
Update middleware and tests for new package
Update requirements
Update MANIFEST.in
Remove unused testing files from keystoneclient
Move examples split to new location
Move ec2_token to new location
Add in original keystoneclient test-requirements.txt
Initial oslo-incubator sync
Cleanup unused testr.conf file
Move tests to new location
Moving middleware to new location
Initial commit
Fix 500 error if request body is not JSON object
auth_token _cache_get checks token expired
auth_token _cache_get checks token expired
Using six.u(‘’) instead of u’‘
Session Documentation
Link to docstrings in using-api-v3
Refactor auth_token token cache members to class
Refactor auth_token token cache members to class
Add service_name to URL discovery
Don’t use mock non-exist method assert_called_once
Remove _factory methods from auth plugins
Make get_oauth_params conditional for specific oauthlib versions
Changes exception raised by v3.trusts.update()
Add role assignments as concept in Client API V3 docs
Fix tests to use UUID strings rather than ints for IDs
Clean up oauth auth plugin code
Add endpoint handling to Token/Endpoint auth
Add support for extensions-list
auth_token middleware hashes tokens with configurable algorithm
auth_token middleware hashes tokens with configurable algorithm
Remove left over vim headers
Add /role_assignments endpoint support
Authenticate via oauth
Auth Plugin invalidation
Move DisableModuleFixture to utils
replace string format arguments with function parameters
Fixes an erroneous type check in a test
auth_token hashes PKI token once
auth_token hashes PKI token once
Compressed Signature and Validation
Compressed Signature and Validation
Compressed Signature and Validation
OAuth request/access token and consumer support for oauth client API
Regions Management
Discovery URL querying functions
Move auth_token tests not requiring v2/v3 to new class
Cached tokens aren’t expired
Cached tokens aren’t expired
Move auth_token cache pool tests out of NoMemcache
Fixed the size limit tests in Python 3
Make auth_token return a V2 Catalog
Make auth_token return a V2 Catalog
Fix client fixtures
fixed typos found by RETF rules
fixed typos found by RETF rules
auth_token configurable check of revocations for cached
auth_token configurable check of revocations for cached
Remove unused AdjustedBaseAuthTokenMiddlewareTest
auth_token test remove unused fake_app parameter
Fix typo in BaseAuthTokenMiddlewareTest
Enhance tests for auth_token middleware
Limited use trusts
Debug log when token found in revocation list
Ensure that cached token is not revoked
Fix the catalog format of a sample token
remove universal_newlines
replace double quotes with single
Deprecate admin_token option in auth_token
Create a V3 Token Generator
Implement endpoint filtering functionality on the client side
Fix typo of ANS1 to ASN1
Fix typo of ANS1 to ASN1
Add new error for invalid response
Rename HTTPError -> HttpError
Add CRUD operations for Federation Mapping Rules
Don’t use generic kwargs in v2 Token Generation
Update docs for auth_token middleware config options
Allow session to return an error response object
Add service name to catalog
Hash functions support different hash algorithms
Add CRUD operations for Identity Providers
eliminate race condition fetching certs
eliminate race condition fetching certs
Allow passing auth plugin as a parameter
Prefer () to continue line per PEP8
Prefer () to continue line per PEP8
Use HttpNotImplemented in tests.v3.test_trusts
Ensure JSON headers in Auth Requests
Create a test token generator and use it
Safer noqa handling
Rename request_uri to identity_uri
Tests should use identity_uri by default
Replace auth fragements with identity_uri
Replace auth fragements with identity_uri
Remove releases.rst from keystone docs
Handle URLs via the session and auth_plugins
Add a method for changing a user’s password in v3
sanity check memcached availability before running tests against it
Change the default version discovery URLs
add functional test for cache pool
Add a positional decorator
add pooling for cache references
add pooling for cache references
use v3 api to get certificates
use v3 api to get certificates
Don’t use a connection pool unless provided
Reference docstring for auth_token fields
Docs link to middlewarearchitecture
Uses explicit imports for _
Discover should support other services
Replace httplib.HTTPSConnection in ec2_token
Revert “Add request/access token and consumer...”
Revert “Authenticate via oauth”
Fix doc build errors
Fix doc build errors
Fix doc build errors
Generate module docs
Authenticate via oauth
Add request/access token and consumer support for keystoneclient
Add ‘methods’ to all v3 test tokens
Use AccessInfo in auth_token middleware
