keystonemiddleware

ec2 token authentication doesn't support v4 protocol

Bug #1473039 reported by Andrey Pavlov
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
keystonemiddleware
Fix Released
Wishlist
Andrey Pavlov

Bug Description

Amazon has several versions of signature for requests.
Now ec2_token middleware supports only v2 version.

It will be good if ec2_token middleware will support v4 version.
http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html
Such code already present in openstack/nova and stackforge/ec2-api projects. These projects can be moved to use keystone middleware if it will has v4 auth.

Revision history for this message
Dolph Mathews (dolph) wrote :

Related to bug 1473042.

Changed in keystonemiddleware:
importance: Undecided → Wishlist
status: New → Triaged
Andrey Pavlov (apavlov-e)
Changed in keystonemiddleware:
assignee: nobody → Andrey Pavlov (apavlov-e)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystonemiddleware (master)

Fix proposed to branch: master
Review: https://review.openstack.org/205440

Changed in keystonemiddleware:
status: Triaged → In Progress
OpenStack Infra (hudson-openstack)
Changed in keystonemiddleware:
assignee: Andrey Pavlov (apavlov-e) → Steve Martinelli (stevemar)
assignee: Steve Martinelli (stevemar) → Andrey Pavlov (apavlov-e)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystonemiddleware (master)

Reviewed: https://review.openstack.org/205440
Committed: https://git.openstack.org/cgit/openstack/keystonemiddleware/commit/?id=9390329f07473cd791a18e9b55c3a573872cd268
Submitter: Jenkins
Branch: master

commit 9390329f07473cd791a18e9b55c3a573872cd268
Author: Andrey Pavlov <email address hidden>
Date: Mon Aug 3 08:19:15 2015 +0300

    Adding parse of protocol v4 of AWS auth to ec2_token

    This patch adds parsing of protocol v4 of AWS auth to ec2_token.
    This code 'copy-pasted' from nova where it works well.
    Also this patch adds unit tests for ec2_token middleware.

    Chunks of the code proposed can be seen here:
    https://github.com/openstack/ec2-api/blob/master/ec2api/api/__init__.py#L166

    and here:
    https://github.com/openstack/ec2-api/blob/master/ec2api/api/faults.py

    We copy and paste the code since pulling in ec2api would bring in
    a lot of dependencies and probably create a circular one

    https://github.com/openstack/ec2-api/blob/master/requirements.txt

    Change-Id: Id03a7c78152bda35879550f2aaf94483b82f381e
    Closes-Bug: 1473039
    Closes-Bug: 1333951

Changed in keystonemiddleware:
status: In Progress → Fix Released
Revision history for this message
Doug Hellmann (doug-hellmann) wrote : Fix included in openstack/keystonemiddleware 4.1.0

This issue was fixed in the openstack/keystonemiddleware 4.1.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.