I think the default token format switch to fernet in Newton; the charms don't support fernet yet so you'll either need to stick with the else -> uuid provider OR fully implement fernet support including key management into the charm.
As this does not actually impact either the master branch or a release charm, marking this bug as Invalid.
Your proposed change switches the token format from UUID to Fernet (below taken from mitaka):
{% if token_provider == 'pki' -%} token.providers .pki.Provider token.providers .pkiz.Provider token.providers .uuid.Provider
provider = keystone.
{% elif token_provider == 'pkiz' -%}
provider = keystone.
{% else -%}
provider = keystone.
{% endif -%}
and from your review (for newton onwards):
{% if token_provider == 'pki' -%} token.providers .pki.Provider token.providers .pkiz.Provider
provider = keystone.
{% elif token_provider == 'pkiz' -%}
provider = keystone.
{% endif -%}
I think the default token format switch to fernet in Newton; the charms don't support fernet yet so you'll either need to stick with the else -> uuid provider OR fully implement fernet support including key management into the charm.
As this does not actually impact either the master branch or a release charm, marking this bug as Invalid.