Add ‘methods’ to all v3 test tokens
Handle Token/Endpoint authentication
Split sample PKI token generation
Fix retry logic
Fix state modifying catalog tests
Remove reference to non-existent shell doc
increase default revocation_cache_time
Make keystoneclient not log auth tokens
improve configuration help text in auth_token
Log the command output on CertificateConfigError
V3 xml responses should use v3 namespace
Enforce scope mutual exclusion for trusts
Token Revocation Extension
Atomic write of certificate files and revocation list
Privatize auth construction parameters
Set the right permissions for signing_dir in tests
deprecate XML support in favor of JSON
Capitalize Client API title consistently
Remove http_handler config option in auth_token
Rely on OSLO.config
Use admin_prefix consistently
demonstrate auth_token behavior with a simple echo service
Remove redundant default value None for dict.get
Remove redundant default value None for dict.get
correct typo of config option name in error message
remove extra indentation
refer to non-deprecated config option in help
Create V3 Auth Plugins
Create V2 Auth Plugins
Fix role_names call from V3 AccessInfo
Interactive prompt for create user
Replace assertEqual(None, *) with assertIsNone in tests
Ensure domains.list filtered results are correct
Test query-string for list actions with filter arguments
Fix keystone command man page
Add link to the v3 client api doc
Fix references to auth_token in middlewarearchitecture doc
Use WebOb directly in ec2_token middleware
Don’t use private last_request variable
Python: Pass bytes to derive_keys()
Use WebOb directly for locale testing
Make sure to unset all variable starting with OS_
Python3: use six.moves.urllib.parse.quote instead of urllib.quote
Remove vim header
Remove vim header
Remove vim header
Python3: httpretty.last_request().body is now bytes
Python3: fix test_insecure
Deprecate s3_token middleware
Python3: webob.Response.body must be bytes
Python 3: call functions from memcache_crypt.py with bytes as input
Python 3: call functions from memcache_crypt.py with bytes as input
Use requests library in S3 middleware
Use requests library in S3 middleware
Python 3: make tests from v2_0/test_access.py pass
Python 3: make tests from v2_0/test_access.py pass
Create Authentication Plugins
Fix debug curl commands for included data
Add back –insecure option to CURL debug
Use HTTPretty in S3 test code
Provide a conversion function for creating session
Update reference to middlewarearchitecture doc
Update middlewarearchitecture config options docs
Remove support for old Swift memcache interface
Remove support for old Swift memcache interface
Replace urllib/urlparse with six.moves.*
Python 3: fix tests/test_utils.py
Python 3: Fix an str vs bytes issue in tempfile
Return role names by AccessInfo.role_names
Copy s3_token middleware from keystone
Copy s3_token middleware from keystone
build auth context from middleware
Fix E12x warnings found by Pep8 1.4.6
Fix typos in documents and comments
Fix typos in documents and comments
Consistently support kwargs across all v3 CRUD Manager ops
Use six to make dict work in Python 2 and Python 3
Python 3: set webob.Response().body to a bytes value
Remove test_print_{dict,list}_unicode_without_encode
Tests use cleanUp rather than tearDown
Adjust import items according to hacking import rule
Adjust import items according to hacking import rule
Adjust import items according to hacking import rule
Replace assertTrue with explicit assertIsInstance
Fix discover command failed to read extension list issue
Fix incorrect assertTrue usage
Make assertQueryStringIs usage simpler
auth_token tests use assertIs/Not/None
Make common log import consistent
Python 3: Use HTTPMessage.get() rather than HTTPMessage.getheader()
auth_token tests close temp file descriptor
Tests cleanup temporary files
Removes use of timeutils.set_time_override
Controllable redirect handling
Verify token binding in auth_token middleware
Verify token binding in auth_token middleware
Fix auth_token middleware test invalid cross-device link issue
Add unit tests for generic/shell.py
Rename using-api.rst to using-api-v2.rst
Documents keystone v3 API usage - part 1
v3 test utils, don’t modify input parameter
Fix error in v3 credentials create/update
Rename instead of writing directly to revoked file
Correctly handle auth_url/token authentication
Remove debug specific handling
Fix missed management_url setter in v3 client
Add service catalog to domain scoped token fixture
Change assertEquals to assertIsNone
Avoid meaningless comparison that leads to a TypeError
Python3: replace urllib by six.moves.urllib
Fix –debug handling in the shell
Rename tokenauth to authtoken in the doc
