Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-keystonemiddleware for
openSUSE:Factory checked in at 2023-03-21 17:40:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-keystonemiddleware (Old)
and /work/SRC/openSUSE:Factory/.python-keystonemiddleware.new.31432 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-keystonemiddleware"
Tue Mar 21 17:40:53 2023 rev:15 rq:1073020 version:10.2.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-keystonemiddleware/python-keystonemiddleware.changes
2022-08-11 18:31:58.090212523 +0200
+++
/work/SRC/openSUSE:Factory/.python-keystonemiddleware.new.31432/python-keystonemiddleware.changes
2023-03-21 17:40:53.565647955 +0100
@@ -1,0 +2,16 @@
+Mon Mar 6 15:55:47 UTC 2023 - [email protected]
+
+- update to version 10.2.0
+ - Update python testing as per zed cycle teting runtime
+ - Bump tox minversion to 3.18.0
+ - Fix logging notifier unit test
+ - setup.cfg: Replace dashes by underscores
+ - Remove translation sections from setup.cfg
+ - Update Python 3 job template
+ - Remove cache invalidation when using expired token
+ - OAuth2.0 Client Credentials Grant Flow Support
+ - Fix pep8 gate
+ - Remove references to 'sys.version_info'
+ - Imported Translations from Zanata
+
+-------------------------------------------------------------------
Old:
----
keystonemiddleware-9.5.0.tar.gz
New:
----
keystonemiddleware-10.2.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-keystonemiddleware.spec ++++++
--- /var/tmp/diff_new_pack.RXkUjb/_old 2023-03-21 17:40:54.233651150 +0100
+++ /var/tmp/diff_new_pack.RXkUjb/_new 2023-03-21 17:40:54.253651246 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-keystonemiddleware
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,13 +17,13 @@
Name: python-keystonemiddleware
-Version: 9.5.0
+Version: 10.2.0
Release: 0
Summary: Middleware for OpenStack Identity
License: Apache-2.0
Group: Development/Languages/Python
URL: https://docs.openstack.org/keystonemiddleware
-Source0:
https://files.pythonhosted.org/packages/source/k/keystonemiddleware/keystonemiddleware-9.5.0.tar.gz
+Source0:
https://files.pythonhosted.org/packages/source/k/keystonemiddleware/keystonemiddleware-10.2.0.tar.gz
BuildRequires: openstack-macros
BuildRequires: python3-WebOb >= 1.7.1
BuildRequires: python3-WebTest
@@ -91,7 +91,7 @@
Documentation for Middleware for OpenStack Identity.
%prep
-%autosetup -p1 -n keystonemiddleware-9.5.0
+%autosetup -p1 -n keystonemiddleware-10.2.0
%py_req_cleanup
%build
@@ -108,7 +108,7 @@
%check
rm -v keystonemiddleware/tests/unit/audit/test_logging_notifier.py
-python3 -m stestr.cli run
+%{openstack_stestr_run}
%files -n python3-keystonemiddleware
%license LICENSE
++++++ keystonemiddleware-9.5.0.tar.gz -> keystonemiddleware-10.2.0.tar.gz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-9.5.0/.zuul.yaml
new/keystonemiddleware-10.2.0/.zuul.yaml
--- old/keystonemiddleware-9.5.0/.zuul.yaml 2022-05-20 14:32:24.000000000
+0200
+++ new/keystonemiddleware-10.2.0/.zuul.yaml 2023-01-06 17:20:38.000000000
+0100
@@ -1,7 +1,7 @@
- project:
templates:
- openstack-cover-jobs
- - openstack-python3-ussuri-jobs
+ - openstack-python3-zed-jobs
- publish-openstack-docs-pti
- check-requirements
- lib-forward-testing-python3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-9.5.0/AUTHORS
new/keystonemiddleware-10.2.0/AUTHORS
--- old/keystonemiddleware-9.5.0/AUTHORS 2022-05-20 14:33:03.000000000
+0200
+++ new/keystonemiddleware-10.2.0/AUTHORS 2023-01-06 17:21:05.000000000
+0100
@@ -14,6 +14,7 @@
Anthony Young <[email protected]>
Artem Vasilyev <[email protected]>
Arun Kant <[email protected]>
+Ayumu Ueha <[email protected]>
Ben Nemec <[email protected]>
Bernhard M. Wiedemann <[email protected]>
Boris Bobrov <[email protected]>
@@ -47,6 +48,7 @@
Daniel Gollub <[email protected]>
Davanum Srinivas <[email protected]>
Dave Chen <[email protected]>
+Dave Wilde <[email protected]>
David Höppner <[email protected]>
David Olorundare <[email protected]>
David Stanek <[email protected]>
@@ -93,6 +95,7 @@
Joe Heck <[email protected]>
Joel Friedly <[email protected]>
John Dennis <[email protected]>
+Jorge Merlino <[email protected]>
Julien Danjou <[email protected]>
Kevin Benton <[email protected]>
Kevin L. Mitchell <[email protected]>
@@ -175,6 +178,7 @@
Yaguang Tang <[email protected]>
Yang Youseok <[email protected]>
Yatin Kumbhare <[email protected]>
+Yi Feng <[email protected]>
Zhenguo Niu <[email protected]>
Zhi Yan Liu <[email protected]>
ZhiQiang Fan <[email protected]>
@@ -185,6 +189,7 @@
ankita_wagh <[email protected]>
ayoung <[email protected]>
bhagyashris <[email protected]>
+dengzhaosen <[email protected]>
gordon chung <[email protected]>
guang-yee <[email protected]>
guang-yee <[email protected]>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-9.5.0/ChangeLog
new/keystonemiddleware-10.2.0/ChangeLog
--- old/keystonemiddleware-9.5.0/ChangeLog 2022-05-20 14:33:02.000000000
+0200
+++ new/keystonemiddleware-10.2.0/ChangeLog 2023-01-06 17:21:04.000000000
+0100
@@ -1,9 +1,35 @@
CHANGES
=======
+10.2.0
+------
+
+* Remove cache invalidation when using expired token
+* Fix pep8 gate
+* Imported Translations from Zanata
+
+10.1.0
+------
+
+* OAuth2.0 Client Credentials Grant Flow Support
