Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-keystonemiddleware for
openSUSE:Factory checked in at 2025-11-10 19:18:26
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-keystonemiddleware (Old)
and /work/SRC/openSUSE:Factory/.python-keystonemiddleware.new.1980 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-keystonemiddleware"
Mon Nov 10 19:18:26 2025 rev:20 rq:1316920 version:10.12.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-keystonemiddleware/python-keystonemiddleware.changes
2024-09-04 13:23:47.367671215 +0200
+++
/work/SRC/openSUSE:Factory/.python-keystonemiddleware.new.1980/python-keystonemiddleware.changes
2025-11-10 19:18:57.860428665 +0100
@@ -1,0 +2,36 @@
+Mon Nov 10 13:13:55 UTC 2025 - Dirk Müller <[email protected]>
+
+- add conflicts/obsoletes
+
+-------------------------------------------------------------------
+Sun Nov 9 18:30:58 UTC 2025 - Dirk Müller <[email protected]>
+
+- update to 10.12.0:
+ * Remove Python 3.9 support
+ * Revert "Switch from python-memcache to pymemcache"
+ * Revert "Strip inet(6) prefix"
+ * Add TLS support to MemcacheClientPool
+ * add pyproject.toml to support pip 23.1
+ * Strip inet(6) prefix
+ * Apply upper constraints to build documentation
+ * Update master for stable/2025.1
+ * Switch from python-memcache to pymemcache
+ * Imported Translations from Zanata
+- switch to singlespec
+
+-------------------------------------------------------------------
+Tue Jul 1 22:35:56 UTC 2025 - Dirk Müller <[email protected]>
+
+- update to 10.9.0:
+ * Fix memcached dependencies's doc bug
+ * Imported Translations from Zanata
+ * Remove Python 3.8 support
+ * Use oslo.utils to escape IPv6 address
+ * Get rid of pkg\_resources
+ * Replace deprecated constant\_time\_compare
+ * Bump hacking (slightly)
+ * Update master for stable/2024.2
+ * s3token: Fix usage of removed Identity v2 API
+ * Imported Translations from Zanata
+
+-------------------------------------------------------------------
Old:
----
_service
keystonemiddleware-10.7.1.tar.gz
New:
----
keystonemiddleware-10.12.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-keystonemiddleware.spec ++++++
--- /var/tmp/diff_new_pack.ZztFAu/_old 2025-11-10 19:18:58.588459164 +0100
+++ /var/tmp/diff_new_pack.ZztFAu/_new 2025-11-10 19:18:58.588459164 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-keystonemiddleware
#
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,37 +17,59 @@
Name: python-keystonemiddleware
-Version: 10.7.1
+Version: 10.12.0
Release: 0
Summary: Middleware for OpenStack Identity
License: Apache-2.0
Group: Development/Languages/Python
URL: https://docs.openstack.org/keystonemiddleware
-Source0:
https://files.pythonhosted.org/packages/source/k/keystonemiddleware/keystonemiddleware-10.7.1.tar.gz
+Source0:
https://files.pythonhosted.org/packages/source/k/keystonemiddleware/keystonemiddleware-%{version}.tar.gz
+BuildRequires: %{python_module WebOb >= 1.7.1}
+BuildRequires: %{python_module WebTest}
+BuildRequires: %{python_module cryptography}
+BuildRequires: %{python_module fixtures}
+BuildRequires: %{python_module keystoneauth1 >= 3.12.0}
+BuildRequires: %{python_module keystoneclient >= 3.20.0}
+BuildRequires: %{python_module oslo.cache >= 1.26.0}
+BuildRequires: %{python_module oslo.config >= 5.2.0}
+BuildRequires: %{python_module oslo.context >= 2.19.2}
+BuildRequires: %{python_module oslo.i18n >= 3.15.3}
+BuildRequires: %{python_module oslo.messaging}
+BuildRequires: %{python_module oslo.serialization >= 2.18.0}
+BuildRequires: %{python_module oslo.utils >= 3.33.0}
+BuildRequires: %{python_module oslotest}
+BuildRequires: %{python_module pip}
+BuildRequires: %{python_module pycadf >= 1.1.0}
+BuildRequires: %{python_module python-memcached}
+BuildRequires: %{python_module requests >= 2.14.2}
+BuildRequires: %{python_module requests-mock}
+BuildRequires: %{python_module stestr}
+BuildRequires: %{python_module stevedore}
+BuildRequires: %{python_module testresources}
+BuildRequires: %{python_module testtools}
+BuildRequires: %{python_module wheel}
BuildRequires: openstack-macros
-BuildRequires: python3-WebOb >= 1.7.1
-BuildRequires: python3-WebTest
-BuildRequires: python3-cryptography
-BuildRequires: python3-fixtures
-BuildRequires: python3-keystoneauth1 >= 3.12.0
-BuildRequires: python3-keystoneclient >= 3.20.0
-BuildRequires: python3-oslo.cache >= 1.26.0
-BuildRequires: python3-oslo.config >= 5.2.0
-BuildRequires: python3-oslo.context >= 2.19.2
-BuildRequires: python3-oslo.i18n >= 3.15.3
-BuildRequires: python3-oslo.messaging
-BuildRequires: python3-oslo.serialization >= 2.18.0
-BuildRequires: python3-oslo.utils >= 3.33.0
-BuildRequires: python3-oslotest
-BuildRequires: python3-pycadf >= 1.1.0
-BuildRequires: python3-python-memcached
-BuildRequires: python3-requests >= 2.14.2
-BuildRequires: python3-requests-mock
-BuildRequires: python3-stestr
-BuildRequires: python3-stevedore
-BuildRequires: python3-testresources
-BuildRequires: python3-testtools
+Requires: python-WebOb >= 1.7.1
+Requires: python-keystoneauth1 >= 3.12.0
+Requires: python-keystoneclient >= 3.20.0
+Requires: python-oslo.cache >= 1.26.0
+Requires: python-oslo.config >= 5.2.0
+Requires: python-oslo.context >= 2.19.2
+Requires: python-oslo.i18n >= 3.15.3
+Requires: python-oslo.log >= 3.36.0
+Requires: python-oslo.messaging
+Requires: python-oslo.serialization >= 2.18.0
+Requires: python-oslo.utils >= 3.33.0
+Requires: python-pycadf >= 1.1.0
+Requires: python-python-memcached
+Requires: python-requests >= 2.14.2
BuildArch: noarch
+%if "python%{python_nodots_ver}" == "%{primary_python}"
+Obsoletes: python3-keystonemiddleware < %{version}
+%else
+Conflicts: python3-keystonemiddleware < %{version}
+%endif
+%python_subpackages
%description
This package contains middleware modules designed to provide authentication
@@ -55,31 +77,6 @@
The most prominent module is keystonemiddleware.auth_token. This package
does not expose any CLI or Python API features.
-%package -n python3-keystonemiddleware
-Summary: Middleware for OpenStack Identity
-Requires: python3-WebOb >= 1.7.1
-Requires: python3-keystoneauth1 >= 3.12.0
-Requires: python3-keystoneclient >= 3.20.0
-Requires: python3-oslo.cache >= 1.26.0
-Requires: python3-oslo.config >= 5.2.0
-Requires: python3-oslo.context >= 2.19.2
-Requires: python3-oslo.i18n >= 3.15.3
-Requires: python3-oslo.log >= 3.36.0
-Requires: python3-oslo.messaging
-Requires: python3-oslo.serialization >= 2.18.0
-Requires: python3-oslo.utils >= 3.33.0
-Requires: python3-pycadf >= 1.1.0
-Requires: python3-python-memcached
-Requires: python3-requests >= 2.14.2
-
-%description -n python3-keystonemiddleware
-This package contains middleware modules designed to provide authentication
-and authorization features to web services other than Keystone
-The most prominent module is keystonemiddleware.auth_token. This package
-does not expose any CLI or Python API features.
