Configurable token hashing

Provide an option for operator to turn off token
hashing to be performed by horizon.

In some deployment where PKI token format is used
for keystone, token hashing causes issue and results
to 401 error in horizon.

Change-Id: I187b1486db2e453fd49298e1478e30abe97e54fe
Closes-Bug: #1473588

1 files changed, 4 insertions, 2 deletions

diff --git a/openstack_auth/user.py b/openstack_auth/user.py
index 132e37b..77325de 100644
--- a/openstack_auth/user.py
+++ b/openstack_auth/user.py
@@ -23,6 +23,7 @@ from openstack_auth import utils
 
 
 LOG = logging.getLogger(__name__)
+_TOKEN_HASH_ENABLED = getattr(settings, 'OPENSTACK_TOKEN_HASH_ENABLED', True)
 
 
 def set_session_from_user(request, user):
@@ -81,8 +82,9 @@ class Token(object):
         # Token-related attributes
         self.id = auth_ref.auth_token
         self.unscoped_token = unscoped_token
-        if (keystone_cms.is_asn1_token(self.id)
-                or keystone_cms.is_pkiz(self.id)):
+        if (_TOKEN_HASH_ENABLED and
+                (keystone_cms.is_asn1_token(self.id)
+                    or keystone_cms.is_pkiz(self.id))):
             algorithm = getattr(settings, 'OPENSTACK_TOKEN_HASH_ALGORITHM',
                                 'md5')
             hasher = hashlib.new(algorithm)