Update git submodules
* Update keystonemiddleware from branch 'master' - Merge "Add validation of app cred access rules" - Add validation of app cred access rules This commit adds a validation step in the auth_token middleware to check for the presence of an access_rules attribute in an application credential token and to validate the request against the permissions granted for that token. During token validation it sends a header to keystone to indicate that it is capable of validating these access rules, and not providing this header for a token like this would result in the token failing validation. This disregards access rules for a service request made by a service on behalf of a user, such as nova making a request to glance, because such a request is not under the control of the user and is not expected to be explicitly allowed in the access rules. bp whitelist-extension-for-app-creds Depends-On: https://review.opendev.org/670377 Change-Id: I185e0541d5df538d74edadf9976b3034a2470c88
This commit is contained in:
parent
ebcaf075e6
commit
03f4c83032
|
@ -1 +1 @@
|
|||
Subproject commit 06fc3e42d79ebe81a8cd4c0a482ef67223599ad2
|
||||
Subproject commit 3183b3d2fc28e36efab7c19f13abe7146cf6b93b
|
Loading…
Reference in New Issue