-
-This package contains the Python 3.x module
-
%package -n python-keystonemiddleware-doc
Summary: Documentation for Middleware for OpenStack Identity
BuildRequires: python3-Sphinx
@@ -91,18 +88,17 @@
Documentation for Middleware for OpenStack Identity.
%prep
-%autosetup -p1 -n keystonemiddleware-10.7.1
-%py_req_cleanup
+%autosetup -p1 -n keystonemiddleware-%{version}
%build
-%{py3_build}
+%pyproject_wheel
%install
-%{py3_install}
+%pyproject_install
# generate html docs
export PYTHONPATH=.
-PBR_VERSION=%{version} %sphinx_build -b html doc/source doc/build/html
+sphinx-build -b html doc/source doc/build/html
# remove the sphinx-build leftovers
rm -rf doc/build/html/.{doctrees,buildinfo}
@@ -110,11 +106,11 @@
rm -v keystonemiddleware/tests/unit/audit/test_logging_notifier.py
%{openstack_stestr_run}
-%files -n python3-keystonemiddleware
+%files %{python_files}
%license LICENSE
-%doc ChangeLog README.rst
-%{python3_sitelib}/keystonemiddleware
-%{python3_sitelib}/*.egg-info
+%doc README.rst
+%{python_sitelib}/keystonemiddleware
+%{python_sitelib}/keystonemiddleware-%{version}.dist-info
%files -n python-keystonemiddleware-doc
%doc doc/build/html
++++++ keystonemiddleware-10.7.1.tar.gz -> keystonemiddleware-10.12.0.tar.gz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/AUTHORS
new/keystonemiddleware-10.12.0/AUTHORS
--- old/keystonemiddleware-10.7.1/AUTHORS 2024-08-30 16:23:40.000000000
+0200
+++ new/keystonemiddleware-10.12.0/AUTHORS 2025-08-21 11:34:47.000000000
+0200
@@ -112,6 +112,7 @@
Liem Nguyen <[email protected]>
Lin Hua Cheng <[email protected]>
LiuNanke <[email protected]>
+Luca Miccini <[email protected]>
Lucas Alvares Gomes <[email protected]>
Marek Denis <[email protected]>
Maru Newby <[email protected]>
@@ -178,6 +179,7 @@
Vieri <[email protected]>
Vishakha Agarwal <[email protected]>
Vishvananda Ishaya <[email protected]>
+Watanabe Koya <[email protected]>
Wu Wenxiang <[email protected]>
Yaguang Tang <[email protected]>
Yang Youseok <[email protected]>
@@ -209,6 +211,7 @@
mathrock <[email protected]>
melissaml <[email protected]>
nachiappan-veerappan-nachiappan <[email protected]>
+niuke <[email protected]>
pengyuesheng <[email protected]>
sunyonggen <[email protected]>
termie <[email protected]>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/ChangeLog
new/keystonemiddleware-10.12.0/ChangeLog
--- old/keystonemiddleware-10.7.1/ChangeLog 2024-08-30 16:23:39.000000000
+0200
+++ new/keystonemiddleware-10.12.0/ChangeLog 2025-08-21 11:34:47.000000000
+0200
@@ -1,6 +1,47 @@
CHANGES
=======
+10.12.0
+-------
+
+* Remove Python 3.9 support
+* Revert "Switch from python-memcache to pymemcache"
+* Revert "Strip inet(6) prefix"
+
+10.11.0
+-------
+
+* Add TLS support to MemcacheClientPool
+* add pyproject.toml to support pip 23.1
+* Strip inet(6) prefix
+
+10.10.0
+-------
+
+* Apply upper constraints to build documentation
+* Update master for stable/2025.1
+* Switch from python-memcache to pymemcache
+* Imported Translations from Zanata
+
+10.9.0
+------
+
+* Fix memcached dependencies's doc bug
+* reno: Update master for unmaintained/2023.1
+
+10.8.0
+------
+
+* Imported Translations from Zanata
+* Remove Python 3.8 support
+* Use oslo.utils to escape IPv6 address
+* Get rid of pkg\_resources
+* Replace deprecated constant\_time\_compare
+* Bump hacking (slightly)
+* Update master for stable/2024.2
+* s3token: Fix usage of removed Identity v2 API
+* Imported Translations from Zanata
+
10.7.1
------
@@ -21,7 +62,9 @@
------
* reno: Update master for unmaintained/yoga
+* tox: Drop envdir
* Update python classifier in setup.cfg
+* Remove unnecessary setup\_hook
* Python 3.12: do not use utcnow()
* Update master for stable/zed
@@ -31,6 +74,7 @@
* Update master for stable/2023.2
* External OAuth2.0 Authorization Server Support
* External OAuth2.0 Authorization Server Support
+* Use TOX\_CONSTRAINTS\_FILE
10.4.1
------
@@ -60,6 +104,7 @@
* Remove cache invalidation when using expired token
* Fix pep8 gate
+* Support SASL for memcached
* Imported Translations from Zanata
10.1.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/PKG-INFO
new/keystonemiddleware-10.12.0/PKG-INFO
--- old/keystonemiddleware-10.7.1/PKG-INFO 2024-08-30 16:23:40.234109400
+0200
+++ new/keystonemiddleware-10.12.0/PKG-INFO 2025-08-21 11:34:47.926037800
+0200
@@ -1,51 +1,10 @@
Metadata-Version: 2.1
Name: keystonemiddleware
-Version: 10.7.1
+Version: 10.12.0
Summary: Middleware for OpenStack Identity
Home-page: https://docs.openstack.org/keystonemiddleware/latest/
Author: OpenStack
Author-email: [email protected]
-License: UNKNOWN
-Description: ========================
- Team and repository tags
- ========================
-
- .. image::
https://governance.openstack.org/tc/badges/keystonemiddleware.svg
- :target:
https://governance.openstack.org/tc/reference/tags/index.html
-
- .. Change things from this point on
-
- Middleware for the OpenStack Identity API (Keystone)
- ====================================================
-
- .. image:: https://img.shields.io/pypi/v/keystonemiddleware.svg
- :target: https://pypi.org/project/keystonemiddleware/
- :alt: Latest Version
-
- .. image:: https://img.shields.io/pypi/dm/keystonemiddleware.svg
- :target: https://pypi.org/project/keystonemiddleware/
- :alt: Downloads
-
- This package contains middleware modules designed to provide
authentication and
- authorization features to web services other than `Keystone
- <https://github.com/openstack/keystone>`. The most prominent module is
- ``keystonemiddleware.auth_token``. This package does not expose any
CLI or
- Python API features.
-
- For information on contributing, see ``CONTRIBUTING.rst``.