+
+10.0.1
+------
+
+* Fix logging notifier unit test
+* Bump tox minversion to 3.18.0
+* Imported Translations from Zanata
+
+10.0.0
+------
+
+* setup.cfg: Replace dashes by underscores
+* Update python testing as per zed cycle teting runtime
+
9.5.0
-----
+* Update Python 3 job template
* Drop lower-constraints.txt and its testing
* Update master for stable/yoga
@@ -15,6 +41,7 @@
* Update master for stable/wallaby
* Update master for stable/victoria
* Add oslo.config.opts entrypoint for audit middleware options
+* Remove references to 'sys.version\_info'
9.3.0
-----
@@ -34,6 +61,7 @@
* Imported Translations from Zanata
* Change the default Identity endpoint to internal
* Switch to newer openstackdocstheme and reno versions
+* Remove translation sections from setup.cfg
* Use unittest.mock instead of third party mock
* Update master for stable/ussuri
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-9.5.0/PKG-INFO
new/keystonemiddleware-10.2.0/PKG-INFO
--- old/keystonemiddleware-9.5.0/PKG-INFO 2022-05-20 14:33:03.178202600
+0200
+++ new/keystonemiddleware-10.2.0/PKG-INFO 2023-01-06 17:21:05.225156300
+0100
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: keystonemiddleware
-Version: 9.5.0
+Version: 10.2.0
Summary: Middleware for OpenStack Identity
Home-page: https://docs.openstack.org/keystonemiddleware/latest/
Author: OpenStack
@@ -54,7 +54,9 @@
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.6
-Classifier: Programming Language :: Python :: 3.7
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Requires-Python: >=3.8
Provides-Extra: audit_notifications
Provides-Extra: test
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-9.5.0/babel.cfg
new/keystonemiddleware-10.2.0/babel.cfg
--- old/keystonemiddleware-9.5.0/babel.cfg 2022-05-20 14:32:24.000000000
+0200
+++ new/keystonemiddleware-10.2.0/babel.cfg 1970-01-01 01:00:00.000000000
+0100
@@ -1,3 +0,0 @@
-[python: **.py]
-
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware/auth_token/__init__.py
new/keystonemiddleware-10.2.0/keystonemiddleware/auth_token/__init__.py
--- old/keystonemiddleware-9.5.0/keystonemiddleware/auth_token/__init__.py
2022-05-20 14:32:24.000000000 +0200
+++ new/keystonemiddleware-10.2.0/keystonemiddleware/auth_token/__init__.py
2023-01-06 17:20:38.000000000 +0100
@@ -245,7 +245,6 @@
_LOG = logging.getLogger(__name__)
-_CACHE_INVALID_INDICATOR = 'invalid'
oslo_cache.configure(cfg.CONF)
AUTH_TOKEN_OPTS = [
@@ -736,10 +735,6 @@
cached = self._token_cache.get(token)
if cached:
- if cached == _CACHE_INVALID_INDICATOR:
- self.log.debug('Cached token is marked unauthorized')
- raise ksm_exceptions.InvalidToken()
-
# NOTE(jamielennox): Cached values used to be stored as a tuple
# of data and expiry time. They no longer are but we have to
# allow some time to transition the old format so if it's a
@@ -769,7 +764,6 @@
'The Keystone service is temporarily unavailable.')
except ksm_exceptions.InvalidToken:
self.log.debug('Token validation failure.', exc_info=True)
- self._token_cache.set(token, _CACHE_INVALID_INDICATOR)
self.log.warning('Authorization failed for token')
raise
except ksa_exceptions.EndpointNotFound:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware/oauth2_token.py
new/keystonemiddleware-10.2.0/keystonemiddleware/oauth2_token.py
--- old/keystonemiddleware-9.5.0/keystonemiddleware/oauth2_token.py
1970-01-01 01:00:00.000000000 +0100
+++ new/keystonemiddleware-10.2.0/keystonemiddleware/oauth2_token.py
2023-01-06 17:20:38.000000000 +0100
@@ -0,0 +1,103 @@
+# Copyright 2022 OpenStack Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import webob
+
+from oslo_log import log as logging
+from oslo_serialization import jsonutils
+
+from keystonemiddleware.auth_token import _user_plugin
+from keystonemiddleware.auth_token import AuthProtocol
+from keystonemiddleware import exceptions
+from keystonemiddleware.i18n import _
+
+
+_LOG = logging.getLogger(__name__)
+
+
+class OAuth2Protocol(AuthProtocol):
+ """Middleware that handles OAuth2.0 client credentials authentication."""
+
+ def __init__(self, app, conf):
+ log = logging.getLogger(conf.get('log_name', __name__))
+ log.info('Starting Keystone oauth2_token middleware')
+ super(OAuth2Protocol, self).__init__(app, conf)
+
+ def _is_valid_access_token(self, request):
+ """Check if the request contains an OAuth2.0 access token.
+
+ :param request: Incoming request
+ :type request: _request.AuthTokenRequest
+ """
+ access_token = None
+ if (request.authorization and
+ request.authorization.authtype == 'Bearer'):
+ access_token = request.authorization.params
+
+ if access_token:
+ try:
+ token_data, user_auth_ref = self._do_fetch_token(
+ access_token, allow_expired=False)
+ self._validate_token(user_auth_ref,
+ allow_expired=False)
+ token = token_data['token']
+ self.validate_allowed_request(request, token)
+ self._confirm_token_bind(user_auth_ref, request)
+ request.token_info = token_data
+ request.token_auth = _user_plugin.UserAuthPlugin(
+ user_auth_ref, None)
+ return True
+ except exceptions.KeystoneMiddlewareException as err:
+ _LOG.info('Invalid OAuth2.0 access token: %s' % str(err))
+ return False
+
+ def process_request(self, request):
+ """Process request.
