remove "admin_token_auth" related content"

as "admin_token_auth" is removed from paste file. some related contents
are useless and shoud be removed also.

Change-Id: Ia2263eda93559603a31d9a492e5501424613188e
bp: removed-as-of-queens
This commit is contained in:
wangqiangbj 2017-12-14 14:32:38 +08:00
parent 3cc3986a89
commit 4fc045f820
8 changed files with 8 additions and 91 deletions

View File

@ -66,7 +66,7 @@ application in the ``public_api`` WSGI pipeline in
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[pipeline:public_api]
pipeline = sizelimit url_normalize request_id build_auth_context token_auth admin_token_auth json_body ec2_extension user_crud_extension public_service
pipeline = sizelimit url_normalize request_id build_auth_context token_auth json_body ec2_extension user_crud_extension public_service
Each user can then change their own password with a HTTP PATCH.

View File

@ -172,9 +172,9 @@ authentication.
For example, if the original pipeline looks like this::
[pipeline:public_api]
pipeline = url_normalize token_auth admin_token_auth json_body debug ec2_extension user_crud_extension public_service
pipeline = url_normalize token_auth json_body debug ec2_extension user_crud_extension public_service
Your modified pipeline might then look like this::
[pipeline:public_api]
pipeline = url_normalize token_auth admin_token_auth json_body my_auth debug ec2_extension user_crud_extension public_service
pipeline = url_normalize token_auth json_body my_auth debug ec2_extension user_crud_extension public_service

View File

@ -13,7 +13,6 @@
# under the License.
from oslo_log import log
from oslo_log import versionutils
from oslo_serialization import jsonutils
from keystone.common import authorization
@ -36,32 +35,6 @@ class TokenAuthMiddleware(wsgi.Middleware):
context['subject_token_id'] = subject_token
class AdminTokenAuthMiddleware(wsgi.Middleware):
# NOTE(notmorgan): DEPRECATED FOR REMOVAL does nothing but warn to remove
# from pipeline
@versionutils.deprecated(
as_of=versionutils.deprecated.PIKE,
what='AdminTokenAuthMiddleware in the paste-ini pipeline.',
remove_in=+1)
def __init__(self, application):
super(AdminTokenAuthMiddleware, self).__init__(application)
# NOTE(notmorgan): This is deprecated and emits a significant error
# message to make sure deployers update their deployments so in the
# future release upgrade the deployment does not break.
LOG.error('The admin_token_auth middleware functionality has been '
'merged into the main auth middleware '
'(keystone.middleware.auth.AuthContextMiddleware). '
'`admin_token_auth` must be removed from the '
'[pipeline:api_v3], [pipeline:admin_api], and '
'[pipeline:public_api] sections of your paste ini '
'file. The [filter:admin_token_auth] block will also '
'need to be removed from your paste ini file. Failure '
'to remove these elements from your paste ini file will '
'result in keystone to no longer start/run when the '
'`admin_token_auth` is removed in the Queens release.')
class JsonBodyMiddleware(wsgi.Middleware):
"""Middleware to allow method arguments to be passed as serialized JSON.

View File

@ -20,7 +20,6 @@ class TestPasteDeploymentEntryPoints(test.TestCase):
def test_entry_point_middleware(self):
"""Assert that our list of expected middleware is present."""
expected_names = [
'admin_token_auth',
'build_auth_context',
'cors',
'debug',

View File

@ -25,7 +25,6 @@ from keystone import auth
from keystone.common import authorization
from keystone.common import cache
from keystone.common.validation import validators
from keystone.common import wsgi
from keystone import exception
from keystone import middleware
from keystone.tests.common import auth as common_auth
@ -1219,45 +1218,6 @@ class VersionTestCase(RestfulTestCase):
pass
# NOTE(morganfainberg): To be removed when admin_token_auth is removed. This
# has been split out to allow testing admin_token auth without enabling it
# for other tests.
class AuthContextMiddlewareAdminTokenTestCase(RestfulTestCase):
def config_overrides(self):
super(AuthContextMiddlewareAdminTokenTestCase, self).config_overrides()
self.config_fixture.config(
admin_token='ADMIN')
# NOTE(morganfainberg): This is knowingly copied from below for simplicity
# during the deprecation cycle.
def _middleware_request(self, token, extra_environ=None):
def application(environ, start_response):
body = b'body'
headers = [('Content-Type', 'text/html; charset=utf8'),
('Content-Length', str(len(body)))]
start_response('200 OK', headers)
return [body]
app = webtest.TestApp(middleware.AuthContextMiddleware(application),
extra_environ=extra_environ)
resp = app.get('/', headers={authorization.AUTH_TOKEN_HEADER: token})
self.assertEqual('body', resp.text) # just to make sure it worked
return resp.request
def test_admin_auth_context(self):
# test to make sure AuthContextMiddleware does not attempt to build the
# auth context if the admin_token middleware indicates it's admin
# already.
token_id = uuid.uuid4().hex # token doesn't matter.
# the admin_token middleware sets is_admin in the context.
extra_environ = {wsgi.CONTEXT_ENV: {'is_admin': True}}
req = self._middleware_request(token_id, extra_environ)
auth_context = req.environ.get(authorization.AUTH_CONTEXT_ENV)
self.assertDictEqual({}, auth_context)
# NOTE(gyee): test AuthContextMiddleware here instead of test_middleware.py
# because we need the token
class AuthContextMiddlewareTestCase(RestfulTestCase):

View File

@ -40,25 +40,6 @@ from keystone.tests.unit import test_v3
CONF = keystone.conf.CONF
# NOTE(morganfainberg): To be removed when admin_token_auth middleware is
# removed. This was moved to it's own testcase so it can setup the
# admin_token_auth pipeline without impacting other tests.
class IdentityTestCaseStaticAdminToken(test_v3.RestfulTestCase):
def config_overrides(self):
super(IdentityTestCaseStaticAdminToken, self).config_overrides()
self.config_fixture.config(
admin_token='ADMIN')
def test_list_users_with_static_admin_token_and_multiple_backends(self):
# domain-specific operations with the bootstrap ADMIN token is
# disallowed when domain-specific drivers are enabled
self.config_fixture.config(group='identity',
domain_specific_drivers_enabled=True)
self.get('/users', token=CONF.admin_token,
expected_status=exception.Unauthorized.code)
class IdentityTestCase(test_v3.RestfulTestCase):
"""Test users and groups."""

View File

@ -0,0 +1,5 @@
---
other:
- >
[`blueprint removed-as-of-queens <https://blueprints.launchpad.net/keystone/+spec/removed-as-of-queens>`_]
The ``admin_token_auth`` middleware is removed now. The related doc is removed as well.

View File

@ -193,7 +193,6 @@ paste.filter_factory =
osprofiler = osprofiler.web:WsgiMiddleware.factory
url_normalize = keystone.middleware:NormalizingFilter.factory
request_id = oslo_middleware:RequestId.factory
admin_token_auth = keystone.middleware:AdminTokenAuthMiddleware.factory
build_auth_context = keystone.middleware:AuthContextMiddleware.factory
token_auth = keystone.middleware:TokenAuthMiddleware.factory
json_body = keystone.middleware:JsonBodyMiddleware.factory