-
- * License: Apache License, Version 2.0
- * Documentation: https://docs.openstack.org/keystonemiddleware/latest/
- * Source: https://opendev.org/openstack/keystonemiddleware
- * Bugs: https://bugs.launchpad.net/keystonemiddleware
- * Release notes:
https://docs.openstack.org/releasenotes/keystonemiddleware/
-
- For any other information, refer to the parent project, Keystone:
-
- https://github.com/openstack/keystone
-
-
-Platform: UNKNOWN
Classifier: Environment :: OpenStack
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
@@ -55,10 +14,81 @@
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3 :: Only
-Classifier: Programming Language :: Python :: 3.8
-Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
-Requires-Python: >=3.8
-Provides-Extra: audit_notifications
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.10
+License-File: LICENSE
+Requires-Dist: keystoneauth1>=3.12.0
+Requires-Dist: oslo.cache>=3.11.0
+Requires-Dist: oslo.config>=5.2.0
+Requires-Dist: oslo.context>=2.19.2
+Requires-Dist: oslo.i18n>=3.15.3
+Requires-Dist: oslo.log>=3.36.0
+Requires-Dist: oslo.serialization>=2.18.0
+Requires-Dist: oslo.utils>=3.33.0
+Requires-Dist: pbr>=2.0.0
+Requires-Dist: pycadf>=1.1.0
+Requires-Dist: PyJWT>=2.4.0
+Requires-Dist: python-keystoneclient>=3.20.0
+Requires-Dist: requests>=2.14.2
+Requires-Dist: WebOb>=1.7.1
+Provides-Extra: audit-notifications
+Requires-Dist: oslo.messaging>=5.29.0; extra == "audit-notifications"
Provides-Extra: test
+Requires-Dist: hacking~=6.1.0; extra == "test"
+Requires-Dist: flake8-docstrings~=1.7.0; extra == "test"
+Requires-Dist: coverage>=4.0; extra == "test"
+Requires-Dist: cryptography>=3.0; extra == "test"
+Requires-Dist: fixtures>=3.0.0; extra == "test"
+Requires-Dist: oslotest>=3.2.0; extra == "test"
+Requires-Dist: stevedore>=1.20.0; extra == "test"
+Requires-Dist: requests-mock>=1.2.0; extra == "test"
+Requires-Dist: stestr>=2.0.0; extra == "test"
+Requires-Dist: testresources>=2.0.0; extra == "test"
+Requires-Dist: testtools>=2.2.0; extra == "test"
+Requires-Dist: python-binary-memcached>=0.29.0; extra == "test"
+Requires-Dist: python-memcached>=1.59; extra == "test"
+Requires-Dist: WebTest>=2.0.27; extra == "test"
+Requires-Dist: oslo.messaging>=5.29.0; extra == "test"
+Requires-Dist: PyJWT>=2.4.0; extra == "test"
+Requires-Dist: bandit>=1.1.0; extra == "test"
+
+========================
+Team and repository tags
+========================
+
+.. image:: https://governance.openstack.org/tc/badges/keystonemiddleware.svg
+ :target: https://governance.openstack.org/tc/reference/tags/index.html
+
+.. Change things from this point on
+
+Middleware for the OpenStack Identity API (Keystone)
+====================================================
+
+.. image:: https://img.shields.io/pypi/v/keystonemiddleware.svg
+ :target: https://pypi.org/project/keystonemiddleware/
+ :alt: Latest Version
+
+.. image:: https://img.shields.io/pypi/dm/keystonemiddleware.svg
+ :target: https://pypi.org/project/keystonemiddleware/
+ :alt: Downloads
+
+This package contains middleware modules designed to provide authentication and
+authorization features to web services other than `Keystone
+<https://github.com/openstack/keystone>`. The most prominent module is
+``keystonemiddleware.auth_token``. This package does not expose any CLI or
+Python API features.
+
+For information on contributing, see ``CONTRIBUTING.rst``.
+
+* License: Apache License, Version 2.0
+* Documentation: https://docs.openstack.org/keystonemiddleware/latest/
+* Source: https://opendev.org/openstack/keystonemiddleware
+* Bugs: https://bugs.launchpad.net/keystonemiddleware
+* Release notes: https://docs.openstack.org/releasenotes/keystonemiddleware/
+
+For any other information, refer to the parent project, Keystone:
+
+ https://github.com/openstack/keystone
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/doc/requirements.txt
new/keystonemiddleware-10.12.0/doc/requirements.txt
--- old/keystonemiddleware-10.7.1/doc/requirements.txt 2024-08-30
16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/doc/requirements.txt 2025-08-21
11:33:29.000000000 +0200
@@ -12,11 +12,12 @@
oslotest>=3.2.0 # Apache-2.0
requests-mock>=1.2.0 # Apache-2.0
testresources>=2.0.0 # Apache-2.0/BSD
+python-binary-memcached>=0.29.0 # MIT
python-memcached>=1.56 # PSF
WebTest>=2.0.27 # MIT
oslo.messaging>=5.29.0 # Apache-2.0
pycadf>=1.1.0 # Apache-2.0
PyJWT>=2.4.0 # MIT
keystoneauth1>=3.12.0 # Apache-2.0
-oslo.cache>=1.26.0 # Apache-2.0
+oslo.cache>=3.11.0 # Apache-2.0
python-keystoneclient>=3.20.0 # Apache-2.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/doc/source/middlewarearchitecture.rst
new/keystonemiddleware-10.12.0/doc/source/middlewarearchitecture.rst
--- old/keystonemiddleware-10.7.1/doc/source/middlewarearchitecture.rst
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/doc/source/middlewarearchitecture.rst
2025-08-21 11:33:29.000000000 +0200
@@ -402,12 +402,12 @@
In order to use `memcached`_ it is necessary to install the `python-memcached`_
library. If data stored in `memcached`_ will need to be encrypted it is also
-necessary to install the `pycrypto`_ library. These libs are not listed in
+necessary to install the `cryptography`_ library. These libs are not listed in
the requirements.txt file.
.. _`memcached`: http://memcached.org/
.. _`python-memcached`: https://pypi.org/project/python-memcached
-.. _`pycrypto`: https://pypi.org/project/pycrypto
+.. _`cryptography`: https://pypi.org/project/cryptography
Memcache Protection
===================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/_common/config.py
new/keystonemiddleware-10.12.0/keystonemiddleware/_common/config.py
--- old/keystonemiddleware-10.7.1/keystonemiddleware/_common/config.py
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware/_common/config.py
2025-08-21 11:33:29.000000000 +0200
@@ -10,7 +10,7 @@
# License for the specific language governing permissions and limitations
# under the License.
-import pkg_resources
+import importlib.metadata
from oslo_config import cfg
from oslo_log import log as logging
@@ -145,8 +145,8 @@
if project:
try:
- version = pkg_resources.get_distribution(project).version
- except pkg_resources.DistributionNotFound:
+ version = importlib.metadata.version(project)
+ except importlib.metadata.PackageNotFoundError:
version = "unknown"
project = "%s/%s " % (project, version)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/__init__.py
new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/__init__.py
--- old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/__init__.py
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/__init__.py
2025-08-21 11:33:29.000000000 +0200
@@ -219,6 +219,7 @@
import copy
import re
+import ssl
from keystoneauth1 import access
from keystoneauth1 import adapter
@@ -872,8 +873,29 @@
unused_timeout=self._conf.get('memcache_pool_unused_timeout'),
conn_get_timeout=self._conf.get('memcache_pool_conn_get_timeout'),
socket_timeout=self._conf.get('memcache_pool_socket_timeout'),
+ sasl_enabled=self._conf.get('memcache_sasl_enabled'),
+ username=self._conf.get('memcache_username'),
+ password=self._conf.get('memcache_password'),
+ tls_enabled=self._conf.get('memcache_tls_enabled'),
)
+ if self._conf.get('memcache_tls_enabled'):
+ tls_cafile = self._conf.get('memcache_tls_cafile')
+ tls_certfile = self._conf.get('memcache_tls_certfile')
+ tls_keyfile = self._conf.get('memcache_tls_keyfile')
+ tls_allowed_ciphers = self._conf.get(
+ 'memcache_tls_allowed_ciphers')
+
+ tls_context = ssl.create_default_context(cafile=tls_cafile)
+
+ if tls_certfile:
+ tls_context.load_cert_chain(tls_certfile, tls_keyfile)
+
+ if tls_allowed_ciphers:
+ tls_context.set_ciphers(tls_allowed_ciphers)
+
+ cache_kwargs['tls_context'] = tls_context
+
if security_strategy.lower() != 'none':
secret_key = self._conf.get('memcache_secret_key')
return _cache.SecureTokenCache(self.log,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/_auth.py
new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/_auth.py
--- old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/_auth.py
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/_auth.py
2025-08-21 11:33:29.000000000 +0200
@@ -15,6 +15,7 @@
from keystoneauth1 import plugin
from keystoneauth1 import token_endpoint
from oslo_config import cfg
+from oslo_utils import netutils
from keystonemiddleware.auth_token import _base
from keystonemiddleware.i18n import _
@@ -43,14 +44,8 @@
'removed in the Newton release, '
"use 'identity_uri' instead.")
