We jubilantly announce the release of: keystonemiddleware 6.0.0: Middleware for OpenStack Identity This release is part of the stein release series. The source is available from: https://git.openstack.org/cgit/openstack/keystonemiddleware Download the package from: https://pypi.org/project/keystonemiddleware Please report issues through launchpad: https://bugs.launchpad.net/keystonemiddleware For more details, please see below. 6.0.0 ^^^^^ New Features ************ * [bug 1803940 (https://bugs.launchpad.net/keystonemiddleware/+bug/1803940)] Request ID and global request ID have been added to CADF notifications. Bug Fixes ********* * [bug 1649735 (https://bugs.launchpad.net/keystone/+bug/1649735)] The auth_token middleware no longer attempts to retrieve the revocation list from the Keystone server. The deprecated options *check_revocations_for_cached* and *check_revocations_for_cached* have been removed. * [bug 1800017 (https://bugs.launchpad.net/keystonemiddleware/+bug/1800017)] Fix audit middleware service catalog parsing for the scenario where a service does not contain any endpoints. In that case, we should just skip over that service. * [bug 1809101 (https://bugs.launchpad.net/keystonemiddleware/+bug/1809101)] Fix req.context of Keystone audit middleware and Glance conflict with each other issue. The audit middleware now stores the admin context to req.environ['audit.context']. * [bug 1813739 (https://bugs.launchpad.net/keystonemiddleware/+bug/1813739)] When admin identity endpoint is not created yet, keystonemiddleware emit EndpointNotFound exception. Even after admin identity endpoint created, auth_token middleware could not be notified of update since it does not invalidate existing auth. Add an invalidation step so that endpoint updates can be detected. * [bug 1797584 (https://bugs.launchpad.net/keystonemiddleware/+bug/1797584)] Fixed a bug where the audit code would select the wrong target service if the OpenStack service endpoints were not using unique TCP ports. Changes in keystonemiddleware 5.3.0..6.0.0 ------------------------------------------ caa899b Fix service_token_role_required option ca76ced add python 3.7 unit test job 1360bab trivial: fix convention in release note 4e51cb8 Add auth invalidation in auth_token for identity endpoint update 1e1f971 Remove testr.conf as it's been replaced by stestr 82707e1 Make sure audit middleware use own context c4e81b3 Trivial: Update pypi url to new url 58c5115 Change openstack-dev to openstack-discuss f2f5820 Added request_id and global_request_id to CADF notifications d381514 Add py36 tox environment 67fc715 Documentation Fix - auth_url Port Number 7e1b536 Stop supporting revocation list 782729b Fix audit target service selection 6779838 Skip the services with no endpoints when parsing service catalog 0c0eae3 Expect paste.deploy and gnocchi/panko options Diffstat (except docs and test files) ------------------------------------- .testr.conf | 8 - .zuul.yaml | 1 + README.rst | 4 +- examples/pki/gen_cmsz.py | 38 --- keystonemiddleware/_common/config.py | 11 +- keystonemiddleware/audit/__init__.py | 7 +- keystonemiddleware/audit/_api.py | 21 +- keystonemiddleware/auth_token/__init__.py | 50 +-- keystonemiddleware/auth_token/_identity.py | 25 +- keystonemiddleware/auth_token/_opts.py | 18 -- keystonemiddleware/auth_token/_revocations.py | 128 -------- .../unit/auth_token/test_auth_token_middleware.py | 341 +-------------------- .../notes/bug-1649735-3c68f3243e474775.yaml | 8 + .../notes/bug-1800017-0e5a9b8f62b5ca60.yaml | 7 + .../notes/bug-1803940-9a39c66014763af0.yaml | 5 + .../notes/bug-1809101-6b5088443d5970ba.yaml | 7 + .../notes/bug-1813739-80eae72371903119.yaml | 9 + ...no-service-endpoint-ports-72b2009d631dcf19.yaml | 6 + setup.cfg | 2 +- tox.ini | 2 +- 26 files changed, 186 insertions(+), 772 deletions(-)