diff options
author | Dolph Mathews <dolph.mathews@gmail.com> | 2013-03-21 11:45:03 -0500 |
---|---|---|
committer | Dolph Mathews <dolph.mathews@gmail.com> | 2013-03-21 13:43:40 -0500 |
commit | d8341972467586d4621b4a3323414532195acf55 (patch) | |
tree | 26c163451431d2d71b250892eb681bfa05f3c8d9 /keystone/auth | |
parent | 4b8cab7b3753ba3de9f93175636858555d575be6 (diff) | |
download | keystone-d8341972467586d4621b4a3323414532195acf55.tar.gz keystone-d8341972467586d4621b4a3323414532195acf55.tar.xz keystone-d8341972467586d4621b4a3323414532195acf55.zip |
Move trusts to extension
Change-Id: I32b32fc5df8d8483ae8e99067f0655c13c6f520b
Diffstat (limited to 'keystone/auth')
-rw-r--r-- | keystone/auth/controllers.py | 9 | ||||
-rw-r--r-- | keystone/auth/token_factory.py | 2 |
2 files changed, 6 insertions, 5 deletions
diff --git a/keystone/auth/controllers.py b/keystone/auth/controllers.py index 66ff6230..1ab9de03 100644 --- a/keystone/auth/controllers.py +++ b/keystone/auth/controllers.py @@ -171,9 +171,9 @@ class AuthInfo(object): return if sum(['project' in self.auth['scope'], 'domain' in self.auth['scope'], - 'trust' in self.auth['scope']]) != 1: + 'RH-TRUST:trust' in self.auth['scope']]) != 1: raise exception.ValidationError( - attribute='project, domain, or trust', + attribute='project, domain, or RH-TRUST:trust', target='scope') if 'project' in self.auth['scope']: @@ -182,10 +182,11 @@ class AuthInfo(object): elif 'domain' in self.auth['scope']: domain_ref = self._lookup_domain(self.auth['scope']['domain']) self._scope_data = (domain_ref['id'], None, None) - elif 'trust' in self.auth['scope']: + elif 'RH-TRUST:trust' in self.auth['scope']: if not CONF.trust.enabled: raise exception.Forbidden('Trusts are disabled.') - trust_ref = self._lookup_trust(self.auth['scope']['trust']) + trust_ref = self._lookup_trust( + self.auth['scope']['RH-TRUST:trust']) #TODO ayoung when trusts support domain, Fill in domain data here if 'project_id' in trust_ref: project_ref = self._lookup_project( diff --git a/keystone/auth/token_factory.py b/keystone/auth/token_factory.py index c16d88dd..430c442a 100644 --- a/keystone/auth/token_factory.py +++ b/keystone/auth/token_factory.py @@ -114,7 +114,7 @@ class TokenDataHelper(object): raise exception.Forbidden() if trust['impersonation']: user_ref = trustor_user_ref - token_data['trust'] = ( + token_data['RH-TRUST:trust'] = ( { 'id': trust['id'], 'trustor_user': {'id': trust['trustor_user_id']}, |