Merge "Consolidate oauth1.rst"

This commit is contained in:
Zuul 2018-05-15 01:12:32 +00:00 committed by Gerrit Code Review
commit f0f1bdefec
3 changed files with 37 additions and 38 deletions

View File

@ -41,3 +41,4 @@ command-line client.
identity-credential-encryption.rst
endpoint-filtering.rst
health-check-middleware.rst
oauth1.rst

View File

@ -0,0 +1,36 @@
OAuth1 1.0a
===========
The OAuth 1.0a feature provides the ability for Identity users to delegate
roles to third party consumers via the OAuth 1.0a specification.
To enable OAuth1:
1. Add the oauth1 driver to the ``[oauth1]`` section in ``keystone.conf``. For
example:
.. code-block:: ini
[oauth1]
driver = sql
2. Add the ``oauth1`` authentication method to the ``[auth]`` section in
``keystone.conf``:
.. code-block:: ini
[auth]
methods = external,password,token,oauth1
3. If deploying under Apache httpd with ``mod_wsgi``, set the
`WSGIPassAuthorization` to allow the OAuth Authorization headers to pass
through `mod_wsgi`. For example, add the following to the keystone virtual
host file:
.. code-block:: ini
WSGIPassAuthorization On
See `API Specification for OAuth 1.0a <https://developer.openstack.org/
api-ref/identity/v3-ext/index.html#os-oauth1-api>`_ for the details of
API definition.

View File

@ -393,44 +393,6 @@ SSL
A secure deployment should have keystone running in a web server (such as
Apache httpd), or behind an SSL terminator.
OAuth1 1.0a
===========
The OAuth 1.0a feature provides the ability for Identity users to delegate
roles to third party consumers via the OAuth 1.0a specification.
To enable OAuth1:
1. Add the oauth1 driver to the ``[oauth1]`` section in ``keystone.conf``. For
example:
.. code-block:: ini
[oauth1]
driver = sql
2. Add the ``oauth1`` authentication method to the ``[auth]`` section in
``keystone.conf``:
.. code-block:: ini
[auth]
methods = external,password,token,oauth1
3. If deploying under Apache httpd with ``mod_wsgi``, set the
`WSGIPassAuthorization` to allow the OAuth Authorization headers to pass
through `mod_wsgi`. For example, add the following to the keystone virtual
host file:
.. code-block:: ini
WSGIPassAuthorization On
See `API Specification for OAuth 1.0a <https://developer.openstack.org/
api-ref/identity/v3-ext/index.html#os-oauth1-api>`_ for the details of
API definition.
Limiting list return size
=========================