yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1351038] [NEW] Add OS-FEDERATION to scoped federation tokens

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Steve Martinelli <stevemar@xxxxxxxxxx>
Date: Thu, 31 Jul 2014 20:16:12 -0000
Reply-to: Bug 1351038 <1351038@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Currently, when a federated user gets a token, it has an OS-FEDERATION
section under 'user', which contains information about the idp and
protocol.

However when the same user uses the unscoped token to get a scoped
token, we should put the same information in there as well. This will
help support revocation events for federated tokens, i.e. revoking all
tokens based on IDP id.

** Affects: keystone
     Importance: Undecided
     Assignee: Steve Martinelli (stevemar)
         Status: In Progress

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1351038

Title:
  Add OS-FEDERATION to scoped federation tokens

Status in OpenStack Identity (Keystone):
  In Progress

Bug description:
  Currently, when a federated user gets a token, it has an OS-FEDERATION
  section under 'user', which contains information about the idp and
  protocol.

  However when the same user uses the unscoped token to get a scoped
  token, we should put the same information in there as well. This will
  help support revocation events for federated tokens, i.e. revoking all
  tokens based on IDP id.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1351038/+subscriptions

Follow ups

[Bug 1351038] Re: Add OS-FEDERATION to scoped federation tokens
From: Thierry Carrez, 2014-09-04
[Bug 1351038] [NEW] Add OS-FEDERATION to scoped federation tokens
From: Steve Martinelli, 2014-07-31

References

[Bug 1351038] [NEW] Add OS-FEDERATION to scoped federation tokens
From: Steve Martinelli, 2014-07-31