Newton Series Release Notes

2.12.3

Bug Fixes

  • [bug 1616105] Only log the response body when the Content-Type header is set to application/json. This avoids logging large binary objects (such as images). Other Content-Type will not be logged. Additional Content-Type strings can be added as required.

  • The X-Service-Token header value is now properly masked, and is displayed as a hash value, in the log.

2.12.0

Prelude

HTTP connections work under Windows Subsystem for Linux

Bug Fixes

  • [bug 1614688] HTTP connections were failing under Windows subsystem for Linux because TCP_KEEPCNT was being set and that environment does not support such override yet.

2.10.0

Prelude

Add the prompt parameter to loader Opts

Allow specifying additional_headers to the session and the adapter to add headers to all requests that pass through these objects.

New Features

  • Add support for the Client Credentials OpenID Connect grant type.

  • Add support for the OpenID Connect Discovery Document into the OpenID Connect related plugins. Now it is possible to only pass the discovery-url option and the plugins will try to fetch the required metadata from there.

  • The prompt parameter was added to the Opts provided by auth plugins. The presence of the prompt parameter on an Option will indicate to plugin loaders that it is ok to prompt the user for input for this parameter if none is provided initially. Actual implementation of this prompting mechanism will be handled by the individual loaders such as os-client-config.

  • Add the ability to provide additional_headers to the session and adapter object. This will allow clients particularly to provide additional ways to identify their requests. It will also hopefully provide an intermediate way to handle setting microversions until we support them directly with keystoneauth.

Bug Fixes

  • [bug 1583682] OpenID Connect plugins should support OpenID Connect Discovery.

2.9.0

New Features

  • [blueprint totp-auth] Add an auth plugin to handle Time-Based One-Time Password (TOTP) authentication via the totp method. This new plugin will accept the following identity options: - user-id: user ID - username: username - user-domain-id: user’s domain ID - user-domain-name: user’s domain name - passcode: passcode generated by TOTP app or device User is uniquely identified by either user-id or combination of username and user-domain-id or user-domain-name.

Bug Fixes

  • Fix passing scope parameters in Oidc* auth plugins. [Bug 1582774]

2.8.0

New Features

  • Added a new OidcAccessToken plugin, accessible via the ‘v3oidcaccesstoken’ entry point, making possible to authenticate using an existing OpenID Connect Access token.

Bug Fixes

  • [bug 1583780] OpenID connect support should include authenticating using directly an access token.