delta/openstack/python-keystoneclient.git/examples/pki/cms, branch 3.17.0 opendev.org: openstack/python-keystoneclient.git Update sample data with audit ids 2015-04-07T03:39:30+00:00 Adam Young ayoung@redhat.com 2015-04-07T03:11:03+00:00 52e4305f386270cdaa9f301bc8831768399abcb8 Change-Id: Ib288b6ff63982fb2cb1e200d2d23798482cfa346 
Change-Id: Ib288b6ff63982fb2cb1e200d2d23798482cfa346
Add data to example data 2015-02-09T19:01:40+00:00 Adam Young ayoung@redhat.com 2015-01-29T23:13:06+00:00 44c1b73b3dce96271afa8dc216b545f403d9bfd0 This commit adds issued_at values, role IDs, and fixes endpoints in the example data. Change-Id: I3e2a2296d08a34331b1afd02126445d0206eea7a 
This commit adds issued_at values, role IDs, and fixes endpoints
in the example data.

Change-Id: I3e2a2296d08a34331b1afd02126445d0206eea7a
Example JSON files should be human-readable 2014-07-22T15:50:21+00:00 Harry Rybacki hrybacki@redhat.com 2014-07-19T21:32:31+00:00 b178fccb732c93f254bed0c7e66e8e0ee4280de9 Change-Id: Ic408dd3935818adbef3ff4baa7c9699e4f07814e 
Change-Id: Ic408dd3935818adbef3ff4baa7c9699e4f07814e
Compressed Signature and Validation 2014-05-09T18:48:17+00:00 Adam Young ayoung@redhat.com 2014-02-05T01:43:07+00:00 3d6d749e6f0fef682a88758e1a2f6c9e8e7bd23c Allows for a new form of document signature. pkiz_sign will take data and encode it in a string that starts with the substring "PKIZ_". This prefix indicates that the data has been: 1) Signed via PKI in Crypto Message Syntax (CMS) in binary (DER) format 2) Compressed using zlib (comparable to gzip) 3) urlsafe-base64 decoded This process is reversed to validate the data. middleware/auth_token.py will be capable of validating Keystone tokens that are marshalled in the new format. The current existing "PKI" tokens will continue to be identified with "MII", issued by default, and validated as well. It will require corresponding changes on the Keystone server to issue the new token format. A separate script for generating the sample data used in the unit tests, examples/pki/gen_cmsz.py, also serves as an example of how to call the API from Python code. Some of the sample data for the old tests had to be regenerated. A stray comma in one of the JSON files made for non-parsing JSON. Blueprint: compress-tokens Closes-Bug: #1255321 Change-Id: Ia9a66ba3742da0bcd58c4c096b28cc8a66ad6569 
Allows for a new form of document signature.

pkiz_sign will take data and encode it in a string that starts with
the substring  "PKIZ_".  This prefix indicates that the data has been:
1) Signed via PKI in Crypto Message Syntax (CMS) in binary (DER) format
2) Compressed using zlib (comparable to gzip)
3) urlsafe-base64 decoded

This process is reversed to validate the data.

middleware/auth_token.py will be capable of validating Keystone
tokens that are marshalled in the new format.  The current existing
"PKI" tokens will continue to be identified with "MII", issued by
default, and validated as well.  It will require corresponding changes
on the Keystone server to issue the new token format.

A separate script for generating the sample
data used in the unit tests,
examples/pki/gen_cmsz.py,
also serves as an example of how to
call the API from Python code.

Some of the sample data for the old tests had to be regenerated. A
stray comma in one of the JSON files made for non-parsing JSON.

Blueprint: compress-tokens
Closes-Bug: #1255321

Change-Id: Ia9a66ba3742da0bcd58c4c096b28cc8a66ad6569
Fix the catalog format of a sample token 2014-04-22T01:44:45+00:00 Jamie Lennox jamielennox@redhat.com 2014-04-22T01:44:45+00:00 daf0b2f409c3f03868f2e47be407859860443c84 This token is used for auth_token testing and is a valid v3 token other than the catalog which is in v2 format. Convert the catalog to V3 format. Whilst there pretty print the token so we can more easily see what's happening. Change-Id: I893ea6e76f3fcc20b13b331911d7b8288b98991d 
This token is used for auth_token testing and is a valid v3 token other
than the catalog which is in v2 format.