+
+ :param request: Incoming request
+ :type request: _request.AuthTokenRequest
+ """
+ request.remove_auth_headers()
+ self._token_cache.initialize(request.environ)
+ if (not self._is_valid_access_token(request)
+ or "keystone.token_info" not in request.environ
+ or "token" not in request.environ["keystone.token_info"]):
+ _LOG.info('Rejecting request')
+ message = _('The request you have made requires authentication.')
+ body = {'error': {
+ 'code': 401,
+ 'title': 'Unauthorized',
+ 'message': message,
+ }}
+ raise webob.exc.HTTPUnauthorized(
+ body=jsonutils.dumps(body),
+ headers=self._reject_auth_headers,
+ charset='UTF-8',
+ content_type='application/json')
+
+ request.set_user_headers(request.token_auth.user)
+ request.set_service_catalog_headers(request.token_auth.user)
+ request.token_auth._auth = self._auth
+ request.token_auth._session = self._session
+
+
+def filter_factory(global_conf, **local_conf):
+ """Return a WSGI filter app for use with paste.deploy."""
+ conf = global_conf.copy()
+ conf.update(local_conf)
+
+ def auth_filter(app):
+ return OAuth2Protocol(app, conf)
+
+ return auth_filter
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware/tests/unit/audit/test_logging_notifier.py
new/keystonemiddleware-10.2.0/keystonemiddleware/tests/unit/audit/test_logging_notifier.py
---
old/keystonemiddleware-9.5.0/keystonemiddleware/tests/unit/audit/test_logging_notifier.py
2022-05-20 14:32:24.000000000 +0200
+++
new/keystonemiddleware-10.2.0/keystonemiddleware/tests/unit/audit/test_logging_notifier.py
2023-01-06 17:20:38.000000000 +0100
@@ -27,6 +27,8 @@
super(TestLoggingNotifier, self).setUp()
def test_api_request_no_messaging(self):
+ self.cfg.config(use_oslo_messaging=False,
+ group='audit_middleware_notifications')
app = self.create_simple_app()
with mock.patch('keystonemiddleware.audit._LOG.info') as log:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
new/keystonemiddleware-10.2.0/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
---
old/keystonemiddleware-9.5.0/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
2022-05-20 14:32:24.000000000 +0200
+++
new/keystonemiddleware-10.2.0/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
2023-01-06 17:20:38.000000000 +0100
@@ -595,25 +595,6 @@
token = 'invalid-token'
self.call_middleware(headers={'X-Auth-Token': token},
expected_status=401)
- self.assertEqual(auth_token._CACHE_INVALID_INDICATOR,
- self._get_cached_token(token))
-
- def test_memcache_hit_invalid_token(self):
- token = 'invalid-token'
- invalid_uri = '%s/v3/tokens/invalid-token' % BASE_URI
- self.requests_mock.get(invalid_uri, status_code=404)
-
- # Call once to cache token's invalid state; verify it cached as such
- self.call_middleware(headers={'X-Auth-Token': token},
- expected_status=401)
- self.assertEqual(auth_token._CACHE_INVALID_INDICATOR,
- self._get_cached_token(token))
-
- # Call again for a cache hit; verify it detected as cached and invalid
- self.call_middleware(headers={'X-Auth-Token': token},
- expected_status=401)
- self.assertIn('Cached token is marked unauthorized',
- self.logger.output)
def test_memcache_set_expired(self, extra_conf={}, extra_environ={}):
token_cache_time = 10
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware/tests/unit/test_oauth2_token_middleware.py
new/keystonemiddleware-10.2.0/keystonemiddleware/tests/unit/test_oauth2_token_middleware.py
---
old/keystonemiddleware-9.5.0/keystonemiddleware/tests/unit/test_oauth2_token_middleware.py
1970-01-01 01:00:00.000000000 +0100
+++
new/keystonemiddleware-10.2.0/keystonemiddleware/tests/unit/test_oauth2_token_middleware.py
2023-01-06 17:20:38.000000000 +0100
@@ -0,0 +1,298 @@
+# Copyright 2022 OpenStack Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import fixtures
+import logging
+import six
+import testresources
+import uuid
+import webob.dec
+
+from oslo_config import cfg
+from six.moves import http_client
+
+from keystoneauth1 import exceptions as ksa_exceptions
+
+from keystonemiddleware import oauth2_token
+from keystonemiddleware.tests.unit.auth_token import base
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import BASE_URI
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import ENDPOINT_NOT_FOUND_TOKEN
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import ERROR_TOKEN
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import FAKE_ADMIN_TOKEN
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import FAKE_ADMIN_TOKEN_ID
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware\
+ import FakeApp
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import FakeOsloCache
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import request_timeout_response
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import TIMEOUT_TOKEN
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import v3FakeApp
+from keystonemiddleware.tests.unit.auth_token.test_auth_token_middleware \
+ import VERSION_LIST_v3
+from keystonemiddleware.tests.unit import client_fixtures
+from keystonemiddleware.tests.unit import utils
+
+
+def get_authorization_header(token):
+ return {'Authorization': f'Bearer {token}'}
+
+
+class FakeOauth2TokenV3App(v3FakeApp):
+
+ @webob.dec.wsgify
+ def __call__(self, req):
+ resp = webob.Response()
+ resp.body = FakeApp.SUCCESS
+ return resp
+
+
+class BaseOauth2TokenMiddlewareTest(base.BaseAuthTokenTestCase):
+
+ def setUp(self, expected_env=None, auth_version=None, fake_app=None):
+ cfg.CONF.clear()
+ super(BaseOauth2TokenMiddlewareTest, self).setUp()
+
+ self.logger = self.useFixture(fixtures.FakeLogger(level=logging.DEBUG))
+ self.useFixture(fixtures.MockPatchObject(oauth2_token.OAuth2Protocol,
+ '_create_oslo_cache',
+ return_value=FakeOsloCache))
+ self.expected_env = expected_env or dict()
+ self.fake_app = fake_app or FakeApp
+ self.middleware = None
+
+ self.conf = {
+ 'identity_uri': 'https://keystone.example.com:1234/testadmin/',
+ 'auth_version': auth_version,
+ 'www_authenticate_uri': 'https://keystone.example.com:1234',
+ 'admin_user': uuid.uuid4().hex,
+ }
+ self.auth_version = auth_version
+
+ def call_middleware(self, **kwargs):
+ return self.call(self.middleware, **kwargs)
+
+ def set_middleware(self, expected_env=None, conf=None):
+ """Configure the class ready to call the oauth2_token middleware.