- if ':' in auth_host:
- # Note(dzyu) it is an IPv6 address, so it needs to be wrapped
- # with '[]' to generate a valid IPv6 URL, based on
- # http://www.ietf.org/rfc/rfc2732.txt
- auth_host = '[%s]' % auth_host
-
identity_uri = '%s://%s:%s' % (auth_protocol,
- auth_host,
+ netutils.escape_ipv6(auth_host),
auth_port)
if auth_admin_prefix:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/_cache.py
new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/_cache.py
--- old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/_cache.py
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/_cache.py
2025-08-21 11:33:29.000000000 +0200
@@ -52,8 +52,11 @@
class _CachePool(list):
"""A lazy pool of cache references."""
- def __init__(self, memcached_servers, log):
+ def __init__(self, memcached_servers, log, arguments):
self._memcached_servers = memcached_servers
+ self._sasl_enabled = arguments.get("sasl_enabled", False)
+ self._username = arguments.get("username", None)
+ self._password = arguments.get("password", None)
if not self._memcached_servers:
log.warning(
"Using the in-process token cache is deprecated as of the "
@@ -73,8 +76,13 @@
except IndexError:
# the pool is empty, so we need to create a new client
if self._memcached_servers:
- import memcache
- c = memcache.Client(self._memcached_servers, debug=0)
+ if self._sasl_enabled:
+ import bmemcached
+ c = bmemcached.Client(self._memcached_servers,
+ self._username, self._password)
+ else:
+ import memcache
+ c = memcache.Client(self._memcached_servers, debug=0)
else:
c = _FakeClient()
@@ -88,12 +96,23 @@
"""An advanced memcached client pool that is eventlet safe."""
def __init__(self, memcache_servers, arguments, **kwargs):
- # NOTE(sileht): This will import python-memcached, we don't want
- # it as hard dependency, so lazy load it.
- from oslo_cache import _memcache_pool
- self._pool = _memcache_pool.MemcacheClientPool(memcache_servers,
- arguments,
- **kwargs)
+ # NOTE(sileht): This will import python-memcached and
+ # python-binary-memcached , we don't want it as hard
+ # dependency, so lazy load it.
+ self._sasl_enabled = arguments.pop("sasl_enabled", False)
+ self._tls_enabled = arguments.pop("tls_enabled", False)
+ if self._tls_enabled or self._sasl_enabled:
+ from oslo_cache import _bmemcache_pool
+ self._pool = _bmemcache_pool.BMemcacheClientPool(memcache_servers,
+ arguments,
+ **kwargs)
+ else:
+ from oslo_cache import _memcache_pool
+ arguments.pop("username", None)
+ arguments.pop("password", None)
+ self._pool = _memcache_pool.MemcacheClientPool(memcache_servers,
+ arguments,
+ **kwargs)
@contextlib.contextmanager
def reserve(self):
@@ -122,17 +141,23 @@
_CACHE_KEY_TEMPLATE = 'tokens/%s'
def __init__(self, log, cache_time=None,
- env_cache_name=None, memcached_servers=None,
+ env_cache_name=None, memcached_servers=None, tls_context=None,
use_advanced_pool=True, dead_retry=None, socket_timeout=None,
**kwargs):
self._LOG = log
self._cache_time = cache_time
self._env_cache_name = env_cache_name
self._memcached_servers = memcached_servers
+ self._tls_context = tls_context
self._use_advanced_pool = use_advanced_pool
self._arguments = {
'dead_retry': dead_retry,
- 'socket_timeout': socket_timeout
+ 'socket_timeout': socket_timeout,
+ 'sasl_enabled': kwargs.pop("sasl_enabled", False),
+ 'username': kwargs.pop("username", None),
+ 'password': kwargs.pop("password", None),
+ 'tls_enabled': kwargs.pop("tls_enabled", False),
+ 'tls_context': tls_context
}
self._memcache_pool_options = kwargs
@@ -156,7 +181,8 @@
"implementation from oslo.cache. This can be enabled"
"through config option memcache_use_advanced_pool = True")
- return _CachePool(self._memcached_servers, self._LOG)
+ return _CachePool(self._memcached_servers, self._LOG,
+ self._arguments)
def initialize(self, env):
if self._initialized:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/_memcache_crypt.py
new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/_memcache_crypt.py
---
old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/_memcache_crypt.py
2024-08-30 16:23:10.000000000 +0200
+++
new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/_memcache_crypt.py
2025-08-21 11:33:29.000000000 +0200
@@ -35,7 +35,6 @@
import os
from keystonemiddleware.i18n import _
-from oslo_utils import secretutils
try:
from cryptography.hazmat import backends as crypto_backends
@@ -203,7 +202,7 @@
signed_data[DIGEST_LENGTH_B64:])
# Then verify that it matches the provided value
- if not secretutils.constant_time_compare(provided_mac, calculated_mac):
+ if not hmac.compare_digest(provided_mac, calculated_mac):
raise InvalidMacError(_('Invalid MAC; data appears to be corrupted.'))
data = base64.b64decode(signed_data[DIGEST_LENGTH_B64:])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/_opts.py
new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/_opts.py
--- old/keystonemiddleware-10.7.1/keystonemiddleware/auth_token/_opts.py
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware/auth_token/_opts.py
2025-08-21 11:33:29.000000000 +0200
@@ -124,6 +124,32 @@
secret=True,
help='(Optional, mandatory if memcache_security_strategy is'
' defined) This string is used for key derivation.'),
+ cfg.BoolOpt('memcache_tls_enabled',
+ default=False,
+ help='(Optional) Global toggle for TLS usage when comunicating'
+ ' with the caching servers.'),
+ cfg.StrOpt('memcache_tls_cafile',
+ help='(Optional) Path to a file of concatenated CA certificates'
+ ' in PEM format necessary to establish the caching server\'s'
+ ' authenticity. If tls_enabled is False, this option is'
+ ' ignored.'),
+ cfg.StrOpt('memcache_tls_certfile',
+ help='(Optional) Path to a single file in PEM format containing'
+ ' the client\'s certificate as well as any number of CA'
+ ' certificates needed to establish the certificate\'s'
+ ' authenticity. This file is only required when client side'
+ ' authentication is necessary. If tls_enabled is False, this'
+ ' option is ignored.'),
+ cfg.StrOpt('memcache_tls_keyfile',
+ help='(Optional) Path to a single file containing the client\'s'
+ ' private key in. Otherwhise the private key will be taken from'
+ ' the file specified in tls_certfile. If tls_enabled is False,'
+ ' this option is ignored.'),
+ cfg.StrOpt('memcache_tls_allowed_ciphers',
+ help='(Optional) Set the available ciphers for sockets created'
+ ' with the TLS context. It should be a string in the OpenSSL'
+ ' cipher list format. If not specified, all OpenSSL enabled'
+ ' ciphers will be available.'),
cfg.IntOpt('memcache_pool_dead_retry',
default=5 * 60,
help='(Optional) Number of seconds memcached server is'
@@ -181,6 +207,16 @@
help='The name or type of the service as it appears in the'
' service catalog. This is used to validate tokens that have'
' restricted access rules.'),
+ cfg.BoolOpt('memcache_sasl_enabled',
+ default=False,
+ help='Enable the SASL(Simple Authentication and Security'
+ ' Layer) if the SASL_enable is true, else disable.'),
+ cfg.StrOpt('memcache_username',
+ default='',
+ help='the user name for the SASL'),
+ cfg.StrOpt('memcache_password',
+ default='',
+ help='the username password for SASL'),
]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/locale/en_GB/LC_MESSAGES/keystonemiddleware.po
new/keystonemiddleware-10.12.0/keystonemiddleware/locale/en_GB/LC_MESSAGES/keystonemiddleware.po
---
old/keystonemiddleware-10.7.1/keystonemiddleware/locale/en_GB/LC_MESSAGES/keystonemiddleware.po
2024-08-30 16:23:10.000000000 +0200
+++
new/keystonemiddleware-10.12.0/keystonemiddleware/locale/en_GB/LC_MESSAGES/keystonemiddleware.po
2025-08-21 11:33:29.000000000 +0200
@@ -1,13 +1,14 @@
# Andi Chandler <[email protected]>, 2017. #zanata
+# Andi Chandler <[email protected]>, 2024. #zanata
msgid ""
msgstr ""
"Project-Id-Version: keystonemiddleware VERSION\n"
"Report-Msgid-Bugs-To: https://bugs.launchpad.net/openstack-i18n/\n";
-"POT-Creation-Date: 2019-12-21 02:49+0000\n"
+"POT-Creation-Date: 2024-06-28 17:34+0000\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2017-10-17 07:06+0000\n"
+"PO-Revision-Date: 2024-07-18 10:19+0000\n"
"Last-Translator: Andi Chandler <[email protected]>\n"
"Language-Team: English (United Kingdom)\n"
"Language: en_GB\n"
@@ -17,6 +18,40 @@
msgid "Access key not provided"
msgstr "Access key not provided"
+msgid "An exception occurred during the token verification process."