use six.StringIO for compatibility with io.StringIO in python3
Properly handle Regions in keystoneclient
Use testresources for example files
Discover supported APIs
Warn user about unsupported API version
Add workaround for OSError raised by Popen.communicate()
Use assertIn where appropriate
Extract a base Session object
Do not format messages before they are logged
keystoneclient requires an email address when creating a user
Fix typo in keystoneclient
Encode the text before print it to console
Opt-out of service catalog
Opt-out of service catalog
Opt-out of service catalog
Remove deprecated auth_token middleware
“publicurl” should be required on endpoint-create
Update the management url for every fetched token
Fix python3 incompatible use of urlparse
Convert revocation list file last modified to UTC
Convert revocation list file last modified to UTC
Migrate the keystone.common.cms to keystoneclient
Migrate the keystone.common.cms to keystoneclient
Avoid returning stale token via auth_token property
Remove SERVICE_TOKEN and SERVICE_ENDPOINT env vars
Make ROOTDIR determination more robust
Replace OpenStack LLC with OpenStack Foundation
Replace OpenStack LLC with OpenStack Foundation
Replace OpenStack LLC with OpenStack Foundation
Replace OpenStack LLC with OpenStack Foundation
Add AssertRequestHeaderEqual test helper and make use of it
python3: Make iteritems py3k compat
Normalize datetimes to account for tz
Normalize datetimes to account for tz
assertEquals is deprecated, use assertEqual (H602)
remove the nova dependency in the ec2_token middleware
Fix H202 assertRaises Exception
Fix H202 assertRaises Exception
Refactor for testability of an upcoming change
Refactor for testability of an upcoming change
Allow v2 client authentication with trust_id
Fix misused assertTrue in unit tests
Add auth_uri in conf to avoid unnecessary warning
Move tests in keystoneclient
Set example timestamps to 2038-01-18T21:14:07Z
Replace HttpConnection in auth_token with Requests
Replace HttpConnection in auth_token with Requests
Support client generate literal ipv6 auth_uri base on auth_host
Log user info in auth_token middleware
Changed header from LLC to Foundation based on trademark policies
python3: Use from future import unicode_literals
Fix and enable gating on F841
Use OSLO jsonutils instead of json module
Allow configure the number of http retries
Use hashed token for invalid PKI token cache key
Make auth_token middleware fetching respect prefix
Move all opens in auth_token to be in context
Refactor Keystone to use unified logging from Oslo
Refactor verify signing dir logic
Fixes files with wrong bitmode
Don’t cache tokens as invalid on network errors
Fix a typo in fetch_revocation_list
auth_uri (public ep) should not default to auth_* values (admin ep)
Adds help in keystone_authtoken config opts
python3: Add basic compatibility support
remove swift dependency of s3 middleware
flake8: fix alphabetical imports and enable H306
Drop webob from auth_token.py
no logging on cms failure
rm improper assert syntax
Fix and enable gating on H402
Raise key length defaults
Fix auth_token.py bad signing_dir log message
Fix and enable H401
Revert environment module usage in middleware
Fix the cache interface to use time= by default
Change memcache config entry name in Keystone to be consistent with Oslo
Change memcache config entry name in Keystone to be consistent with Oslo
Fix memcache encryption middleware
Fix memcache encryption middleware
Isolate eventlet code into environment
Provide keystone CLI man page
Check Expiry
Check Expiry
import only modules (flake8 H302)
Satisfy flake8 import rules F401 and F403
Default signing_dir to secure temp dir (bug 1181157)
Use testr instead of nose
Securely create signing_dir (bug 1174608)
adding notes about dealing with exceptions in the client
Fix v3 with UUID and memcache expiring
Fix v3 with UUID and memcache expiring
Allow keystoneclient to work with older keystone installs
Wrap config module and require manual setup (bug 1143998)
Config value for revocation list timeout
Cache tokens using memorycache from oslo
Cache tokens using memorycache from oslo
xml_body returns backtrace on XMLSyntaxError
Make auth_token lazy load the auth_version
Doc info and other readability improvements
Retry http_request and json_request failure
Use v2.0 api by default in auth_token middleware
Fix auth-token middleware to understand v3 tokens
Fix auth-token middleware to understand v3 tokens
Remove test dep on name of dir (bug 1124283)
bug 1131840: fix auth and token data for XML translation
Rework S3Token middleware tests
v3 token API
Use oslo-config-2013.1b3
Allow configure auth_token http connect timeout
Allow configure auth_token http connect timeout
Fix spelling mistakes