+
+ Set up the various fake items needed to run the middleware.
+ Individual tests that need to further refine these can call this
+ function to override the class defaults.
+
+ """
+ if conf:
+ self.conf.update(conf)
+
+ if expected_env:
+ self.expected_env.update(expected_env)
+ self.middleware = oauth2_token.OAuth2Protocol(
+ self.fake_app(self.expected_env), self.conf)
+
+ def call(self, middleware, method='GET', path='/', headers=None,
+ expected_status=http_client.OK,
+ expected_body_string=None):
+ req = webob.Request.blank(path)
+ req.method = method
+
+ for k, v in (headers or {}).items():
+ req.headers[k] = v
+
+ resp = req.get_response(middleware)
+ self.assertEqual(expected_status, resp.status_int)
+ if expected_body_string:
+ self.assertIn(expected_body_string, six.text_type(resp.body))
+ resp.request = req
+ return resp
+
+
+class Oauth2TokenMiddlewareTest(BaseOauth2TokenMiddlewareTest,
+ testresources.ResourcedTestCase):
+
+ resources = [('examples', client_fixtures.EXAMPLES_RESOURCE)]
+
+ def setUp(self):
+ super(Oauth2TokenMiddlewareTest, self).setUp(
+ auth_version='v3.0',
+ fake_app=FakeOauth2TokenV3App)
+ self.requests_mock.post('%s/v2.0/tokens' % BASE_URI,
+ text=FAKE_ADMIN_TOKEN)
+ self.requests_mock.get(BASE_URI,
+ json=VERSION_LIST_v3,
+ status_code=300)
+ self.requests_mock.get('%s/v3/auth/tokens' % BASE_URI,
+ text=self.token_response,
+ headers={'X-Subject-Token': uuid.uuid4().hex})
+ self.set_middleware()
+
+ def token_response(self, request, context):
+ auth_id = request.headers.get('X-Auth-Token')
+ token_id = request.headers.get('X-Subject-Token')
+ self.assertEqual(auth_id, FAKE_ADMIN_TOKEN_ID)
+
+ if token_id == ERROR_TOKEN:
+ msg = "Network connection refused."
+ raise ksa_exceptions.ConnectFailure(msg)
+ if token_id == ENDPOINT_NOT_FOUND_TOKEN:
+ raise ksa_exceptions.EndpointNotFound()
+ if token_id == TIMEOUT_TOKEN:
+ request_timeout_response(request, context)
+
+ try:
+ response = self.examples.JSON_TOKEN_RESPONSES[token_id]
+ except KeyError:
+ response = ""
+ context.status_code = 404
+
+ return response
+
+ def test_app_cred_token_without_access_rules(self):
+ self.set_middleware(conf={'service_type': 'compute'})
+ token = self.examples.v3_APP_CRED_TOKEN
+ token_data = self.examples.TOKEN_RESPONSES[token]
+ resp = self.call_middleware(headers=get_authorization_header(token))
+ self.assertEqual(FakeApp.SUCCESS, resp.body)
+ token_auth = resp.request.environ['keystone.token_auth']
+ self.assertEqual(token_data.application_credential_id,
+ token_auth.user.application_credential_id)
+
+ def test_app_cred_access_rules_token(self):
+ self.set_middleware(conf={'service_type': 'compute'})
+ token = self.examples.v3_APP_CRED_ACCESS_RULES
+ token_data = self.examples.TOKEN_RESPONSES[token]
+ resp = self.call_middleware(headers=get_authorization_header(token),
+ expected_status=200,
+ method='GET', path='/v2.1/servers')
+ token_auth = resp.request.environ['keystone.token_auth']
+ self.assertEqual(token_data.application_credential_id,
+ token_auth.user.application_credential_id)
+ self.assertEqual(token_data.application_credential_access_rules,
+ token_auth.user.application_credential_access_rules)
+ resp = self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET',
+ path='/v2.1/servers/someuuid')
+ self.assertEqual(token_data.application_credential_id,
+ token_auth.user.application_credential_id)
+ self.assertEqual(token_data.application_credential_access_rules,
+ token_auth.user.application_credential_access_rules)
+
+ def test_app_cred_no_access_rules_token(self):
+ self.set_middleware(conf={'service_type': 'compute'})
+ token = self.examples.v3_APP_CRED_EMPTY_ACCESS_RULES
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET', path='/v2.1/servers')
+
+ def test_app_cred_matching_rules(self):
+ self.set_middleware(conf={'service_type': 'compute'})
+ token = self.examples.v3_APP_CRED_MATCHING_RULES
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=200,
+ method='GET', path='/v2.1/servers/foobar')
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET', path='/v2.1/servers/foobar/barfoo')
+ self.set_middleware(conf={'service_type': 'image'})
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=200,
+ method='GET', path='/v2/images/foobar')
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET', path='/v2/images/foobar/barfoo')
+ self.set_middleware(conf={'service_type': 'identity'})
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=200,
+ method='GET',
+ path='/v3/projects/123/users/456/roles/member')
+ self.set_middleware(conf={'service_type': 'block-storage'})
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=200,
+ method='GET', path='/v3/123/types/456')
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET', path='/v3/123/types')
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET', path='/v2/123/types/456')
+ self.set_middleware(conf={'service_type': 'object-store'})
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=200,
+ method='GET', path='/v1/1/2/3')
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET', path='/v1/1/2')
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET', path='/v2/1/2')
+ self.call_middleware(headers=get_authorization_header(token),
+ expected_status=401,
+ method='GET', path='/info')
+
+ def test_request_no_token(self):
+ resp = self.call_middleware(expected_status=401)
+ self.assertEqual('Keystone uri="https://keystone.example.com:1234";',
+ resp.headers['WWW-Authenticate'])
+
+ def test_request_blank_token(self):
+ resp = self.call_middleware(headers=get_authorization_header(''),
+ expected_status=401)
+ self.assertEqual('Keystone uri="https://keystone.example.com:1234";',
+ resp.headers['WWW-Authenticate'])
+
+ def test_request_not_app_cred_token(self):
+ self.call_middleware(
+ headers=get_authorization_header(
+ self.examples.v3_UUID_TOKEN_DEFAULT),
+ expected_status=200)
+
+ def _get_cached_token(self, token):
+ return self.middleware._token_cache.get(token)
+
+ def assert_valid_last_url(self, token_id):
+ self.assertLastPath('/v3/auth/tokens')
+
+ def assertLastPath(self, path):
+ if path:
+ self.assertEqual(BASE_URI + path,
+ self.requests_mock.last_request.url)
+ else:
+ self.assertIsNone(self.requests_mock.last_request)
+
+ def test_http_error_not_cached_token(self):
+ """Test to don't cache token as invalid on network errors.
