This spec proposes to Provide the option for users to
proof-of-possession of OAuth2.0 access token based on RFC8705 OAuth 2.0
Mutual-TLS Client Authentication and Certificate-Bound Access Tokens.
Users will be able to authenticate their OAuth2.0 client with a client
certificate instead of using Basic authentication with
client_id/client_secret to prevent a token from being used by a
malicious client. This protects Keystone Identity and other OpenStack
services from spoofed OAuth clients.
Change-Id: I67e030c183631bd421cc93ceb767f60fa178238a
UPPER_CONSTRAINTS_FILE is old name and deprecated
This allows to use upper-constraints file as more
readable way instead of UPPER_CONSTRAINTS_FILE=<lower-constraints file>.
Change-Id: Ie0e9cdb7b5da013fcc61cc11722e5a5c412b63ac
Make a few cleanups:
- Remove obsolete sections from setup.cfg
- Update classifiers
- Update requirements, no need for python_version anymore
- Use newer openstackdocstheme version
- Remove install_command from tox.ini, the default is fine
- Remove py27 stanza from setup.py
Change-Id: I3f517a43fbc1689ac1627a0a7c802dd08a9e2630
Using upper-constraints in the keystone-specs tox environment ensures
that libraries go through validation in the requirements project and
don't break our CI.
Change-Id: Ic38c11bec5fe50c7fff7c1f4dec86504a29ba222
We want to default to running all tox environments under python 3, so
set the basepython value in each environment.
We do not want to specify a minor version number, because we do not
want to have to update the file every time we upgrade python.
We do not want to set the override once in testenv, because that
breaks the more specific versions used in default environments like
py35 and py36.
Change-Id: I8f4db75f30021fca61f7c073018a533b02316ece
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
According to Openstack summit session [1],
stestr is maintained project to which all Openstack projects should migrate.
Let's switch to stestr as other projects have already moved to it.
This change also fixes a bunch of D001 violations where lines are too
long in .rst documents.
[1] https://etherpad.openstack.org/p/YVR-python-pti
Change-Id: Ic20ae60d9020896690c5e7f07124d7500ffd3d2d
Fedora 25 recently moved to python3 as the default python version.
Trying to build docs errors on Fedora 25 during the venv build
due to feedformatter not being Py3 clean. feedformatter is a
dependency of yasfb, making yasfb py27 only.
Change-Id: Ic35e5dbb20e597eb0bff4d553c759221268a78bb
As we do with other things we don't want folks to see, shove the
APIs in the attic. These files are being moved to the api-ref
directory in the keystone repo. See topic `keystone-api-sprint`.
https://review.openstack.org/#/q/branch:master+topic:keystone-api-sprint
Change-Id: Ic61dfa8ef1d71954ae5b3e09f1ccc8ec6e774973
These are the restructuredtext documents produced as a result of the
following changes (originally proposed to openstack/identity-api):
* Convert markdown to restructured text:
https://review.openstack.org/#/c/128676/
* Split HTTP methods & resources from section titles:
https://review.openstack.org/#/c/128690/
* And a few minor content changes to comply with doc8:
https://review.openstack.org/#/c/128693/
This change also adds doc8 validation to the new api/ directory.
Change-Id: Ia575cf8f00558503bf6b4bea11836ddc1d2f1188
doc8 is similar to flake8, but for documentation: it's an opinionated
style checker.
https://github.com/stackforge/doc8
This patch also fixes two violations, regarding maximum line length and
trailing whitespace.
Change-Id: Icdbd360cea149f1af72243a59efedaed504ff336
The initial commit for identity-specs repo. This is based upon a
combination of the TripleO Specs repository and the Nova specs
repository.
Change-Id: If6002bebb6fee7b4935c5f11401521c3acc746b8