Mark password config options with secret
Fixes ‘not in’ operator usage
Fix thinko in self.middleware.cert_file_missing
Limit the size of HTTP requests
Blueprint memcache-protection: enable memcache value encryption/integrity check
Blueprint memcache-protection: enable memcache value encryption/integrity check
Warning message is not logged for valid token-less request
Use os.path to find ~/keystone-signing (bug 1078947)
Remove iso8601 dep in favor of openstack.common
remove unused import
Bug 1052674: added support for Swift cache
URL-encode user-supplied tokens (bug 974319)
Fix middleware logging for swift
Remove swift auth
Don’t try to split a list of memcache servers
Import auth_token middleware from keystoneclient
Throw validation response into the environment
Add auth-token code to keystoneclient, along with supporting files
Add auth-token code to keystoneclient, along with supporting files
Use the right subprocess based on os monkeypatch
Make initial structural changes to keystoneclient in preparation to moving auth_token here from keystone. No functional change should occur from this commit (even though it did refresh a newer copy of openstack.common.setup.py, none of the newer updates are in functions called from this client)
fixes bug 1074172
HACKING compliance: consistent use of ‘except’
auth_token hash pki key PKI tokens on hash in memcached when accessed by auth_token middelware
Move ‘opentack.context’ and ‘openstack.params’ definitions to keystone.common.wsgi
Replace refs to ‘Keystone API’ with ‘Identity API’
replacing PKI token detection from content length to content prefix. (bug 1060389)
updating base keystoneclient documentation
updating keystoneclient doc theme
Backslash continuation cleanup
Check for expected cfg impl (bug 1043479)
Fix PEP8 issues
Fix auth_token middleware to fetch revocation list as admin
allow middleware configuration from app config
Change underscores in new cert options to dashes
PKI Token revocation
Use user home dir as default for cache
Set default signing_dir based on os USER
Test for Cert by name
Cryptographically Signed tokens
Prevent service catalog injection in auth_token
Admin Auth URI prefix
Support 2-way SSL with Keystone server if it is configured to enforce 2-way SSL. See also https://review.openstack.org/#/c/7706/ for the corresponding review for the 2-way SSL addition to Keystone
Change CLI options to use dashes
Keystone should use openstack.common.jsonutils
Removed unused import
Reorder imports by full module path
Pass serviceCatalog in auth_token middleware
400 on unrecognized content type (bug 1012282)
PEP8 fixes
Move docs to doc
fix importing of optional modules in auth_token
blueprint 2-way-ssl
Fixes some pep8 warning/errors
Update swift_auth documentation
Add ACL check using <tenant_id>:<user> format
Use X_USER_NAME and X_ROLES headers
Allow other middleware overriding authentication
Backslash continuation removal (Keystone folsom-1)
Added ‘NormalizingFilter’ middleware
Make sure we parse delay_auth_decision as boolean
Exit on error in a S3 way
Add a _ at the end of reseller_prefix default
additional logging to support debugging auth issue
Add support to swift_auth for tokenless authz
Improve swift_auth test coverage + Minor fixes
S3 tokens cleanups
updating docs to include creating service accts
Rename tokenauth to authtoken
Remove nova-specific middlewares
Remove glance_auth_token middleware
Update username -> name in token response
Refactor keystone.common.logging use (bug 948224)
Allow connect to another tenant
Improved legacy tenancy resolution (bug 951933)
Fix iso8601 import/use and date comparaison
Add simple set of tests for auth_token middleware
Add token caching via memcache
Added license header (bug 929663)
Make sure we have a port number before int it
HTTP_AUTHORIZATION was used in proxy mode
Add reseller admin capability
improve auth_token middleware
Unpythonic code in redux in auth_token.py
Handle KeyError in _get_admin_auth_token
Provide request to Middleware.process_response()
Set tenantName to ‘admin’ in get_admin_auth_token
XML de/serialization (bug 928058)
Update auth_token middleware so it sets X_USER_ID
Fix case of admin role in middleware
Remove extraneous _validate_claims() arg
Fix copyright dates and remove duplicate Apache licenses
Re-adds admin_pass/user to auth_tok middleware
Update docs for Swift and S3 middlewares
Added Apache 2.0 License information
Update swift token middleware
Add s3_token
Fixes role checking for admin check
Add tests for core middleware
termie all the things
be more safe with getting json aprams
fix keystoneclient tests
pep8 cleanup
doc updates
fix middleware
update some names
fix some imports
re-indent
check for membership
add more middleware
woops
add legacy middleware