+
+ We use UUID tokens since they are the easiest one to reach
+ get_http_connection.
+ """
+ self.set_middleware(conf={'http_request_max_retries': '0'})
+ self.call_middleware(headers=get_authorization_header(ERROR_TOKEN),
+ expected_status=503)
+ self.assertIsNone(self._get_cached_token(ERROR_TOKEN))
+ self.assert_valid_last_url(ERROR_TOKEN)
+
+
+class FilterFactoryTest(utils.BaseTestCase):
+
+ def test_filter_factory(self):
+ conf = {}
+ auth_filter = oauth2_token.filter_factory(conf)
+ m = auth_filter(FakeOauth2TokenV3App())
+ self.assertIsInstance(m, oauth2_token.OAuth2Protocol)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware/tests/unit/utils.py
new/keystonemiddleware-10.2.0/keystonemiddleware/tests/unit/utils.py
--- old/keystonemiddleware-9.5.0/keystonemiddleware/tests/unit/utils.py
2022-05-20 14:32:24.000000000 +0200
+++ new/keystonemiddleware-10.2.0/keystonemiddleware/tests/unit/utils.py
2023-01-06 17:20:38.000000000 +0100
@@ -61,24 +61,6 @@
super(TestCase, self).tearDown()
-if tuple(sys.version_info)[0:2] < (2, 7):
-
- def assertDictEqual(self, d1, d2, msg=None):
- # Simple version taken from 2.7
- self.assertIsInstance(d1, dict,
- 'First argument is not a dictionary')
- self.assertIsInstance(d2, dict,
- 'Second argument is not a dictionary')
- if d1 != d2:
- if msg:
- self.fail(msg)
- else:
- standardMsg = '%r != %r' % (d1, d2)
- self.fail(standardMsg)
-
- TestCase.assertDictEqual = assertDictEqual
-
-
class MiddlewareTestCase(BaseTestCase):
def create_middleware(self, cb, **kwargs):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/PKG-INFO
new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/PKG-INFO
--- old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/PKG-INFO
2022-05-20 14:33:03.000000000 +0200
+++ new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/PKG-INFO
2023-01-06 17:21:05.000000000 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: keystonemiddleware
-Version: 9.5.0
+Version: 10.2.0
Summary: Middleware for OpenStack Identity
Home-page: https://docs.openstack.org/keystonemiddleware/latest/
Author: OpenStack
@@ -54,7 +54,9 @@
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.6
-Classifier: Programming Language :: Python :: 3.7
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Requires-Python: >=3.8
Provides-Extra: audit_notifications
Provides-Extra: test
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/SOURCES.txt
new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/SOURCES.txt
--- old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/SOURCES.txt
2022-05-20 14:33:03.000000000 +0200
+++ new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/SOURCES.txt
2023-01-06 17:21:05.000000000 +0100
@@ -7,7 +7,6 @@
HACKING.rst
LICENSE
README.rst
-babel.cfg
requirements.txt
setup.cfg
setup.py
@@ -32,6 +31,7 @@
keystonemiddleware/exceptions.py
keystonemiddleware/fixture.py
keystonemiddleware/i18n.py
+keystonemiddleware/oauth2_token.py
keystonemiddleware/opts.py
keystonemiddleware/s3_token.py
keystonemiddleware.egg-info/PKG-INFO
@@ -69,6 +69,7 @@
keystonemiddleware/tests/unit/test_ec2_token_middleware.py
keystonemiddleware/tests/unit/test_entry_points.py
keystonemiddleware/tests/unit/test_fixtures.py
+keystonemiddleware/tests/unit/test_oauth2_token_middleware.py
keystonemiddleware/tests/unit/test_opts.py
keystonemiddleware/tests/unit/test_s3_token_middleware.py
keystonemiddleware/tests/unit/utils.py
@@ -92,6 +93,7 @@
releasenotes/notes/.placeholder
releasenotes/notes/allow-expired-5ddbabcffc5678af.yaml
releasenotes/notes/authprotocol-accepts-oslo-config-config-a37212b60f58e154.yaml
+releasenotes/notes/bp-oauth2-client-credentials-ext-19a40c655ee43f57.yaml
releasenotes/notes/bp-whitelist-extension-for-app-creds-badf088c8ad584bb.yaml
releasenotes/notes/bug-1490804-87c0ff8e764945c1.yaml
releasenotes/notes/bug-1544840-a534127f8663e40f.yaml
@@ -118,6 +120,7 @@
releasenotes/notes/deprecate-caching-tokens-in-process-a412b0f1dea84cb9.yaml
releasenotes/notes/deprecate-eventlet-unsafe-memcacheclientpool-f8b4a6733513d73e.yaml
releasenotes/notes/drop-py-2-7-6655f421a9cac0a2.yaml
+releasenotes/notes/drop-python-3-6-and-3-7-c407d5898c5eafec.yaml
releasenotes/notes/ec2-v2-removal-6a886210cbc9d3e9.yaml
releasenotes/notes/fix-audit-no-service-endpoint-ports-72b2009d631dcf19.yaml
releasenotes/notes/interface-option-ed551d2a3162668d.yaml
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/entry_points.txt
new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/entry_points.txt
--- old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/entry_points.txt
2022-05-20 14:33:03.000000000 +0200
+++ new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/entry_points.txt
