OpenStack Identity (keystone)

  1. Series ocata
  2. Bug #1779205
  3. Comment #64

Comment 64 for bug 1779205

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/pike)

Reviewed: https://review.openstack.org/585792
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=ce46cc25dc4d967c062587ab21b2b38cab045e00
Submitter: Zuul
Branch: stable/pike

commit ce46cc25dc4d967c062587ab21b2b38cab045e00
Author: Lance Bragstad <email address hidden>
Date: Wed Jul 25 15:07:16 2018 +0000

    Reduce duplication in federated auth APIs

    The GET /v3/OS-FEDERATION/projects and GET /v3/OS-FEDERATION/domains
    APIs were introduced to handle tokens from federated users, but now
    that GET /v3/auth/projects and GET /v3/auth/domains know how to handle
    federated tokens, they're just duplicate APIs.

    In the past we deprecated these federated auth APIs, but they still
    used separate code paths from GET /v3/auth/projects and GET
    /v3/auth/domains. The two code paths are true duplication in that they
    don't expect to differ over time and should provide the same user
    experience.

    Instead of running the risk that comes with two code paths that do the
    same thing, we should consolidate them.

    Conflicts:
      keystone/federation/controllers.py due to the fact that pre-Queens
      code used a different dependency framework. This was reworked in
      the Queens release, causing a conflict with this patch since it
      touches the same code.

    Co-Authored-By: Kristi Nikolla <email address hidden>

    Closes-Bug: 1779205
    Change-Id: Ib906c42e1dd2c2408ccd2e256ffd876af02af3fe
    (cherry picked from commit df5d75571ed274b2964ed52048768c6d9f24d138)