Newton Series Release Notes¶
[bug 1616105] Only log the response body when the
Content-Typeheader is set to
application/json. This avoids logging large binary objects (such as images). Other
Content-Typewill not be logged. Additional
Content-Typestrings can be added as required.
X-Service-Tokenheader value is now properly masked, and is displayed as a hash value, in the log.
HTTP connections work under Windows Subsystem for Linux
[bug 1614688] HTTP connections were failing under Windows subsystem for Linux because TCP_KEEPCNT was being set and that environment does not support such override yet.
Add the prompt parameter to loader Opts
Allow specifying additional_headers to the session and the adapter to add headers to all requests that pass through these objects.
Add support for the Client Credentials OpenID Connect grant type.
Add support for the OpenID Connect Discovery Document into the OpenID Connect related plugins. Now it is possible to only pass the discovery-url option and the plugins will try to fetch the required metadata from there.
The prompt parameter was added to the Opts provided by auth plugins. The presence of the prompt parameter on an Option will indicate to plugin loaders that it is ok to prompt the user for input for this parameter if none is provided initially. Actual implementation of this prompting mechanism will be handled by the individual loaders such as os-client-config.
Add the ability to provide additional_headers to the session and adapter object. This will allow clients particularly to provide additional ways to identify their requests. It will also hopefully provide an intermediate way to handle setting microversions until we support them directly with keystoneauth.
[bug 1583682] OpenID Connect plugins should support OpenID Connect Discovery.
[blueprint totp-auth] Add an auth plugin to handle Time-Based One-Time Password (TOTP) authentication via the
totpmethod. This new plugin will accept the following identity options: -
user-id: user ID -
username: username -
user-domain-id: user’s domain ID -
user-domain-name: user’s domain name -
passcode: passcode generated by TOTP app or device User is uniquely identified by either
user-idor combination of
Fix passing scope parameters in Oidc* auth plugins. [Bug 1582774]
Added a new OidcAccessToken plugin, accessible via the ‘v3oidcaccesstoken’ entry point, making possible to authenticate using an existing OpenID Connect Access token.
[bug 1583780] OpenID connect support should include authenticating using directly an access token.