Bug 1042944

Summary: [RFE][keystone]: COnvert Token Provider into Pipelie
Product: Red Hat OpenStack Reporter: RHOS Integration <rhos-integ>
Component: RFEsAssignee: RHOS Maint <rhos-maint>
Status: CLOSED UPSTREAM QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: markmc, yeylon
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/keystone/+spec/pipeline-token-provider
Whiteboard: upstream_milestone_none upstream_status_unknown upstream_definition_discussion
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-19 17:03:20 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description RHOS Integration 2013-12-13 16:43:53 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/keystone/+spec/pipeline-token-provider.

Description:

To modify the token provider requires completely replacing the existing code and either subclassing it or reimplementing it. 

The token provider instead will be a pipeline of components that perform the following tasks by default:

# authenticate the user
# gather a list of groups for the user
# map the groups and userid to role assignments
# select the subset of the service catalog to include in the document
# package the data into a document
# sign the document
# assign a userid
# record the document to persistant store
# return the document

Each of these stages will be implemented by a component that has a standard interface
Any one of these steps can be replaced with a component that implements the same interface as the existing one
additional pipeline components can be inserted provided they implement the standard interface

the pipeline components will be specified by paste or a comparable text file configuration.



Specification URL (additional information):

None