Convert the catalog to V3 format. Whilst there pretty print the token so
we can more easily see what's happening.

Change-Id: I893ea6e76f3fcc20b13b331911d7b8288b98991d
Add 'methods' to all v3 test tokens 2014-03-11T19:55:11+00:00 Jamie Lennox jamielennox@redhat.com 2014-02-20T08:04:46+00:00 162c6e2fa1387b5fe03c69ff9bbb831041643d59 methods is a required field of v3 tokens but none of the sample tokens have them. This field is required for determining the difference between a v2 and a v3 AccessInfo object. Change-Id: I4d45e90f24eeb2f35451549771ad999628619c20 
methods is a required field of v3 tokens but none of the sample tokens
have them. This field is required for determining the difference between
a v2 and a v3 AccessInfo object.

Change-Id: I4d45e90f24eeb2f35451549771ad999628619c20
Set example timestamps to 2038-01-18T21:14:07Z 2013-09-13T16:43:35+00:00 Dolph Mathews dolph.mathews@gmail.com 2013-09-13T16:29:49+00:00 2fdbcbd06cfa6fd4348bc3752554331651717c87 This timestamp is the last possible moment that can be represented on 32-bit systems as an integer. As a consequence of revising the JSON examples, the corresponding PEM files must be re-generated as well. Change-Id: Ic6014c08b4545db036605beef1e6a8829ed347c4 Related-Bug: 1190054 Related-Bug: 1225084 
This timestamp is the last possible moment that can be represented on
32-bit systems as an integer.

As a consequence of revising the JSON examples, the corresponding PEM
files must be re-generated as well.

Change-Id: Ic6014c08b4545db036605beef1e6a8829ed347c4
Related-Bug: 1190054
Related-Bug: 1225084
Raise key length defaults 2013-07-09T15:42:50+00:00 Dirk Mueller dirk@dmllr.de 2013-07-09T15:04:55+00:00 3f1415026b2d1d00f71a906c84846ba56af1b56a Extend RSA keylength to 2048 bits by default, as the previous default of 1024 bit is considered weak since 12/31/2010. Also unify the message_md to the openssl builtin default. Fixes bug 1103002 Change-Id: I619fc32b62beab4458ee6f21bf8dc7499fe400d7 
Extend RSA keylength to 2048 bits by default,
as the previous default of 1024 bit is considered
weak since 12/31/2010.

Also unify the message_md to the openssl builtin
default.

Fixes bug 1103002

Change-Id: I619fc32b62beab4458ee6f21bf8dc7499fe400d7
Check Expiry 2013-05-28T14:47:54+00:00 Adam Young ayoung@redhat.com 2013-05-28T13:50:51+00:00 8fe7a822d3fd9f435bb4a73a838b380659196cf7 Explicitly checks the expiry on the tokens, and rejects tokens that have expired had to regenerate the sample data for the tokens as they all had been generated with values that are now expired. bug 1179615 Change-Id: Ie06500d446f55fd0ad67ea540c92d8cfc57483f4 
Explicitly checks the expiry on the tokens, and rejects tokens that
have expired

had to regenerate the sample data for the tokens as they all had been
generated with values that are now expired.

bug 1179615

Change-Id: Ie06500d446f55fd0ad67ea540c92d8cfc57483f4
Fix v3 with UUID and memcache expiring. 2013-04-03T09:45:44+00:00 Chmouel Boudjnah chmouel@enovance.com 2013-03-12T15:54:51+00:00 3ce7017c7aba358158296f992ed4b594f0958834 - Regenerate tokens to change expires in expires_at. Change-Id: Iaa62dca50d34a228e4850b59d263b807c5ee3549 
- Regenerate tokens to change expires in expires_at.

Change-Id: Iaa62dca50d34a228e4850b59d263b807c5ee3549