+msgstr "An exception occurred during the token verification process."
+
+msgid "Can not generate the thumbprint."
+msgstr "Can not generate the thumbprint."
+
+msgid "Configuration error. Failed to read the JWT key file."
+msgstr "Configuration error. Failed to read the JWT key file."
+
+msgid ""
+"Configuration error. JWT encoding with the specified JWT key file and "
+"algorithm failed."
+msgstr ""
+"Configuration error. JWT encoding with the specified JWT key file and "
+"algorithm failed."
+
+msgid ""
+"Configuration error. JWT encoding with the specified client_secret and "
+"algorithm failed."
+msgstr ""
+"Configuration error. JWT encoding with the specified client_secret and "
+"algorithm failed."
+
+msgid "Configuration error. JWT key file is not a file."
+msgstr "Configuration error. JWT key file is not a file."
+
+msgid "Configuration error. The JWT key file content is empty."
+msgstr "Configuration error. The JWT key file content is empty."
+
+#, python-format
+msgid "Configuration error. The parameter is not set for \"%s\" in group [%s]."
+msgstr ""
+"Configuration error. The parameter is not set for \"%s\" in group [%s]."
+
msgid "Encrypted data appears to be corrupted."
msgstr "Encrypted data appears to be corrupted."
@@ -27,6 +62,10 @@
msgid "Failed to fetch token data from identity server"
msgstr "Failed to fetch token data from identity server"
+#, python-format
+msgid "Failed to parse the necessary information for the field \"%s\"."
+msgstr "Failed to parse the necessary information for the field \"%s\"."
+
msgid "Failure parsing response from keystone"
msgstr "Failure parsing response from Keystone"
@@ -45,15 +84,65 @@
msgid "Signature not provided"
msgstr "Signature not provided"
+msgid "The Introspect API service is temporarily unavailable."
+msgstr "The Introspect API service is temporarily unavailable."
+
+#, python-format
+msgid ""
+"The configuration parameter for key \"auth_method\" in group [%s] is "
+"incorrect."
+msgstr ""
+"The configuration parameter for key \"auth_method\" in group [%s] is "
+"incorrect."
+
+msgid ""
+"The request you have made is denied, because an exception occurred while "
+"accessing the external authentication server for token validation."
+msgstr ""
+"The request you have made is denied, because an exception occurred while "
+"accessing the external authentication server for token validation."
+
+msgid ""
+"The request you have made is denied, because the configuration parameters "
+"are incorrect and the token can not be verified."
+msgstr ""
+"The request you have made is denied, because the configuration parameters "
+"are incorrect and the token can not be verified."
+
+msgid ""
+"The request you have made is denied, because the necessary information could "
+"not be parsed."
+msgstr ""
+"The request you have made is denied, because the necessary information could "
+"not be parsed."
+
+msgid "The request you have made is denied, because the token is invalid."
+msgstr "The request you have made is denied, because the token is invalid."
+
msgid "The request you have made requires authentication."
msgstr "The request you have made requires authentication."
+msgid "The token cannot be verified for validity."
+msgstr "The token cannot be verified for validity."
+
+msgid "The token is invalid."
+msgstr "The token is invalid."
+
+msgid "The two thumbprints do not match."
+msgstr "The two thumbprints do not match."
+
msgid "Token authorization failed"
msgstr "Token authorisation failed"
msgid "Unable to determine service tenancy."
msgstr "Unable to determine service tenancy."
+msgid "Unable to obtain the access token."
+msgstr "Unable to obtain the access token."
+
+msgid "Unable to obtain the client certificate."
+msgstr "Unable to obtain the client certificate."
+
msgid ""
"memcache_secret_key must be defined when a memcache_security_strategy is "
"defined"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/s3_token.py
new/keystonemiddleware-10.12.0/keystonemiddleware/s3_token.py
--- old/keystonemiddleware-10.7.1/keystonemiddleware/s3_token.py
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware/s3_token.py
2025-08-21 11:33:29.000000000 +0200
@@ -118,7 +118,7 @@
def _json_request(self, creds_json):
headers = {'Content-Type': 'application/json'}
try:
- response = requests.post('%s/v2.0/s3tokens' % self._request_uri,
+ response = requests.post('%s/v3/s3tokens' % self._request_uri,
headers=headers, data=creds_json,
verify=self._verify,
timeout=CONF.s3_token.timeout)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
new/keystonemiddleware-10.12.0/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
---
old/keystonemiddleware-10.7.1/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
2024-08-30 16:23:10.000000000 +0200
+++
new/keystonemiddleware-10.12.0/keystonemiddleware/tests/unit/auth_token/test_auth_token_middleware.py
2025-08-21 11:33:29.000000000 +0200
@@ -1997,8 +1997,8 @@
self._assert_user_agent(app, project, ksm_version)
def _create_app(self, conf, project_version, ksm_version):
- fake_pkg_resources = mock.Mock()
- fake_pkg_resources.get_distribution().version = project_version
+ fake_im = mock.Mock()
+ fake_im.return_value = project_version
fake_version_info = mock.Mock()
fake_version_info.version_string.return_value = ksm_version
@@ -2007,10 +2007,10 @@
body = uuid.uuid4().hex
+ at_im = 'keystonemiddleware._common.config.importlib.metadata.version'
at_pbr = 'keystonemiddleware._common.config.pbr.version'
- with mock.patch('keystonemiddleware._common.config.pkg_resources',
- new=fake_pkg_resources):
+ with mock.patch(at_im, new=fake_im):
with mock.patch(at_pbr, new=fake_pbr_version):
return self.create_simple_middleware(body=body, conf=conf)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/tests/unit/auth_token/test_config.py
new/keystonemiddleware-10.12.0/keystonemiddleware/tests/unit/auth_token/test_config.py
---
old/keystonemiddleware-10.7.1/keystonemiddleware/tests/unit/auth_token/test_config.py
2024-08-30 16:23:10.000000000 +0200
+++
new/keystonemiddleware-10.12.0/keystonemiddleware/tests/unit/auth_token/test_config.py
2025-08-21 11:33:29.000000000 +0200
@@ -75,12 +75,12 @@
if not project_version:
project_version = uuid.uuid4().hex
- fake_pkg_resources = mock.Mock()
- fake_pkg_resources.get_distribution().version = project_version
+ fake_im = mock.Mock()
+ fake_im.return_value = project_version
body = uuid.uuid4().hex
- with mock.patch('keystonemiddleware._common.config.pkg_resources',
- new=fake_pkg_resources):
+ at_im = 'keystonemiddleware._common.config.importlib.metadata.version'
+ with mock.patch(at_im, new=fake_im):