2023-01-06 17:21:05.000000000 +0100
@@ -6,5 +6,6 @@
audit = keystonemiddleware.audit:filter_factory
auth_token = keystonemiddleware.auth_token:filter_factory
ec2_token = keystonemiddleware.ec2_token:filter_factory
+oauth2_token = keystonemiddleware.oauth2_token:filter_factory
s3_token = keystonemiddleware.s3_token:filter_factory
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/pbr.json
new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/pbr.json
--- old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/pbr.json
2022-05-20 14:33:03.000000000 +0200
+++ new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/pbr.json
2023-01-06 17:21:05.000000000 +0100
@@ -1 +1 @@
-{"git_version": "2558084", "is_release": true}
\ No newline at end of file
+{"git_version": "e05466c", "is_release": true}
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/requires.txt
new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/requires.txt
--- old/keystonemiddleware-9.5.0/keystonemiddleware.egg-info/requires.txt
2022-05-20 14:33:03.000000000 +0200
+++ new/keystonemiddleware-10.2.0/keystonemiddleware.egg-info/requires.txt
2023-01-06 17:21:05.000000000 +0100
@@ -22,10 +22,11 @@
coverage!=4.4,>=4.0
cryptography>=3.0
fixtures>=3.0.0
-flake8-docstrings==0.2.1.post1
+flake8-docstrings==1.6.0
hacking<4.0.0,>=3.0
oslo.messaging>=5.29.0
oslotest>=3.2.0
+pep8==1.7.1
python-memcached>=1.59
requests-mock>=1.2.0
stestr>=2.0.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/releasenotes/notes/bp-oauth2-client-credentials-ext-19a40c655ee43f57.yaml
new/keystonemiddleware-10.2.0/releasenotes/notes/bp-oauth2-client-credentials-ext-19a40c655ee43f57.yaml
---
old/keystonemiddleware-9.5.0/releasenotes/notes/bp-oauth2-client-credentials-ext-19a40c655ee43f57.yaml
1970-01-01 01:00:00.000000000 +0100
+++
new/keystonemiddleware-10.2.0/releasenotes/notes/bp-oauth2-client-credentials-ext-19a40c655ee43f57.yaml
2023-01-06 17:20:38.000000000 +0100
@@ -0,0 +1,7 @@
+---
+features:
+ - |
+ [`blueprint oauth2-client-credentials-ext
<https://blueprints.launchpad.net/keystone/+spec/oauth2-client-credentials-ext>`_]
+ The oauth2_token filter has been added for accepting or denying incoming
+ requests containing OAuth2.0 client credentials access tokens passed via
+ the Authorization headers as bearer tokens.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/releasenotes/notes/drop-python-3-6-and-3-7-c407d5898c5eafec.yaml
new/keystonemiddleware-10.2.0/releasenotes/notes/drop-python-3-6-and-3-7-c407d5898c5eafec.yaml
---
old/keystonemiddleware-9.5.0/releasenotes/notes/drop-python-3-6-and-3-7-c407d5898c5eafec.yaml
1970-01-01 01:00:00.000000000 +0100
+++
new/keystonemiddleware-10.2.0/releasenotes/notes/drop-python-3-6-and-3-7-c407d5898c5eafec.yaml
2023-01-06 17:20:38.000000000 +0100
@@ -0,0 +1,5 @@
+---
+upgrade:
+ - |
+ Python 3.6 & 3.7 support has been dropped. The minimum version of Python
now
+ supported is Python 3.8.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-9.5.0/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
new/keystonemiddleware-10.2.0/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
---
old/keystonemiddleware-9.5.0/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
2022-05-20 14:32:24.000000000 +0200
+++
new/keystonemiddleware-10.2.0/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
2023-01-06 17:20:38.000000000 +0100
@@ -2,21 +2,28 @@
# Andi Chandler <[email protected]>, 2018. #zanata
# Andi Chandler <[email protected]>, 2019. #zanata
# Andi Chandler <[email protected]>, 2020. #zanata
+# Andi Chandler <[email protected]>, 2022. #zanata
msgid ""
msgstr ""
"Project-Id-Version: keystonemiddleware\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2021-03-02 18:48+0000\n"
+"POT-Creation-Date: 2022-08-26 17:13+0000\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2020-10-28 02:17+0000\n"
+"PO-Revision-Date: 2022-09-05 10:38+0000\n"
"Last-Translator: Andi Chandler <[email protected]>\n"
"Language-Team: English (United Kingdom)\n"
"Language: en_GB\n"
"X-Generator: Zanata 4.3.3\n"
"Plural-Forms: nplurals=2; plural=(n != 1)\n"
+msgid "10.0.0"
+msgstr "10.0.0"
+
+msgid "10.0.0-3"
+msgstr "10.0.0-3"
+
msgid "4.1.0"
msgstr "4.1.0"
@@ -92,6 +99,12 @@
msgid "9.0.0"
msgstr "9.0.0"
+msgid "9.1.0"
+msgstr "9.1.0"
+
+msgid "9.3.0"
+msgstr "9.3.0"
+
msgid ""
"A new configuration option for the s3token middleware called auth_uri can be "
"used to set the URI to be used for authentication. This replaces auth_host, "
@@ -155,6 +168,15 @@
"option should be set to ``True`` as soon as possible. The option will "
"default to ``True`` in a future release."
