Change url scheme passed to oauth signature verifier
Change 461736 modifies the url passed to oauth signature verifier to
request url. But in some deployments, https endpoints are terminated
at haproxy and http request is sent to keystone. So request url will
have http as url scheme whereas the endpoint is registered with https
and signature at client is done with https url. This results in OAUTH
signature validation failure.
Update URL sent for OAUTH signature verification with the scheme of
the base url.
Change-Id: Iaba285985b616a35e3dfe33cdd45667174e7c69d
Partial-Bug: #1687593
(cherry picked from commit b7aece57d2845fcfa45a84e6d21a6188ddd192cc)
Reviewed: https:/ /review. openstack. org/483590 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=8d3758fde99 380d1258f72d489 a22edacde331b7
Committed: https:/
Submitter: Jenkins
Branch: stable/newton
commit 8d3758fde99380d 1258f72d489a22e dacde331b7
Author: Hemanth Nakkina <email address hidden>
Date: Mon May 15 14:30:24 2017 +0530
Change url scheme passed to oauth signature verifier
Change 461736 modifies the url passed to oauth signature verifier to
request url. But in some deployments, https endpoints are terminated
at haproxy and http request is sent to keystone. So request url will
have http as url scheme whereas the endpoint is registered with https
and signature at client is done with https url. This results in OAUTH
signature validation failure.
Update URL sent for OAUTH signature verification with the scheme of
the base url.
Change-Id: Iaba285985b616a 35e3dfe33cdd456 67174e7c69d fa45a84e6d21a61 88ddd192cc)
Partial-Bug: #1687593
(cherry picked from commit b7aece57d2845fc