Change url scheme passed to oauth signature verifier
Change 461736 modifies the url passed to oauth signature verifier to
request url. But in some deployments, https endpoints are terminated
at haproxy and http request is sent to keystone. So request url will
have http as url scheme whereas the endpoint is registered with https
and signature at client is done with https url. This results in OAUTH
signature validation failure.
Update URL sent for OAUTH signature verification with the scheme of
the base url.
Change-Id: Iaba285985b616a35e3dfe33cdd45667174e7c69d
Partial-Bug: #1687593
(cherry picked from commit b7aece57d2845fcfa45a84e6d21a6188ddd192cc)
Reviewed: https:/ /review. openstack. org/483586 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=215788d26db 0649686ef9ba996 a45f5d4c7c1f90
Committed: https:/
Submitter: Jenkins
Branch: stable/ocata
commit 215788d26db0649 686ef9ba996a45f 5d4c7c1f90
Author: Hemanth Nakkina <email address hidden>
Date: Mon May 15 14:30:24 2017 +0530
Change url scheme passed to oauth signature verifier
Change 461736 modifies the url passed to oauth signature verifier to
request url. But in some deployments, https endpoints are terminated
at haproxy and http request is sent to keystone. So request url will
have http as url scheme whereas the endpoint is registered with https
and signature at client is done with https url. This results in OAUTH
signature validation failure.
Update URL sent for OAUTH signature verification with the scheme of
the base url.
Change-Id: Iaba285985b616a 35e3dfe33cdd456 67174e7c69d fa45a84e6d21a61 88ddd192cc)
Partial-Bug: #1687593
(cherry picked from commit b7aece57d2845fc