ec2 token authentication doesn't support v4 protocol

Bug #1473039 reported by Andrey Pavlov on 2015-07-09
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
keystonemiddleware
Wishlist
Andrey Pavlov

Bug Description

Amazon has several versions of signature for requests.
Now ec2_token middleware supports only v2 version.

It will be good if ec2_token middleware will support v4 version.
http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html
Such code already present in openstack/nova and stackforge/ec2-api projects. These projects can be moved to use keystone middleware if it will has v4 auth.

Dolph Mathews (dolph) wrote :

Related to bug 1473042.

Changed in keystonemiddleware:
importance: Undecided → Wishlist
status: New → Triaged
Changed in keystonemiddleware:
assignee: nobody → Andrey Pavlov (apavlov-e)

Fix proposed to branch: master
Review: https://review.openstack.org/205440

Changed in keystonemiddleware:
status: Triaged → In Progress
Changed in keystonemiddleware:
assignee: Andrey Pavlov (apavlov-e) → Steve Martinelli (stevemar)
assignee: Steve Martinelli (stevemar) → Andrey Pavlov (apavlov-e)

Reviewed: https://review.openstack.org/205440
Committed: https://git.openstack.org/cgit/openstack/keystonemiddleware/commit/?id=9390329f07473cd791a18e9b55c3a573872cd268
Submitter: Jenkins
Branch: master

commit 9390329f07473cd791a18e9b55c3a573872cd268
Author: Andrey Pavlov <email address hidden>
Date: Mon Aug 3 08:19:15 2015 +0300

    Adding parse of protocol v4 of AWS auth to ec2_token

    This patch adds parsing of protocol v4 of AWS auth to ec2_token.
    This code 'copy-pasted' from nova where it works well.
    Also this patch adds unit tests for ec2_token middleware.

    Chunks of the code proposed can be seen here:
    https://github.com/openstack/ec2-api/blob/master/ec2api/api/__init__.py#L166

    and here:
    https://github.com/openstack/ec2-api/blob/master/ec2api/api/faults.py

    We copy and paste the code since pulling in ec2api would bring in
    a lot of dependencies and probably create a circular one

    https://github.com/openstack/ec2-api/blob/master/requirements.txt

    Change-Id: Id03a7c78152bda35879550f2aaf94483b82f381e
    Closes-Bug: 1473039
    Closes-Bug: 1333951

Changed in keystonemiddleware:
status: In Progress → Fix Released

This issue was fixed in the openstack/keystonemiddleware 4.1.0 release.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers