enable totp auth plugin

The only config change is in keystone.conf to enable totp auth plugin. A secret can be generated via an arbitrary tool and uploaded to Keystone via credential api by specifying "totp" credential type, secret and a user id. https://developer.openstack.org/api-ref/identity/v3/#create-credential https://blueprints.launchpad.net/keystone/+spec/totp-auth https://docs.openstack.org/keystone/pike/advanced-topics/auth-totp.html#configuring-totp Change-Id: Ie3e4d828aae1f0918ace94adbdfdb81ffdc12878
2018-05-30 17:34:43 +03:00 · 2018-05-30 17:34:43 +03:00 · 8aed72e20f
parent c256592460
commit 8aed72e20f
2 changed files with 2 additions and 2 deletions
--- a/templates/mitaka/keystone.conf
+++ b/templates/mitaka/keystone.conf
@ -67,7 +67,7 @@ driver = {{ assignment_backend }}
 [oauth1]

 [auth]
-methods = external,password,token,oauth1
+methods = external,password,token,oauth1,totp
 password = keystone.auth.plugins.password.Password
 token = keystone.auth.plugins.token.Token
 oauth1 = keystone.auth.plugins.oauth1.OAuth
--- a/templates/ocata/keystone.conf
+++ b/templates/ocata/keystone.conf
@ -67,7 +67,7 @@ driver = {{ assignment_backend }}
 [oauth1]

 [auth]
-methods = external,password,token,oauth1,mapped,openid
+methods = external,password,token,oauth1,mapped,openid,totp
 password = keystone.auth.plugins.password.Password
 token = keystone.auth.plugins.token.Token
 oauth1 = keystone.auth.plugins.oauth1.OAuth