1043700 – [RFE][python-keystoneclient]: Endpoint Versioning

Bug 1043700 - [RFE][python-keystoneclient]: Endpoint Versioning

Summary: [RFE][python-keystoneclient]: Endpoint Versioning

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	RFEs
Sub Component:
Version:	unspecified
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	RHOS Maint
QA Contact:
Docs Contact:
URL:	https://blueprints.launchpad.net/pyth...
Whiteboard:	upstream_milestone_none upstream_stat...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-12-17 00:41 UTC by RHOS Integration
Modified:	2015-03-19 17:44 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-03-19 17:44:46 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description RHOS Integration 2013-12-17 00:41:24 UTC

Cloned from launchpad blueprint https://blueprints.launchpad.net/python-keystoneclient/+spec/endpoint-versioning.

Description:

The following is written based on the python-openstack common cli (OSC) but I think it is true for any of the clients attempting to talk to Keystone.

For OSC, to specify the version, the user passes in

--os-identity-api-version=3
or
--os-identity-api-version=2.0

No other values are currently supported.

0 Always strip any final / from the auth_url before proceeding
1. If the auth_url ends in v3, assume the v3 api
2. If the auth_url ends in v2.0 assume the v2 api
3. If the auth_url does not end in either of the above, assume the v3 api.
4. If the user specifies an API version to use, that should override the above.
5. If the request API version does not match the URL, attempt to compose a valid URL
5.1 If the user wants the v2.0 api and the URL ends in /v3, remove the /v3 and append /v2.0
5.2 If the user wants the v3 api and the URL ends in /v2.0, remove the /v2.0 and append /v3 and the URL does not end in /v3, append /v3
5.3 If the user wants the v2.0 api and the URL ends in /v2.0, use the URL as is
5.4 If the user wants the v3 api and the URL ends in /v3, use the URL as is
5.5 Otherwise, attempt to do auth_url discovery:

Discovery is basically: Assume the auth URL is the root of the tree. Do an unauthenticated fetch on the URL. Search through the resulting JSON for the "versions" key, which should contain an array. Iterate through the members of the this collection until one has an "id" attribute that matches the requested API version, and select the corresponding "self" link as the auth_url from that point forward.

We don't want to do discover on every request, as it is expensive (complete round trip). Once it has been performed, the updated AUTH_URL should be cached. This is a tricky proposition, as the only updatable store is the python-keystore. We don't want to prevent someone from updating their AUTH_URL if the server gets upgraded.

Specification URL (additional information):

None

Note You need to log in before you can comment on or make changes to this bug.