OpenStack Identity (keystone)

Bug #1776504
Comment #133

Comment 133 for bug 1776504

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-10-11: Fix merged to keystone (master)

#133

Reviewed: https://review.openstack.org/603461
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=d97832e8e826e37171b727072c720a9b589998dd
Submitter: Zuul
Branch: master

commit d97832e8e826e37171b727072c720a9b589998dd
Author: morgan fainberg <email address hidden>
Date: Tue Sep 18 10:54:59 2018 -0700

Convert auth to flask native dispatching

Convert the /auth paths to flask native dispatching.

    A minor change to additional_urls was implemented to ensure all
    urls are added at once instead of individually (causing an over-
    write issue within flask as a single resource may only have a
    single set of URL mappings).

    Alternate URLs now support adding alternate JSON Home rel links.
    This is to support the case of OS-FEDERATION auth routes moving
    to /auth. The old JSON Home entries must exist but reference
    the new paths.

    This port includes the following test changes (needed due to the
    way flask handles requests and the way requests are passed through
    the auth system):

    * Implemented keystone.common.render_token (module)
      containing render_token_response_from_model and use it instead
      of keystone.common.controller.render_token_response_from_model.

      Minor differences occur in render_token_response_from_model in
      the keystone.common.render_token module, this is simply
      for referencing data from flask instead of the request object.

* Test cases have been modified to no longer rely on the auth
controller(s) directly

    * Test cases now use "make_request" as a context manager
      since authenticate/authenticate_for_token directly
      reference the flask contexts and must have an explicit
      context pushed.

    * Test cases no longer pass request objects into methods
      such as authenticate/authenticate_for_token or similar
      methods on the auth plugins

    * Test cases for federation reference the token model now
      where possible instead of the rendered token response.
      Rendered token responses are generated where needed.

* Auth Plugin Configuration is done in test core as well.
This is because Auth controller does not exist.

    NOTE: This is a massive change, but must of these changes
    were now easily uncoupled because of how far reaching auth
    is.

Change-Id: I636928102875760726cc3493775a2be48e774fd7
Partial-Bug: #1776504

Reviewed:  https://review.openstack.org/603461
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=d97832e8e826e37171b727072c720a9b589998dd
Submitter: Zuul
Branch:    master

commit d97832e8e826e37171b727072c720a9b589998dd
Author: morgan fainberg <morgan.fainberg@gmail.com>
Date:   Tue Sep 18 10:54:59 2018 -0700

Convert auth to flask native dispatching
    
    Convert the /auth paths to flask native dispatching.
    
    A minor change to additional_urls was implemented to ensure all
    urls are added at once instead of individually (causing an over-
    write issue within flask as a single resource may only have a
    single set of URL mappings).
    
    Alternate URLs now support adding alternate JSON Home rel links.
    This is to support the case of OS-FEDERATION auth routes moving
    to /auth. The old JSON Home entries must exist but reference
    the new paths.
    
    This port includes the following test changes (needed due to the
    way flask handles requests and the way requests are passed through
    the auth system):
    
    * Implemented keystone.common.render_token (module)
      containing render_token_response_from_model and use it instead
      of keystone.common.controller.render_token_response_from_model.
    
      Minor differences occur in render_token_response_from_model in
      the keystone.common.render_token module, this is simply
      for referencing data from flask instead of the request object.
    
    * Test cases have been modified to no longer rely on the auth
      controller(s) directly
    
    * Test cases now use "make_request" as a context manager
      since authenticate/authenticate_for_token directly
      reference the flask contexts and must have an explicit
      context pushed.
    
    * Test cases no longer pass request objects into methods
      such as authenticate/authenticate_for_token or similar
      methods on the auth plugins
    
    * Test cases for federation reference the token model now
      where possible instead of the rendered token response.
      Rendered token responses are generated where needed.
    
    * Auth Plugin Configuration is done in test core as well.
      This is because Auth controller does not exist.
    
    NOTE: This is a massive change, but must of these changes
    were now easily uncoupled because of how far reaching auth
    is.
    
    Change-Id: I636928102875760726cc3493775a2be48e774fd7
    Partial-Bug: #1776504