# use_global_conf is poorly named. What it means is
# don't use the config created in test setUp.
return self.create_simple_middleware(body=body, conf=conf,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/tests/unit/test_opts.py
new/keystonemiddleware-10.12.0/keystonemiddleware/tests/unit/test_opts.py
--- old/keystonemiddleware-10.7.1/keystonemiddleware/tests/unit/test_opts.py
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware/tests/unit/test_opts.py
2025-08-21 11:33:29.000000000 +0200
@@ -58,11 +58,19 @@
'memcache_security_strategy',
'memcache_secret_key',
'memcache_use_advanced_pool',
+ 'memcache_tls_enabled',
+ 'memcache_tls_cafile',
+ 'memcache_tls_certfile',
+ 'memcache_tls_keyfile',
+ 'memcache_tls_allowed_ciphers',
'memcache_pool_dead_retry',
'memcache_pool_maxsize',
'memcache_pool_unused_timeout',
'memcache_pool_conn_get_timeout',
'memcache_pool_socket_timeout',
+ 'memcache_sasl_enabled',
+ 'memcache_username',
+ 'memcache_password',
'include_service_catalog',
'enforce_token_bind',
'auth_type',
@@ -103,11 +111,19 @@
'memcache_security_strategy',
'memcache_secret_key',
'memcache_use_advanced_pool',
+ 'memcache_tls_enabled',
+ 'memcache_tls_cafile',
+ 'memcache_tls_certfile',
+ 'memcache_tls_keyfile',
+ 'memcache_tls_allowed_ciphers',
'memcache_pool_dead_retry',
'memcache_pool_maxsize',
'memcache_pool_unused_timeout',
'memcache_pool_conn_get_timeout',
'memcache_pool_socket_timeout',
+ 'memcache_sasl_enabled',
+ 'memcache_username',
+ 'memcache_password',
'include_service_catalog',
'enforce_token_bind',
'auth_type',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware/tests/unit/test_s3_token_middleware.py
new/keystonemiddleware-10.12.0/keystonemiddleware/tests/unit/test_s3_token_middleware.py
---
old/keystonemiddleware-10.7.1/keystonemiddleware/tests/unit/test_s3_token_middleware.py
2024-08-30 16:23:10.000000000 +0200
+++
new/keystonemiddleware-10.12.0/keystonemiddleware/tests/unit/test_s3_token_middleware.py
2025-08-21 11:33:29.000000000 +0200
@@ -42,7 +42,7 @@
class S3TokenMiddlewareTestBase(utils.TestCase):
TEST_WWW_AUTHENTICATE_URI = 'https://fakehost/identity'
- TEST_URL = '%s/v2.0/s3tokens' % (TEST_WWW_AUTHENTICATE_URI, )
+ TEST_URL = '%s/v3/s3tokens' % (TEST_WWW_AUTHENTICATE_URI, )
def setUp(self):
super(S3TokenMiddlewareTestBase, self).setUp()
@@ -101,7 +101,7 @@
host = 'fakehost'
port = 35357
self.requests_mock.post(
- '%s://%s:%s/v2.0/s3tokens' % (protocol, host, port),
+ '%s://%s:%s/v3/s3tokens' % (protocol, host, port),
status_code=201, json=GOOD_RESPONSE)
self.middleware = (
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/PKG-INFO
new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/PKG-INFO
--- old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/PKG-INFO
2024-08-30 16:23:40.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/PKG-INFO
2025-08-21 11:34:47.000000000 +0200
@@ -1,51 +1,10 @@
Metadata-Version: 2.1
Name: keystonemiddleware
-Version: 10.7.1
+Version: 10.12.0
Summary: Middleware for OpenStack Identity
Home-page: https://docs.openstack.org/keystonemiddleware/latest/
Author: OpenStack
Author-email: [email protected]
-License: UNKNOWN
-Description: ========================
- Team and repository tags
- ========================
-
- .. image::
https://governance.openstack.org/tc/badges/keystonemiddleware.svg
- :target:
https://governance.openstack.org/tc/reference/tags/index.html
-
- .. Change things from this point on
-
- Middleware for the OpenStack Identity API (Keystone)
- ====================================================
-
- .. image:: https://img.shields.io/pypi/v/keystonemiddleware.svg
- :target: https://pypi.org/project/keystonemiddleware/
- :alt: Latest Version
-
- .. image:: https://img.shields.io/pypi/dm/keystonemiddleware.svg
- :target: https://pypi.org/project/keystonemiddleware/
- :alt: Downloads
-
- This package contains middleware modules designed to provide
authentication and
- authorization features to web services other than `Keystone
- <https://github.com/openstack/keystone>`. The most prominent module is
- ``keystonemiddleware.auth_token``. This package does not expose any
CLI or
- Python API features.
-
- For information on contributing, see ``CONTRIBUTING.rst``.
-
- * License: Apache License, Version 2.0
- * Documentation: https://docs.openstack.org/keystonemiddleware/latest/
- * Source: https://opendev.org/openstack/keystonemiddleware
- * Bugs: https://bugs.launchpad.net/keystonemiddleware
- * Release notes:
https://docs.openstack.org/releasenotes/keystonemiddleware/
-
- For any other information, refer to the parent project, Keystone:
-
- https://github.com/openstack/keystone
-
-
-Platform: UNKNOWN
Classifier: Environment :: OpenStack
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
@@ -55,10 +14,81 @@
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3 :: Only
-Classifier: Programming Language :: Python :: 3.8
-Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
-Requires-Python: >=3.8
-Provides-Extra: audit_notifications
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.10
+License-File: LICENSE
+Requires-Dist: keystoneauth1>=3.12.0
+Requires-Dist: oslo.cache>=3.11.0
+Requires-Dist: oslo.config>=5.2.0
+Requires-Dist: oslo.context>=2.19.2
+Requires-Dist: oslo.i18n>=3.15.3
+Requires-Dist: oslo.log>=3.36.0
+Requires-Dist: oslo.serialization>=2.18.0
+Requires-Dist: oslo.utils>=3.33.0
+Requires-Dist: pbr>=2.0.0
+Requires-Dist: pycadf>=1.1.0
+Requires-Dist: PyJWT>=2.4.0
+Requires-Dist: python-keystoneclient>=3.20.0
+Requires-Dist: requests>=2.14.2
+Requires-Dist: WebOb>=1.7.1
+Provides-Extra: audit-notifications
+Requires-Dist: oslo.messaging>=5.29.0; extra == "audit-notifications"
Provides-Extra: test
+Requires-Dist: hacking~=6.1.0; extra == "test"
+Requires-Dist: flake8-docstrings~=1.7.0; extra == "test"
+Requires-Dist: coverage>=4.0; extra == "test"
+Requires-Dist: cryptography>=3.0; extra == "test"
+Requires-Dist: fixtures>=3.0.0; extra == "test"
+Requires-Dist: oslotest>=3.2.0; extra == "test"
+Requires-Dist: stevedore>=1.20.0; extra == "test"
+Requires-Dist: requests-mock>=1.2.0; extra == "test"
+Requires-Dist: stestr>=2.0.0; extra == "test"
+Requires-Dist: testresources>=2.0.0; extra == "test"
+Requires-Dist: testtools>=2.2.0; extra == "test"
+Requires-Dist: python-binary-memcached>=0.29.0; extra == "test"
+Requires-Dist: python-memcached>=1.59; extra == "test"
+Requires-Dist: WebTest>=2.0.27; extra == "test"
+Requires-Dist: oslo.messaging>=5.29.0; extra == "test"
+Requires-Dist: PyJWT>=2.4.0; extra == "test"
+Requires-Dist: bandit>=1.1.0; extra == "test"
+
+========================
+Team and repository tags
+========================
+
+.. image:: https://governance.openstack.org/tc/badges/keystonemiddleware.svg
+ :target: https://governance.openstack.org/tc/reference/tags/index.html
+
+.. Change things from this point on
+
+Middleware for the OpenStack Identity API (Keystone)
+====================================================
+
+.. image:: https://img.shields.io/pypi/v/keystonemiddleware.svg
+ :target: https://pypi.org/project/keystonemiddleware/
+ :alt: Latest Version
+
+.. image:: https://img.shields.io/pypi/dm/keystonemiddleware.svg
+ :target: https://pypi.org/project/keystonemiddleware/
+ :alt: Downloads
+
+This package contains middleware modules designed to provide authentication and
+authorization features to web services other than `Keystone
+<https://github.com/openstack/keystone>`. The most prominent module is
+``keystonemiddleware.auth_token``. This package does not expose any CLI or
+Python API features.