OpenStack

CHANGES¶

4.14.0¶

4.13.1¶

4.13.0¶

4.12.0¶

4.11.0¶

4.10.0¶

4.9.0¶

4.8.0¶

4.7.0¶

4.6.0¶

4.5.1¶

4.5.0¶

4.3.0¶

4.2.0¶

4.1.0¶

4.0.0¶

3.0.0¶

2.4.1¶

2.4.0¶

2.3.0¶

2.2.0¶

2.1.0¶

2.0.0¶

1.6.1¶

1.6.0¶

1.5.0¶

1.4.0¶

1.3.1¶

1.3.0¶

1.2.0¶

1.1.1¶

1.1.0¶

1.0.0¶

Table Of Contents

Previous topic

Next topic

Project Source

This Page

OpenStack

CHANGES¶

4.14.0¶

4.13.1¶

4.13.0¶

4.12.0¶

4.11.0¶

4.10.0¶

4.9.0¶

4.8.0¶

4.7.0¶

4.6.0¶

4.5.1¶

4.5.0¶

4.3.0¶

4.2.0¶

4.1.0¶

4.0.0¶

3.0.0¶

2.4.1¶

2.4.0¶

2.3.0¶

2.2.0¶

2.1.0¶

2.0.0¶

1.6.1¶

1.6.0¶

1.5.0¶

1.4.0¶

1.3.1¶

1.3.0¶

1.2.0¶

1.1.1¶

1.1.0¶

1.0.0¶

Table Of Contents

Previous topic

Next topic

Project Source

This Page

Quick search