OpenID connect support should include authenticating using directly an access token
Bug #1583780 reported by
Alvaro Lopez
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| keystoneauth |
Fix Released
|
Medium
|
Alvaro Lopez | ||
Bug Description
If a user or service already has got an OpenID Connect access token it should be possible to authenticate against Keystone using it (i.e. exchange it to obtain an unscoped Keystone token).
| Changed in keystoneauth: | |
| assignee: | nobody → Alvaro Lopez (aloga) |
| status: | New → In Progress |
| assignee: | Alvaro Lopez (aloga) → Steve Martinelli (stevemar) |
| Changed in keystoneauth: | |
| importance: | Undecided → Medium |
| assignee: | Steve Martinelli (stevemar) → Alvaro Lopez (aloga) |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to keystoneauth (master) | #1 |
| Changed in keystoneauth: | |
| status: | In Progress → Fix Released |
Revision history for this message
| Doug Hellmann (doug-hellmann) wrote Fix included in openstack/keystoneauth 2.8.0 | #2 |
| tags: | added: oidc |
To post a comment you must log in.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 553a523830a31b1
Author: Alvaro Lopez Garcia <email address hidden>
Date: Thu May 19 17:48:41 2016 +0200
oidc: add OidcAccessToken class to authenticate reusing an access token
Some services or users may have obtained an access token, so it would be
possible to authenticate using this token directly (for example a
service where the user has already logged in). This new class makes
possible to use an access token to authenticate directly with Keystone,
exchanging it for a Keystone token.
Closes-bug: 1583780
Change-Id: I5a31270194a3d1