+
+For information on contributing, see ``CONTRIBUTING.rst``.
+
+* License: Apache License, Version 2.0
+* Documentation: https://docs.openstack.org/keystonemiddleware/latest/
+* Source: https://opendev.org/openstack/keystonemiddleware
+* Bugs: https://bugs.launchpad.net/keystonemiddleware
+* Release notes: https://docs.openstack.org/releasenotes/keystonemiddleware/
+
+For any other information, refer to the parent project, Keystone:
+
+ https://github.com/openstack/keystone
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/SOURCES.txt
new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/SOURCES.txt
--- old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/SOURCES.txt
2024-08-30 16:23:40.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/SOURCES.txt
2025-08-21 11:34:47.000000000 +0200
@@ -7,6 +7,7 @@
HACKING.rst
LICENSE
README.rst
+pyproject.toml
requirements.txt
setup.cfg
setup.py
@@ -129,18 +130,24 @@
releasenotes/notes/drop-py-2-7-6655f421a9cac0a2.yaml
releasenotes/notes/drop-python-3-6-and-3-7-c407d5898c5eafec.yaml
releasenotes/notes/ec2-v2-removal-6a886210cbc9d3e9.yaml
+releasenotes/notes/enable-sasl-protocol-946149083f604216.yaml
releasenotes/notes/fix-audit-no-service-endpoint-ports-72b2009d631dcf19.yaml
releasenotes/notes/fix-cache-data-corrupted-issue-d1bd546625690581.yaml
releasenotes/notes/interface-option-ed551d2a3162668d.yaml
releasenotes/notes/ksm_4.1.0-3cd78446d8e63616.yaml
+releasenotes/notes/remove-py38-438c67d4d2da02a3.yaml
+releasenotes/notes/remove-py39-ffac30d683a53099.yaml
releasenotes/notes/remove_kwargs_to_fetch_token-20e3451ed192ab6a.yaml
releasenotes/notes/removed-as-of-ussuri-4e1ea485ba8801c9.yaml
releasenotes/notes/rename-auth-uri-d223d883f5898aee.yaml
releasenotes/notes/s3token_auth_uri-490c1287d90b9df7.yaml
+releasenotes/notes/tls-support-via-oslo-cache-51d744dd8a3f6ba0.yaml
releasenotes/notes/x-is-admin-project-header-97f1882e209fe727.yaml
releasenotes/source/2023.1.rst
releasenotes/source/2023.2.rst
releasenotes/source/2024.1.rst
+releasenotes/source/2024.2.rst
+releasenotes/source/2025.1.rst
releasenotes/source/conf.py
releasenotes/source/index.rst
releasenotes/source/mitaka.rst
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/entry_points.txt
new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/entry_points.txt
--- old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/entry_points.txt
2024-08-30 16:23:40.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/entry_points.txt
2025-08-21 11:34:47.000000000 +0200
@@ -10,4 +10,3 @@
oauth2_mtls_token = keystonemiddleware.oauth2_mtls_token:filter_factory
oauth2_token = keystonemiddleware.oauth2_token:filter_factory
s3_token = keystonemiddleware.s3_token:filter_factory
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/pbr.json
new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/pbr.json
--- old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/pbr.json
2024-08-30 16:23:40.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/pbr.json
2025-08-21 11:34:47.000000000 +0200
@@ -1 +1 @@
-{"git_version": "4c001ba", "is_release": true}
\ No newline at end of file
+{"git_version": "c893b62", "is_release": true}
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/requires.txt
new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/requires.txt
--- old/keystonemiddleware-10.7.1/keystonemiddleware.egg-info/requires.txt
2024-08-30 16:23:40.000000000 +0200
+++ new/keystonemiddleware-10.12.0/keystonemiddleware.egg-info/requires.txt
2025-08-21 11:34:47.000000000 +0200
@@ -1,7 +1,5 @@
-PyJWT>=2.4.0
-WebOb>=1.7.1
keystoneauth1>=3.12.0
-oslo.cache>=1.26.0
+oslo.cache>=3.11.0
oslo.config>=5.2.0
oslo.context>=2.19.2
oslo.i18n>=3.15.3
@@ -10,26 +8,29 @@
oslo.utils>=3.33.0
pbr>=2.0.0
pycadf>=1.1.0
+PyJWT>=2.4.0
python-keystoneclient>=3.20.0
requests>=2.14.2
+WebOb>=1.7.1
[audit_notifications]
oslo.messaging>=5.29.0
[test]
-PyJWT>=2.4.0
-WebTest>=2.0.27
-bandit>=1.1.0
+hacking~=6.1.0
+flake8-docstrings~=1.7.0
coverage>=4.0
cryptography>=3.0
fixtures>=3.0.0
-flake8-docstrings~=1.7.0
-hacking~=6.0.1
-oslo.messaging>=5.29.0
oslotest>=3.2.0
-python-memcached>=1.59
+stevedore>=1.20.0
requests-mock>=1.2.0
stestr>=2.0.0
-stevedore>=1.20.0
testresources>=2.0.0
testtools>=2.2.0
+python-binary-memcached>=0.29.0
+python-memcached>=1.59
+WebTest>=2.0.27
+oslo.messaging>=5.29.0
+PyJWT>=2.4.0
+bandit>=1.1.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/pyproject.toml
new/keystonemiddleware-10.12.0/pyproject.toml
--- old/keystonemiddleware-10.7.1/pyproject.toml 1970-01-01
01:00:00.000000000 +0100
+++ new/keystonemiddleware-10.12.0/pyproject.toml 2025-08-21
11:33:29.000000000 +0200
@@ -0,0 +1,3 @@
+[build-system]
+requires = ["pbr>=6.1.1"]
+build-backend = "pbr.build"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/notes/enable-sasl-protocol-946149083f604216.yaml
new/keystonemiddleware-10.12.0/releasenotes/notes/enable-sasl-protocol-946149083f604216.yaml
---
old/keystonemiddleware-10.7.1/releasenotes/notes/enable-sasl-protocol-946149083f604216.yaml
1970-01-01 01:00:00.000000000 +0100
+++
new/keystonemiddleware-10.12.0/releasenotes/notes/enable-sasl-protocol-946149083f604216.yaml
2025-08-21 11:33:29.000000000 +0200
@@ -0,0 +1,8 @@
+---
+features:
+ - |
+ Add the feature to support SASL for keystonemiddleware to improve
+ the security of authority.
+ memcache_sasl_enabled: enable the SASL option or not.
