diff options
author | Jenkins <jenkins@review.openstack.org> | 2013-07-30 02:07:33 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2013-07-30 02:07:33 +0000 |
commit | c21b458081b011089e6819c716e63331f8df0ce4 (patch) | |
tree | cc73d399bbb0cc04751895d4a502984af4664e66 | |
parent | 10fde8e5a61a1f0f0a1388b80a504c5a4290a96f (diff) | |
parent | 7b4fedeed3517a17d32dad820bae2a49dd6c3e1b (diff) | |
download | keystone-c21b458081b011089e6819c716e63331f8df0ce4.tar.gz keystone-c21b458081b011089e6819c716e63331f8df0ce4.tar.xz keystone-c21b458081b011089e6819c716e63331f8df0ce4.zip |
Merge "default token format/provider handling"
-rw-r--r-- | etc/keystone.conf.sample | 6 | ||||
-rw-r--r-- | keystone/common/config.py | 2 | ||||
-rw-r--r-- | keystone/token/provider.py | 4 | ||||
-rw-r--r-- | tests/test_pki_token_provider.conf | 3 | ||||
-rw-r--r-- | tests/test_token_provider.py | 9 | ||||
-rw-r--r-- | tests/test_uuid_token_provider.conf | 3 |
6 files changed, 16 insertions, 11 deletions
diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample index 4c0327cf..a49a9a5e 100644 --- a/etc/keystone.conf.sample +++ b/etc/keystone.conf.sample @@ -128,7 +128,8 @@ # driver = keystone.token.backends.sql.Token # Controls the token construction, validation, and revocation operations. -# provider = keystone.token.providers.pki.Provider +# Core providers are keystone.token.providers.[pki|uuid].Provider +# provider = # Amount of time a token should remain valid (in seconds) # expiration = 86400 @@ -165,7 +166,8 @@ [signing] # Deprecated in favor of provider in the [token] section -#token_format = PKI +# Allowed values are PKI or UUID +#token_format = #certfile = /etc/keystone/pki/certs/signing_cert.pem #keyfile = /etc/keystone/pki/private/signing_key.pem diff --git a/keystone/common/config.py b/keystone/common/config.py index b0a534f8..10c47a35 100644 --- a/keystone/common/config.py +++ b/keystone/common/config.py @@ -240,7 +240,7 @@ def configure(): # signing register_str( - 'token_format', group='signing', default="PKI") + 'token_format', group='signing', default=None) register_str( 'certfile', group='signing', diff --git a/keystone/token/provider.py b/keystone/token/provider.py index 2459f843..2864be6f 100644 --- a/keystone/token/provider.py +++ b/keystone/token/provider.py @@ -77,6 +77,10 @@ class Manager(manager.Manager): 'conflicts with keystone.conf [token] provider')) return CONF.token.provider else: + if not CONF.signing.token_format: + # No token provider and no format, so use default (PKI) + return PKI_PROVIDER + msg = _('keystone.conf [signing] token_format is deprecated in ' 'favor of keystone.conf [token] provider') if CONF.signing.token_format == 'PKI': diff --git a/tests/test_pki_token_provider.conf b/tests/test_pki_token_provider.conf index ec8df231..255972c3 100644 --- a/tests/test_pki_token_provider.conf +++ b/tests/test_pki_token_provider.conf @@ -1,5 +1,2 @@ -[signing] -token_format = PKI - [token] provider = keystone.token.providers.pki.Provider diff --git a/tests/test_token_provider.py b/tests/test_token_provider.py index 1bcf1a21..ac0b0d6b 100644 --- a/tests/test_token_provider.py +++ b/tests/test_token_provider.py @@ -410,11 +410,16 @@ class TestTokenProvider(test.TestCase): self.assertRaises(exception.UnexpectedError, token.provider.Manager.get_token_provider) + def test_uuid_provider(self): + self.opt_in_group('token', provider=token.provider.UUID_PROVIDER) + self.assertEqual(token.provider.Manager.get_token_provider(), + token.provider.UUID_PROVIDER) + def test_provider_override_token_format(self): self.opt_in_group('token', provider='keystone.token.providers.pki.Test') - self.assertRaises(exception.UnexpectedError, - token.provider.Manager.get_token_provider) + self.assertEqual(token.provider.Manager.get_token_provider(), + 'keystone.token.providers.pki.Test') self.opt_in_group('signing', token_format='UUID') self.opt_in_group('token', diff --git a/tests/test_uuid_token_provider.conf b/tests/test_uuid_token_provider.conf index d1ac5fdf..d127ea3b 100644 --- a/tests/test_uuid_token_provider.conf +++ b/tests/test_uuid_token_provider.conf @@ -1,5 +1,2 @@ -[signing] -token_format = UUID - [token] provider = keystone.token.providers.uuid.Provider |