delta/openstack/python-keystoneclient.git/keystoneclient, branch 1.0.0 opendev.org: openstack/python-keystoneclient.git Merge "Take plugin params from ENV rather than default" 2014-12-18T14:05:00+00:00 Jenkins jenkins@review.openstack.org 2014-12-18T14:05:00+00:00 10860db5f155052ca0d353ce9058e1c16eec8437 






Merge "get_endpoint should return the override"
2014-12-18T14:00:15+00:00

Jenkins
jenkins@review.openstack.org

2014-12-18T14:00:15+00:00

6c1a9b49dc2ffcaa743ebf866c7281622ffad8ad












Merge "Log the CA cert with the debug statement"
2014-12-11T23:49:24+00:00

Jenkins
jenkins@review.openstack.org

2014-12-11T23:49:24+00:00

b9f17e3bbbd901abfafba9fca867bf106ac59478












Merge "Expose version matching functions to the public"
2014-12-11T22:29:24+00:00

Jenkins
jenkins@review.openstack.org

2014-12-11T22:29:24+00:00

bfbc1a9bfe5c68e5e63ff780da6f4477ad484acf












Merge "Add missing user-id option to generic.Password"
2014-12-11T00:08:17+00:00

Jenkins
jenkins@review.openstack.org

2014-12-11T00:08:17+00:00

9eec63c3b64f31759017406227b5110735be60c6












Merge "duplicate auth-url option returned by BaseGenericPlugin"
2014-12-11T00:07:53+00:00

Jenkins
jenkins@review.openstack.org

2014-12-11T00:07:53+00:00

05f146c2b8cc83158973f51ef70f15b8ad154ba4












Expose version matching functions to the public
2014-12-10T06:15:47+00:00

Jamie Lennox
jamielennox@redhat.com

2014-10-21T15:18:40+00:00

ff1c0e1347ddb3f07103c238b642f78780f80022

The functions to match a version or convert a string version number into
a tuple have shown to be useful in at least auth_token middleware. I
think this is also better as _discover should really only be a shadow
for the discover file because of the circular dependency problems.
_discover shouldn't really need to be used even within client.

Closes-Bug: #1400998
Change-Id: Icf700c30d01e0700e437437a23e63a7f100ce4d3





The functions to match a version or convert a string version number into
a tuple have shown to be useful in at least auth_token middleware. I
think this is also better as _discover should really only be a shadow
for the discover file because of the circular dependency problems.
_discover shouldn't really need to be used even within client.

Closes-Bug: #1400998
Change-Id: Icf700c30d01e0700e437437a23e63a7f100ce4d3







Take plugin params from ENV rather than default
2014-12-09T23:44:57+00:00

Jamie Lennox
jamielennox@redhat.com

2014-10-31T12:58:39+00:00

b78dc19d9b47f3347a99394ee839c02f5127a986

The way the argparse options were being structured, if there was a
default value set on the option it would use this value as the default
and not check the environment variables.

This is wrong, we expect the environment variables to be used and the
default value to be the final fallback.

Change-Id: Ifbd68c9de329c2e0c70824ba873caa579e8e86d0
Closes-Bug: #1388076





The way the argparse options were being structured, if there was a
default value set on the option it would use this value as the default
and not check the environment variables.

This is wrong, we expect the environment variables to be used and the
default value to be the final fallback.

Change-Id: Ifbd68c9de329c2e0c70824ba873caa579e8e86d0
Closes-Bug: #1388076







Project ID in OAuth headers was missing
2014-12-08T05:14:32+00:00

Steve Martinelli
stevemar@ca.ibm.com

2014-11-13T21:24:29+00:00

a60978ed73227f6087ddad6a024e0a04255e35c5

If running Keystone under Apache with mod_wsgi, the extra
headers were not being passed forward. These headers include:
i) the Requested_Project_Id header, and ii) The Authorization
headers with the oauth values.

For i) we have to rename the header to use dashes (-), and not
underscores (_), since mod_wsgi does not propogate the header
otherwise. For ii) we need to add `WSGIPassAuthorization On`
in the keystone vhost file. This should be done on the server
side.

For more info see note #2 here:
http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.3.0.html#bugs-fixed

Closes-Bug: #1392584
Change-Id: Id84e883b357408d25797155a72119f4c9898ca76





If running Keystone under Apache with mod_wsgi, the extra
headers were not being passed forward. These headers include:
i) the Requested_Project_Id header, and ii) The Authorization
headers with the oauth values.

For i) we have to rename the header to use dashes (-), and not
underscores (_), since mod_wsgi does not propogate the header
otherwise. For ii) we need to add `WSGIPassAuthorization On`
in the keystone vhost file. This should be done on the server
side.

For more info see note #2 here:
http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.3.0.html#bugs-fixed

Closes-Bug: #1392584
Change-Id: Id84e883b357408d25797155a72119f4c9898ca76







get_endpoint should return the override
2014-12-07T23:08:31+00:00

Jamie Lennox
jamielennox@redhat.com

2014-10-28T12:25:18+00:00

6b0fd667ce8ab213c7748e8e9e91b2f0c32b41f2

If your adapter has an endpoint_override set then this value will be
consumed by session and used in preference to whatever you give to
endpoint_filter.

This means that if you ask the adapter for the endpoint it is going to
use to query a URL you expect to get back the override because this is
where it will be sent.

Closes-Bug: #1400174
Change-Id: I707e549a4fa349d0e9a0bdac61a2573aa2e5b434





If your adapter has an endpoint_override set then this value will be
consumed by session and used in preference to whatever you give to
endpoint_filter.

This means that if you ask the adapter for the endpoint it is going to
use to query a URL you expect to get back the override because this is
where it will be sent.

Closes-Bug: #1400174
Change-Id: I707e549a4fa349d0e9a0bdac61a2573aa2e5b434