+msgid ""
+"It is recommended that the ``memcache_use_advanced_pool`` option is set to "
+"``True`` in the ``keystone_authtoken`` configuration section of the various "
+"services (e.g. nova, glance, ...) when memcached is used for token cache."
+msgstr ""
+"It is recommended that the ``memcache_use_advanced_pool`` option is set to "
+"``True`` in the ``keystone_authtoken`` configuration section of the various "
+"services (e.g. nova, glance, ...) when Memcached is used for token cache."
+
msgid "Mitaka Series Release Notes"
msgstr "Mitaka Series Release Notes"
@@ -185,6 +207,13 @@
"support Python 2.7 is OpenStack Train. The minimum version of Python now "
"supported is Python 3.6."
+msgid ""
+"Python 3.6 & 3.7 support has been dropped. The minimum version of Python now "
+"supported is Python 3.8."
+msgstr ""
+"Python 3.6 & 3.7 support has been dropped. The minimum version of Python now "
+"supported is Python 3.8."
+
msgid "Queens Series Release Notes"
msgstr "Queens Series Release Notes"
@@ -226,6 +255,17 @@
"enforce this behaviour. This will become the default setting in future "
"releases."
+msgid ""
+"Since the removal of the Identity API v2 Keystone no longer has any special "
+"functionality that requires using the admin endpoint for it. So this release "
+"changes the default endpoint being used from ``admin`` to ``internal``, "
+"allowing deployments to work without an admin endpoint."
+msgstr ""
+"Since the removal of the Identity API v2 Keystone no longer has any special "
+"functionality that requires using the admin endpoint for it. So this release "
+"changes the default endpoint being used from ``admin`` to ``internal``, "
+"allowing deployments to work without an admin endpoint."
+
msgid "Stein Series Release Notes"
msgstr "Stein Series Release Notes"
@@ -276,6 +316,21 @@
msgid "Ussuri Series Release Notes"
msgstr "Ussuri Series Release Notes"
+msgid "Victoria Series Release Notes"
+msgstr "Victoria Series Release Notes"
+
+msgid "Wallaby Series Release Notes"
+msgstr "Wallaby Series Release Notes"
+
+msgid ""
+"We no longer recommend using the eventlet unsafe keystonemiddleware's "
+"memcacheclientpool. This implementation may result in growing connections to "
+"memcached."
+msgstr ""
+"We no longer recommend using the eventlet unsafe keystonemiddleware's "
+"memcacheclientpool. This implementation may result in growing connections to "
+"Memcached."
+
msgid ""
"When ``delay_auth_decision`` is enabled and a Keystone failure prevents a "
"final decision about whether a token is valid or invalid, it will be marked "
@@ -316,6 +371,25 @@
"removal in keystonemiddleware 5.0.0 or in the `O` development cycle, "
"whichever is later."
+msgid "Xena Series Release Notes"
+msgstr "Xena Series Release Notes"
+
+msgid "Yoga Series Release Notes"
+msgstr "Yoga Series Release Notes"
+
+msgid ""
+"[`blueprint oauth2-client-credentials-ext <https://blueprints.launchpad.net/";
+"keystone/+spec/oauth2-client-credentials-ext>`_] The oauth2_token filter has "
+"been added for accepting or denying incoming requests containing OAuth2.0 "
+"client credentials access tokens passed via the Authorization headers as "
+"bearer tokens."
+msgstr ""
+"[`blueprint oauth2-client-credentials-ext <https://blueprints.launchpad.net/";
+"keystone/+spec/oauth2-client-credentials-ext>`_] The oauth2_token filter has "
+"been added for accepting or denying incoming requests containing OAuth2.0 "
+"client credentials access tokens passed via the Authorisation headers as "
+"bearer tokens."
+
msgid ""
"[`bug 1333951 <https://bugs.launchpad.net/keystonemiddleware/";
"+bug/1333951>`_] Add support for parsing AWS v4 for ec2."
@@ -648,6 +722,15 @@
"may be set to `public` or `internal` as needed."
msgid ""
+"[`bug 1830002 <https://bugs.launchpad.net/keystonemiddleware/";
+"+bug/1830002>`_] The default Identity endpoint has been changed from "
+"``admin`` to ``internal``."
+msgstr ""
+"[`bug 1830002 <https://bugs.launchpad.net/keystonemiddleware/";
+"+bug/1830002>`_] The default Identity endpoint has been changed from "
+"``admin`` to ``internal``."
+
+msgid ""
"[`bug 1845539 <https://bugs.launchpad.net/keystone/+bug/1845539>`_] The ec2 "
"'url' config option now defaults to https://localhost:5000/v3/ec2tokens with "
"the removal of ec2 v2.0 support. Keystonemiddleware no longer supports "
@@ -670,6 +753,29 @@
"functionality has been removed."
msgid ""
+"[`bug 1892852 <https://bugs.launchpad.net/keystonemiddleware/";
+"+bug/1892852>`_] [`bug 1888394 <https://bugs.launchpad.net/oslo.cache/";
+"+bug/1888394>`_] [`bug 1883659 <https://bugs.launchpad.net/";
+"keystonemiddleware/+bug/1883659>`_] Keystonemiddleware now using eventlet-"
+"safe implementation of ``MemcacheClientPool`` from oslo.cache's library by "
+"default. The ``keystonemiddleware`` implementation is now deprecated. For "
+"backwards compatibility, the ``[keystone_authtoken] "
+"memcache_use_advanced_pool`` option can be set to ``False`` config files of "
+"the various services (e.g. nova, glance, ...) when memcached is used for "
+"token cache."
