OpenStack Identity (keystone)

  1. Series queens
  2. Bug #1779205
  3. Comment #62

Comment 62 for bug 1779205

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/ocata)

Reviewed: https://review.openstack.org/585802
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=ade177ad357d28746ab4203e56a74e6e1e89c074
Submitter: Zuul
Branch: stable/ocata

commit ade177ad357d28746ab4203e56a74e6e1e89c074
Author: Lance Bragstad <email address hidden>
Date: Wed Jul 25 15:07:16 2018 +0000

    Reduce duplication in federated auth APIs

    The GET /v3/OS-FEDERATION/projects and GET /v3/OS-FEDERATION/domains
    APIs were introduced to handle tokens from federated users, but now
    that GET /v3/auth/projects and GET /v3/auth/domains know how to handle
    federated tokens, they're just duplicate APIs.

    In the past we deprecated these federated auth APIs, but they still
    used separate code paths from GET /v3/auth/projects and GET
    /v3/auth/domains. The two code paths are true duplication in that they
    don't expect to differ over time and should provide the same user
    experience.

    Instead of running the risk that comes with two code paths that do the
    same thing, we should consolidate them.

    Conflicts:
      keystone/federation/controllers.py due to the fact that pre-Queens
      code used a different dependency framework. This was reworked in
      the Queens release, causing a conflict with this patch since it
      touches the same code.
      keystone/tests/unit/test_v3_auth.py due to a couple test with
      similar naming and placement within the same test module.

    Co-Authored-By: Kristi Nikolla <email address hidden>

    Closes-Bug: 1779205
    Change-Id: Ib906c42e1dd2c2408ccd2e256ffd876af02af3fe
    (cherry picked from commit df5d75571ed274b2964ed52048768c6d9f24d138)