diff options
author | lin-hua-cheng <os.lcheng@gmail.com> | 2015-07-13 15:51:58 -0700 |
---|---|---|
committer | Lin Hua Cheng <os.lcheng@gmail.com> | 2015-07-22 16:35:54 +0000 |
commit | ece924a79d27ede1a8475d7f98e6d66bc3cffd6c (patch) | |
tree | cc6b4d46621eafcc0715388f71f4f3d69afc3793 /openstack_auth | |
parent | ff51ae3a5ee48d3dbdd2f2d5950a3a588de75fc8 (diff) | |
download | django_openstack_auth-ece924a79d27ede1a8475d7f98e6d66bc3cffd6c.tar.gz |
Configurable token hashing
Provide an option for operator to turn off token
hashing to be performed by horizon.
In some deployment where PKI token format is used
for keystone, token hashing causes issue and results
to 401 error in horizon.
Change-Id: I187b1486db2e453fd49298e1478e30abe97e54fe
Closes-Bug: #1473588
Diffstat (limited to 'openstack_auth')
-rw-r--r-- | openstack_auth/user.py | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/openstack_auth/user.py b/openstack_auth/user.py index 132e37b..77325de 100644 --- a/openstack_auth/user.py +++ b/openstack_auth/user.py @@ -23,6 +23,7 @@ from openstack_auth import utils LOG = logging.getLogger(__name__) +_TOKEN_HASH_ENABLED = getattr(settings, 'OPENSTACK_TOKEN_HASH_ENABLED', True) def set_session_from_user(request, user): @@ -81,8 +82,9 @@ class Token(object): # Token-related attributes self.id = auth_ref.auth_token self.unscoped_token = unscoped_token - if (keystone_cms.is_asn1_token(self.id) - or keystone_cms.is_pkiz(self.id)): + if (_TOKEN_HASH_ENABLED and + (keystone_cms.is_asn1_token(self.id) + or keystone_cms.is_pkiz(self.id))): algorithm = getattr(settings, 'OPENSTACK_TOKEN_HASH_ALGORITHM', 'md5') hasher = hashlib.new(algorithm) |