There are times, such as in oslo.messaging notifications, when we'd like
a context object to be stripped of any secrets. This adds a method to
RequestContext, redacted_copy(), which returns a copy of that context,
carrying over an allowlist of fields only, leaving secrets behind.
Related-bug: 2030976
Change-Id: Ie4a8eb784c505c41ec5fcd4cba091cc555146763
The tenant argument of RequestContext have been deprecated long
time ago it is now removed by these changes.
Sem-Ver: api-break
Closes-Bug: 1505827
Change-Id: I2fded6f3476df1fb8c4e042ef28ed8ccb7ab0737
A previous patch[1] added "system_scope" to the context for to_dict()
but the from_dict() method was not updated. This caused the
system_scope to always be None.
This patch corrects that by adding "system_scope" to the list of
values that may need to be extracted from the context dict.
[1] https://review.opendev.org/c/openstack/oslo.context/+/530509
Change-Id: Ica23d5c4183a692de3cb65a7ad72b19f47988ca6
auth_token_info is a common field that subclasses of RequestContext
add. It contains things like the token itself and the entire catalog,
both of which are undesirable to log. The token is a security concern
and the catalog is huge, which bloats the logs an unacceptable amount.
This change removes the auth_token_info key from the logging dict
that we return to the log formatter, which eliminates both problems.
Change-Id: If5ebaa3c1859d32cd05f51defe173fc625b21af5
Closes-Bug: 1866705
The OpenStack identity sevice issues domain-scoped tokens and
keystonemiddlware sets a specific header when it validates a
domain-scoped token. This commit allows context objects to set
domain_id attributes for tokens scoped to a domain and also processes
the domain ID header from keystonemiddlware.
Change-Id: I620d647499abaf5a7103d82af22a190fcc0b3fae
The context should carry some information that all services will need
in order to enforce scoping. System scope can be implemented here
and available for projects when they start adding scope types to
policies.
bp system-scope
Change-Id: I02fdaccfdd002d60b0b51c5d3327c783009cf35e
As the name of the get_logging_values suggests, that function will
get entries from the context for logging purposes. For this, we
shouldn't need the auth_token since it might potentially leak
in the logs.
This filters out the auth_token by setting it as '***' by
default.
Change-Id: I2b245c1665c3587be3c476b803122788d186e5d5
Some of our consumers define additional members on the context class
that they want included in to_dict and from_dict. While it is
possible to do this today via overrides of those functions, the
from_dict implementation in particular is a little non-obvious.
This has led to bugs when the base class's to_dict behavior changes.
This change moves the logic around extending the keys recognized by
from_dict into from_dict itself and allows consumers to simply
provide a list of those keys by overriding a class member.
Change-Id: Ib143f8a5c129dbf6711800c4d87c8830a8aa3365
Related-Bug: 1721432
The user, tenant and parameters without _id are deprecated as properties
on the object however have never been deprecated as the argument that is
passed.
This should be a fairly easy transition from a context perspective so
simply use the debtcollector function to rename them in place.
Change-Id: Id6ae5a1c869b8e4279d0100bdb6dbf6790dd9b83
This reverts commit 96432cbe4d.
it helps us a lot in Ocata, need open the deprecation warnings
to make consuming projects move to fix the warning.
Change-Id: I10874c66bfd7c7f582a4fe91dcb6354f1c55fc04
The positional decorator results in poorly maintainable code in
a misguided effort to emulate python3's key-word-arg only notation
and functionality. This patch removes oslo.context dependance
on the positional decorator.
Change-Id: I9b83917fedd00a8d4fdf904208a17ebdc5cda59a
This provides the facility to have a global_request_id which is
different from the service level request_id that we've been using.
Includes basic testing.
Change-Id: I1521188ae627fa2e7d35aa2ffffbcb620c527765
2.12.0 added a DeprecationWarning a bit late in
Ocata for other projects to react properly. For example
Neutron logs get filled up pretty badly. So let's
defer the deprecation warnings for one more release
Note f25543fcc7 adds
the warning(s).