+msgstr ""
+"[`bug 1892852 <https://bugs.launchpad.net/keystonemiddleware/";
+"+bug/1892852>`_] [`bug 1888394 <https://bugs.launchpad.net/oslo.cache/";
+"+bug/1888394>`_] [`bug 1883659 <https://bugs.launchpad.net/";
+"keystonemiddleware/+bug/1883659>`_] Keystonemiddleware now using eventlet-"
+"safe implementation of ``MemcacheClientPool`` from oslo.cache's library by "
+"default. The ``keystonemiddleware`` implementation is now deprecated. For "
+"backwards compatibility, the ``[keystone_authtoken] "
+"memcache_use_advanced_pool`` option can be set to ``False`` config files of "
+"the various services (e.g. nova, glance, ...) when Memcached is used for "
+"token cache."
+
+msgid ""
"[`bug/1747655 <https://bugs.launchpad.net/keystonemiddleware/";
"+bug/1747655>`_] When keystone is temporarily unavailable, "
"keystonemiddleware correctly sends a 503 response to the HTTP client but was "
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-9.5.0/setup.cfg
new/keystonemiddleware-10.2.0/setup.cfg
--- old/keystonemiddleware-9.5.0/setup.cfg 2022-05-20 14:33:03.178202600
+0200
+++ new/keystonemiddleware-10.2.0/setup.cfg 2023-01-06 17:21:05.229156700
+0100
@@ -1,11 +1,12 @@
[metadata]
name = keystonemiddleware
summary = Middleware for OpenStack Identity
-description-file =
+description_file =
README.rst
author = OpenStack
-author-email = [email protected]
-home-page = https://docs.openstack.org/keystonemiddleware/latest/
+author_email = [email protected]
+home_page = https://docs.openstack.org/keystonemiddleware/latest/
+python_requires = >=3.8
classifier =
Environment :: OpenStack
Intended Audience :: Information Technology
@@ -15,8 +16,9 @@
Programming Language :: Python
Programming Language :: Python :: 3 :: Only
Programming Language :: Python :: 3
- Programming Language :: Python :: 3.6
- Programming Language :: Python :: 3.7
+ Programming Language :: Python :: 3 :: Only
+ Programming Language :: Python :: 3.8
+ Programming Language :: Python :: 3.9
[files]
packages =
@@ -27,7 +29,7 @@
oslo.messaging>=5.29.0 # Apache-2.0
[global]
-setup-hooks =
+setup_hooks =
pbr.hooks.setup_hook
[entry_points]
@@ -39,20 +41,7 @@
audit = keystonemiddleware.audit:filter_factory
ec2_token = keystonemiddleware.ec2_token:filter_factory
s3_token = keystonemiddleware.s3_token:filter_factory
-
-[compile_catalog]
-directory = keystonemiddleware/locale
-domain = keystonemiddleware
-
-[update_catalog]
-domain = keystonemiddleware
-output_dir = keystonemiddleware/locale
-input_file = keystonemiddleware/locale/keystonemiddleware.pot
-
-[extract_messages]
-keywords = _ gettext ngettext l_ lazy_gettext
-mapping_file = babel.cfg
-output_file = keystonemiddleware/locale/keystonemiddleware.pot
+ oauth2_token = keystonemiddleware.oauth2_token:filter_factory
[egg_info]
tag_build =
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-9.5.0/test-requirements.txt
new/keystonemiddleware-10.2.0/test-requirements.txt
--- old/keystonemiddleware-9.5.0/test-requirements.txt 2022-05-20
14:32:24.000000000 +0200
+++ new/keystonemiddleware-10.2.0/test-requirements.txt 2023-01-06
17:20:38.000000000 +0100
@@ -3,14 +3,16 @@
# process, which may cause wedges in the gate later.
hacking>=3.0,<4.0.0 # Apache-2.0
-flake8-docstrings==0.2.1.post1 # MIT
+flake8-docstrings==1.6.0 # MIT
+pep8==1.7.1 # MIT
+
coverage!=4.4,>=4.0 # Apache-2.0
cryptography>=3.0 # BSD/Apache-2.0
fixtures>=3.0.0 # Apache-2.0/BSD
oslotest>=3.2.0 # Apache-2.0
-requests-mock>=1.2.0 # Apache-2.0
stevedore>=1.20.0 # Apache-2.0
+requests-mock>=1.2.0 # Apache-2.0
stestr>=2.0.0 # Apache-2.0
testresources>=2.0.0 # Apache-2.0/BSD
testtools>=2.2.0 # MIT
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-9.5.0/tox.ini
new/keystonemiddleware-10.2.0/tox.ini
--- old/keystonemiddleware-9.5.0/tox.ini 2022-05-20 14:32:24.000000000
+0200
+++ new/keystonemiddleware-10.2.0/tox.ini 2023-01-06 17:20:38.000000000
+0100
@@ -1,5 +1,5 @@
[tox]
-minversion = 3.1.1
+minversion = 3.18.0
skipsdist = True
envlist = py37,pep8,releasenotes
ignore_basepython_conflict = True
@@ -49,10 +49,11 @@
# D102: Missing docstring in public method
# D103: Missing docstring in public function
# D104: Missing docstring in public package
-# D203: 1 blank line required before class docstring (deprecated in pep257)
+# D107: Missing docstring in __init__
+# D401: First line should be in imperative mood
# W503 line break before binary operator
# W504 line break after binary operator
-ignore = D100,D101,D102,D103,D104,D203,W503,W504
+ignore = D100,D101,D102,D103,D104,D107,D401,W503,W504
show-source = True
exclude = .venv,.tox,dist,doc,*egg,build
@@ -65,7 +66,7 @@
[testenv:pdf-docs]
envdir = {toxworkdir}/docs
deps = {[testenv:docs]deps}
-whitelist_externals =
+allowlist_externals =
make
rm
commands =
