Version 0.15.0 introduced some "deprecation warning" that cause a fatal
error and break all the unit tests. The new usage is not backwards
compatible, so this commit updates the module imports to accomodate both
versions.
Change-Id: I9ac523ad7637b1ff1c6c49b75add387ca112f980
Before flask, the code that checked for a local developer environment
config file lived in keystone/server/wsgi.py, and checked for configs at
../../.. relative to itself. Now it lives in
keystone/server/flask/core.py but still checks the same directory depth,
leaving it one short. This patch adds another directory level to the
possible_topdir path so that the wsgi application will correctly look in
keystone/etc instead of keystone/keystone/etc.
Change-Id: If1c8d7c9bb1ea7d2642ab5c5e7f92adec33bf1f2
Move AuthContextMiddleware to keystone.server.flask.request_processing
to be more in line with the other internally defined middleware.
Change-Id: I25b6a88f4b0dc3af306360ee4e5ec0abfe3cf812
Partial-Bug: #1776504
Normalizing filter has been converted to a flask-native style
middleware instead of leaning on the old application logic from
Webob. We also now strip all trailing slashes, not just a single
traling slash.
Test Changes:
* test_url_middleware now tests the new middleware directly instead
of leaning on webob and fake requests.
Change-Id: I5f82817b61a9284b97cf6443105107150d4a1757
Partial-Bug: #1776504
For internally defined middleware (URL Normalizer and AuthContext)
Do not use stevedore to load, apply directly. This also cleans up
a lingering entry in the setup.cfg for token_auth.
Test Changes:
* entry points test no longer looks for url_normalize and
build_auth_context
Change-Id: I58d3c23ad4f70668ada4eae94a94d3f5fe750b3b
Partial-Bug: #1776504
Replace the JSON Body middleware with flask-native before-request
function.
The body filtering and storing data in
request.environ['openstack.params'] was not used in the code base and
has been dropped.
Test Changes:
* JSON Body middleware has been removed, no testing of the removed code
* JSON Body Before Request Method has been implemented and associated
testing (mirroring the JSON Body middleware code).
* Test entry points no longer looks for JSON Body middleware.
Change-Id: I84491865870b6bf2b8f094b524ee8b77510f0054
Partial-Bug: #1776504
* Superfluous call to setup token authentication has been removed from
keystone.server.flask.core
* Base SAML assertion function has been extracted from
keystone.api.auth and moved to keystone.api._shared.saml
Change-Id: Idfa62bf1aea81ef5b4c6f564397e6a0d3ae60417
Partial-Bug: #1776504
Convert the /auth paths to flask native dispatching.
A minor change to additional_urls was implemented to ensure all
urls are added at once instead of individually (causing an over-
write issue within flask as a single resource may only have a
single set of URL mappings).
Alternate URLs now support adding alternate JSON Home rel links.
This is to support the case of OS-FEDERATION auth routes moving
to /auth. The old JSON Home entries must exist but reference
the new paths.
This port includes the following test changes (needed due to the
way flask handles requests and the way requests are passed through
the auth system):
* Implemented keystone.common.render_token (module)
containing render_token_response_from_model and use it instead
of keystone.common.controller.render_token_response_from_model.
Minor differences occur in render_token_response_from_model in
the keystone.common.render_token module, this is simply
for referencing data from flask instead of the request object.
* Test cases have been modified to no longer rely on the auth
controller(s) directly
* Test cases now use "make_request" as a context manager
since authenticate/authenticate_for_token directly
reference the flask contexts and must have an explicit
context pushed.
* Test cases no longer pass request objects into methods
such as authenticate/authenticate_for_token or similar
methods on the auth plugins
* Test cases for federation reference the token model now
where possible instead of the rendered token response.
Rendered token responses are generated where needed.
* Auth Plugin Configuration is done in test core as well.
This is because Auth controller does not exist.
NOTE: This is a massive change, but must of these changes
were now easily uncoupled because of how far reaching auth
is.
Change-Id: I636928102875760726cc3493775a2be48e774fd7
Partial-Bug: #1776504
The common functions are mostly removed and these make sense to
be part of the __init__.py. This also simplifies imports and
eliminates odd import errors due to duplicated names and masking
the names e.g. (and keystone.server.flask needs the functions
from keystone.server.common):
keystone.server.flask.common
keystone.server.common
Change-Id: Ie586fd45e10c8a1c8db3d9a64f949c97004814d9
Partial-Bug: #1776504
Do not replace the entire app when wrapping with middleware. It is
important to maintain all the flask-functionality on the app object
and ensure any/all test client calls go through the entire stack of
app and middleware.
Partial-Bug: #1776504
Change-Id: I928d08e96b4c79807ad8c312ba17359c54b67fa0
Move the JSON Home Document and Version Discovery Documents out of
the webob-based mapper and into Flask.
This change removes the keystone.version.controller and
keystone.version.router modules as they have been moved into
keystone.api.discovery.
The keystone.api.discovery module is somewhat specialized as there
are no "resources" and it must handle multiple types of responses
based upon the ACCEPTS header (JSON Home or JSON). In lieu of the
flask-RESTful mechanisms, keystone.api.discovery utilizes bare
flask blueprint and functions. Minor scaffolding work has been done
to ensure the discovery blueprint can be loaded via the loader loop
in keystone.server.flask.application (a stub object in
keystone.api.discovery).
Partial-Bug: #1776504
Change-Id: Ib25380cefdbb7147661bb9853de7872a837322e0
This change adds a new config group ``[wsgi]`` with the ability
to load in the oslo.middleware Debug middleware. The DEBUG middleware
is placed as the first middleware in the chain printing out raw
request/response data closest to the edge of the applciation.
The new option is ``debug_middleware`` and is boolean. It defaults
to "False". This option should never be set in production as it
can and will leak sensitive information via the printed data.
Change-Id: I013e38f3578e6ea8e5bad3123fe47bf93b840b43
Basic conversion of Keystone's core application to flask framework.
This doesn't add much in the way of flask-specific-isms but should
get keystone running directly under flask. This implementation does
not use paste-deploy.
Change-Id: Ib4c1ed3f645dd55fbfb76395263ecdaf605caae7
Colleen Murphy