Instead of a full revert, let's just key off of a
variable _log_deprecation_warnings both in context.py
and test_context.py with a FIXME reminder
Closes-Bug: #1660088
Change-Id: I45ba9a0ed628f3347c7c3b346e907e4363452dd8
In the case of communications that include service tokens we need to add
that information to the context so that we can also enforce policy on
it. Add this information and load this information in the from_environ
method. Add these details to to_policy_values so that we can start to
enforce policy based on these attributes.
Change-Id: Id90f32795905112de804a18ddc8a69c038c829bb
There is confusion now between whether parameters refer to the name or
id. Similar to adding _name we should rename the other variables with
_id to make it more obvious.
Change-Id: I203acefae8270bd3373b006fa096bea5ef3106f3
If we want to move all the services over to a standard policy
enforcement dict we need a way to start notifying deployers when the
policy enforcement files are using deprecated values.
Instead of returning a dictionary return an object that acts like a
dictionary but emits a DeprecationWarning whenever a deprecated policy
enforcement value is read from it.
Change-Id: I4b2fda188bbccfd491556cc5631e5c4a76314492
The X-User and X-Tenant deprecated headers from auth_token middleware
are actually name values, not ID values. In most cases this doesn't
matter because these are deprecated and only used when no newer headers
are available but we should still fix it.
Closes-Bug: #1614776
Change-Id: I16e80671e853387004434e766dd6ceebe0a6b2a6
Many assertEqual sentences don't follow assertEqual(expected, actual),
These misplaces have 2 impacts:
1, giving confusing messages when some tests failed.
2, mislead other developers, new test modules may follow these wrong pattern.
This patch fix all of them.
Change-Id: I806c893fd46242b021ce90037609ee47e015e1f3
Closes-Bug: #1604213
The way from_dict is structured today means that it is virtually
impossible for a subclass to use it. The function looks only at its own
__init__ variables and then creates a class with them. If a subclass is
adding something to to_dict (they almost all do) then there is no way
for that subclass to add anything to the from_dict so that it is
correctly reconstructed.
This problem is solvable by the pattern of passing keyword args through
to the constructor and having from_dict add to these arguments if they
are not already present. This pattern is already used by from_environ.
This change also moves from an inspecting __init__ args to explicitly
specifying the arguments supported by from_dict. This will be required
to start doing debtcollector and parameter cleanup without breaking
compatibility in the subclasses where the values returned by inspect may
not be those we actually want to pass to __init__.
Change-Id: Id5d78c2dbf76741338982e8d5ba08b6ad432ec42
We should try and enforce that all arguments passed to an oslo_context
are passed as keyword arguments. positional is a library maintained by
the openstack community for exactly this.
We can't simply switch over to raising an error, so by setting
enforcement to warn we will issue a deprecation warning whenever
arguments are being passed positionally.
Change-Id: I47456ac65911d4cc4a5acbacfd1d0dae8429684a
The oslo.middleware request_id middleware that is used by most services
sets the request_id into the environment at 'openstack.request_id'. Pick
this value up into the context object if it is present in the
environment.
Change-Id: Iae3799f4c5ad799961a4a6b01d2b77fd97e72be3
is_admin_project is provided by keystonemiddleware and used by
oslo.policy to enforce that a project scoped token exists in the admin
project.
To make this usable we add the ability to read the X-Is-Admin-Project
header from the environment, and add it to the outputted policy values.
Note the value is added to keystonemiddleware in the depend review
however it must work even with older auth_token middlewares so is fine
to merge prior to a middleware release.
Closes-Bug: #1577996
Depends-On: Ic680e6eaa683926914cf4b2152ec3bb67c6601ff
Change-Id: Ie48fedb8092e33e9645a37ea3fe44b88d34ad3b8
If somehow whitespace gets into the roles coming from headers we should
remove it and only save the actual role name. This is not possible
coming from auth_token middleware but is tested by some services and is
simple to support here.
Change-Id: I11ac3959d8f8b233c8785671d7a59263a4dc36df
from_environ only supported the current environ variables from
auth_token middleware as these have been in use for a long time. It
turns out particularly in testing that services may still use the
deprecated headers so we should still support those in oslo.context.
