commit 8ab64b3236c93c8449edf80165017898b83f1269
author Dirk Mueller <dirk@dmllr.de> Fri Nov 17 19:52:29 2017 +0100
committer Jens Harbott <j.harbott@x-ion.de> Fri Jun 28 16:28:03 2019 +0000
tree dc7f6c4055bb851efbe4d8cc03d71f9db8749d9b
parent 20190ee83ab05f6b4b39690a6ac6c2286eefa5da

Drop signing_dir option from configure_auth_token_middleware

This is no longer being used due to Keystone PKI tokens no longer
being implemented.

In order to not break backward compatibility we create a new function
that is to be used instead and deprecate the old one. Modify the old
function to ignore the 3rd argument and display a deprecation warning.
Adjust callers to no longer create and set that directory, calling the
new function instead.

Change-Id: Id0dec1ba72467cce5cacfcfdb2bc0af2bd3a3610

lib/keystone

diff --git a/lib/keystone b/lib/keystone
index 02e2822..5bd552f 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -397,18 +397,17 @@
     fi
 }
 
-# Configure the service to use the auth token middleware.
+# Configure a service to use the auth token middleware.
 #
-# configure_auth_token_middleware conf_file admin_user signing_dir [section]
+# configure_keystone_authtoken_middleware conf_file admin_user IGNORED [section]
 #
 # section defaults to keystone_authtoken, which is where auth_token looks in
 # the .conf file. If the paste config file is used (api-paste.ini) then
 # provide the section name for the auth_token filter.
-function configure_auth_token_middleware {
+function configure_keystone_authtoken_middleware {
     local conf_file=$1
     local admin_user=$2
-    local signing_dir=$3
-    local section=${4:-keystone_authtoken}
+    local section=${3:-keystone_authtoken}
 
     iniset $conf_file $section auth_type password
     iniset $conf_file $section auth_url $KEYSTONE_SERVICE_URI
@@ -419,10 +418,16 @@
     iniset $conf_file $section project_domain_name "$SERVICE_DOMAIN_NAME"
 
     iniset $conf_file $section cafile $SSL_BUNDLE_FILE
-    iniset $conf_file $section signing_dir $signing_dir
     iniset $conf_file $section memcached_servers localhost:11211
 }
 
+# configure_auth_token_middleware conf_file admin_user IGNORED [section]
+# TODO(frickler): old function for backwards compatibility, remove in U cycle
+function configure_auth_token_middleware {
+    echo "WARNING: configure_auth_token_middleware is deprecated, use configure_keystone_authtoken_middleware instead"
+    configure_keystone_authtoken_middleware $1 $2 $4
+}
+
 # init_keystone() - Initialize databases, etc.
 function init_keystone {
     if is_service_enabled ldap; then