openstack
/
openstack
Code Issues Proposed changes

Update git submodules 

* Update keystonemiddleware from branch 'master'
  - Merge "Add validation of app cred access rules"
  - Add validation of app cred access rules
    
    This commit adds a validation step in the auth_token middleware to check
    for the presence of an access_rules attribute in an application
    credential token and to validate the request against the permissions
    granted for that token. During token validation it sends a header to
    keystone to indicate that it is capable of validating these access
    rules, and not providing this header for a token like this would result
    in the token failing validation. This disregards access rules for a
    service request made by a service on behalf of a user, such as nova
    making a request to glance, because such a request is not under the
    control of the user and is not expected to be explicitly allowed in the
    access rules.
    
    bp whitelist-extension-for-app-creds
    
    Depends-On: https://review.opendev.org/670377
    
    Change-Id: I185e0541d5df538d74edadf9976b3034a2470c88
This commit is contained in:
Zuul 2019-07-18 19:47:31 +00:00 committed by Gerrit Code Review
parent ebcaf075e6
commit 03f4c83032
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
keystonemiddleware

@ -1 +1 @@
Subproject commit 06fc3e42d79ebe81a8cd4c0a482ef67223599ad2
Subproject commit 3183b3d2fc28e36efab7c19f13abe7146cf6b93b