Change-Id: Ia7faf7b657525c11f728ac753422efe87f6ac34f
When we compose a string for user_identity, we should
ensure that we don't break for non-ascii strings in
user name or tenant name or domain names.
Change-Id: Id457ebe415f78c435fc8ece810f0a1b20964dabf
Closes-Bug: #1507937
Currently all the services pass there own dictionary to the oslo.policy
enforcement engine. This means that there is no standard policy language
between services.
Create a dictionary with the standard credential items that may be
required in policy enforcement. This method will need to be overriden
from individual services for backwards compatibility for some time.
Change-Id: I7bc31764e79eb61f602c7b8601149ac75bee9f9f
Closes-Bug: #1537653
This reverts commit 01aaeae060.
This causes test failures with oslo.log change
Ica445ad5dfe9bd27dfcf1b1bcb6401a0bc9496a5 when passing these attributes
to a log message and a context object. The result of setting these in
context causes log.record values to be overridden with blank values.
Catering for this condition causes subsequent mismatches for test
conditions mixing context and optional passing additional attributes
to log.
Change-Id: I5450e105dc914f822a2b4c03b759a682d8b4a3e7
Roles are an important part of the user context. They typically don't
need to be serialized for RPC but they are needed for policy. Include
roles onto the context object and make sure it is loaded from the
auth_token middleware environment.
Related-Bug: #1537653
Change-Id: Ia575ba803a0fb70f39146bd75d381ed19414bd23
Replace the existing argument specified values in from_dict() method
to be argument agnostic for any future arguments. Based from version
found in Solum.
All current boolean values match instantiation defaults.
Change-Id: I17c76881aa662de7ff245b3f6bfca309896ddf24
Add to get_logging_values() attributes that used in format string parameters
and that can cause an exception when the are not defined.
This is being refactored from the oslo.log formatter functionality.
Change-Id: I7108a51bea01db6ccd9b6b24afc7b8d92b8eeda7
Implements: blueprint app-agnostic-logging-parameters
This initial review defines a new method that will be used to define
and extend context attributes specifically useful in logging.
This enables other uses of the RequestContext to use the existing to_dict()
method.
This placholder is also needed for cross project dependencies with oslo.log.
Change-Id: I963a6db4aef74f7348e75a642e2e195cedacecaa
Implements: blueprint app-agnostic-logging-parameters
These tests are to cover existing class functionality before
modifications of app agnostic parameters and changes in Oslo Log.
Change-Id: I0b041746865e4da5d2c73ce6093f96bd48760e24
The intention here is to provide better integration between what
oslo.context expects and what keystonemiddleware provides. As auth_token
middleware changes each service has to react independently to the new
options and the way they build contexts.
By providing a helper here we can improve the consistency across
services to standardize the options and provide a common way to react to
auth_token middleware improvements.
Change-Id: Ic590b3ee359e9a9c27eef3d11c0738066f475881
The user, tenant and similar values are ambiguous. Most contexts that
subclass oslo.context already provide some version of this and use the
_id attributes anyway.
Ideally we would deprecate these values in future but for now just
provide the alias.
Change-Id: Ia59bf69eaa83be1904abe835bfee68b785c92c54
is_user_context refers to a user_id and project_id attribute in
the context object which are not defined in this base class.
Change-Id: I2ac6d4a7d31d026e6fedcba80c4a760dcac747e8
Closes-Bug: 1508217
Add a fixture class for use in tests to provide a way to flush the
cached RequestContext without exposing how that is stored.
bp/graduate-oslo-context
Change-Id: I27dd50a61d364e1698823629e2676c10ced50af3
Use a threading.local instance to store the current RequestContext, with
an option to not overwrite an existing context.
bp/graduate-oslo-context
Change-Id: I000cb13392ee21258dc2a91683294dc9ff2aeb8f
Use an application-agnostic term for the resource the context is
attached to.
bp/app-agnostic-logging-parameters
Change-Id: I548120770d0f11a2af56f07d0902433a8c7c98fe
Jay Faulkner