+ memcache_username: the user name for the SASL
+ memcache_password: the user password for SASL
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/notes/remove-py38-438c67d4d2da02a3.yaml
new/keystonemiddleware-10.12.0/releasenotes/notes/remove-py38-438c67d4d2da02a3.yaml
---
old/keystonemiddleware-10.7.1/releasenotes/notes/remove-py38-438c67d4d2da02a3.yaml
1970-01-01 01:00:00.000000000 +0100
+++
new/keystonemiddleware-10.12.0/releasenotes/notes/remove-py38-438c67d4d2da02a3.yaml
2025-08-21 11:33:29.000000000 +0200
@@ -0,0 +1,5 @@
+---
+upgrade:
+ - |
+ Python 3.8 support was dropped. The minimum version of Python now supported
+ is Python 3.9.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/notes/remove-py39-ffac30d683a53099.yaml
new/keystonemiddleware-10.12.0/releasenotes/notes/remove-py39-ffac30d683a53099.yaml
---
old/keystonemiddleware-10.7.1/releasenotes/notes/remove-py39-ffac30d683a53099.yaml
1970-01-01 01:00:00.000000000 +0100
+++
new/keystonemiddleware-10.12.0/releasenotes/notes/remove-py39-ffac30d683a53099.yaml
2025-08-21 11:33:29.000000000 +0200
@@ -0,0 +1,5 @@
+---
+upgrade:
+ - |
+ Support for Python 3.9 has been removed. Now Python 3.10 is the minimum
+ version supported.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/notes/tls-support-via-oslo-cache-51d744dd8a3f6ba0.yaml
new/keystonemiddleware-10.12.0/releasenotes/notes/tls-support-via-oslo-cache-51d744dd8a3f6ba0.yaml
---
old/keystonemiddleware-10.7.1/releasenotes/notes/tls-support-via-oslo-cache-51d744dd8a3f6ba0.yaml
1970-01-01 01:00:00.000000000 +0100
+++
new/keystonemiddleware-10.12.0/releasenotes/notes/tls-support-via-oslo-cache-51d744dd8a3f6ba0.yaml
2025-08-21 11:33:29.000000000 +0200
@@ -0,0 +1,4 @@
+---
+other:
+ - |
+ Added tls support to the MemcacheClientPool driver via oslo.cache
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/source/2023.1.rst
new/keystonemiddleware-10.12.0/releasenotes/source/2023.1.rst
--- old/keystonemiddleware-10.7.1/releasenotes/source/2023.1.rst
2024-08-30 16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/releasenotes/source/2023.1.rst
2025-08-21 11:33:29.000000000 +0200
@@ -3,4 +3,4 @@
===========================
.. release-notes::
- :branch: stable/2023.1
+ :branch: unmaintained/2023.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/source/2024.2.rst
new/keystonemiddleware-10.12.0/releasenotes/source/2024.2.rst
--- old/keystonemiddleware-10.7.1/releasenotes/source/2024.2.rst
1970-01-01 01:00:00.000000000 +0100
+++ new/keystonemiddleware-10.12.0/releasenotes/source/2024.2.rst
2025-08-21 11:33:29.000000000 +0200
@@ -0,0 +1,6 @@
+===========================
+2024.2 Series Release Notes
+===========================
+
+.. release-notes::
+ :branch: stable/2024.2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/source/2025.1.rst
new/keystonemiddleware-10.12.0/releasenotes/source/2025.1.rst
--- old/keystonemiddleware-10.7.1/releasenotes/source/2025.1.rst
1970-01-01 01:00:00.000000000 +0100
+++ new/keystonemiddleware-10.12.0/releasenotes/source/2025.1.rst
2025-08-21 11:33:29.000000000 +0200
@@ -0,0 +1,6 @@
+===========================
+2025.1 Series Release Notes
+===========================
+
+.. release-notes::
+ :branch: stable/2025.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/source/index.rst
new/keystonemiddleware-10.12.0/releasenotes/source/index.rst
--- old/keystonemiddleware-10.7.1/releasenotes/source/index.rst 2024-08-30
16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/releasenotes/source/index.rst
2025-08-21 11:33:29.000000000 +0200
@@ -6,6 +6,8 @@
:maxdepth: 1
unreleased
+ 2025.1
+ 2024.2
2024.1
2023.2
2023.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystonemiddleware-10.7.1/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
new/keystonemiddleware-10.12.0/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
---
old/keystonemiddleware-10.7.1/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
2024-08-30 16:23:10.000000000 +0200
+++
new/keystonemiddleware-10.12.0/releasenotes/source/locale/en_GB/LC_MESSAGES/releasenotes.po
2025-08-21 11:33:29.000000000 +0200
@@ -4,15 +4,16 @@
# Andi Chandler <[email protected]>, 2020. #zanata
# Andi Chandler <[email protected]>, 2022. #zanata
# Andi Chandler <[email protected]>, 2023. #zanata
+# Andi Chandler <[email protected]>, 2024. #zanata
msgid ""
msgstr ""
"Project-Id-Version: keystonemiddleware\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-02-07 16:09+0000\n"
+"POT-Creation-Date: 2025-02-26 20:05+0000\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2023-05-08 11:38+0000\n"
+"PO-Revision-Date: 2024-12-17 09:57+0000\n"
"Last-Translator: Andi Chandler <[email protected]>\n"
"Language-Team: English (United Kingdom)\n"
"Language: en_GB\n"
@@ -25,6 +26,24 @@
msgid "10.1.0"
msgstr "10.1.0"
+msgid "10.3.0"
+msgstr "10.3.0"
+
+msgid "10.5.0"
+msgstr "10.5.0"
+
+msgid "2023.1 Series Release Notes"
+msgstr "2023.1 Series Release Notes"
+
+msgid "2023.2 Series Release Notes"
+msgstr "2023.2 Series Release Notes"
+
+msgid "2024.1 Series Release Notes"
+msgstr "2024.1 Series Release Notes"
+
+msgid "2024.2 Series Release Notes"
+msgstr "2024.2 Series Release Notes"
+
msgid "4.1.0"
msgstr "4.1.0"
@@ -170,6 +189,15 @@
"default to ``True`` in a future release."
msgid ""
+"In situation of encryption using memcached. Its possible that data in "
+"memcached becomes un-decryptable. The previous implementation of token cache "
+"was not correctly handling the case."
+msgstr ""
+"In a situation of encryption using memcached. It is possible that data in "
+"memcached becomes un-decryptable. The previous implementation of token cache "
+"was not correctly handling the case."
+
+msgid ""
"It is recommended that the ``memcache_use_advanced_pool`` option is set to "
"``True`` in the ``keystone_authtoken`` configuration section of the various "
"services (e.g. nova, glance, ...) when memcached is used for token cache."
@@ -215,6 +243,13 @@
"Python 3.6 & 3.7 support has been dropped. The minimum version of Python now "
"supported is Python 3.8."
+msgid ""
+"Python 3.8 support was dropped. The minimum version of Python now supported "
+"is Python 3.9."
+msgstr ""
+"Python 3.8 support was dropped. The minimum version of Python now supported "
+"is Python 3.9."
+
msgid "Queens Series Release Notes"
msgstr "Queens Series Release Notes"
@@ -378,6 +413,35 @@
msgid "Yoga Series Release Notes"
msgstr "Yoga Series Release Notes"
+msgid "Zed Series Release Notes"
+msgstr "Zed Series Release Notes"
+
+msgid ""
+"[`blueprint enhance-oauth2-interoperability <https://blueprints.launchpad.";
+"net/keystone/+spec/enhance-oauth2-interoperability>`_] Added the ability to "
+"authenticate using a system-scoped token and the ability to authenticate "
+"using a cached token to the external_oauth2_token filter."
+msgstr ""
+"[`blueprint enhance-oauth2-interoperability <https://blueprints.launchpad.";
+"net/keystone/+spec/enhance-oauth2-interoperability>`_] Added the ability to "
+"authenticate using a system-scoped token and the ability to authenticate "
+"using a cached token to the external_oauth2_token filter."
+
+msgid ""
+"[`blueprint enhance-oauth2-interoperability <https://blueprints.launchpad.";
+"net/keystone/+spec/enhance-oauth2-interoperability>`_] The "
+"external_oauth2_token filter has been added for accepting or denying "
+"incoming requests containing OAuth 2.0 access tokens that are obtained from "
+"an external authorization server by users through their OAuth 2.0 "
+"credentials."
+msgstr ""
+"[`blueprint enhance-oauth2-interoperability <https://blueprints.launchpad.";
+"net/keystone/+spec/enhance-oauth2-interoperability>`_] The "
+"external_oauth2_token filter has been added for accepting or denying "
+"incoming requests containing OAuth 2.0 access tokens that are obtained from "
+"an external authorization server by users through their OAuth 2.0 "
+"credentials."
+
msgid ""
"[`blueprint oauth2-client-credentials-ext <https://blueprints.launchpad.net/";
"keystone/+spec/oauth2-client-credentials-ext>`_] The oauth2_token filter has "
@@ -555,6 +619,21 @@
"look for the given option in local config, then Oslo global config."
msgid ""
+"[`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] "
+"Keystonemiddleware no longer supports PKI/PKIZ tokens, all associated "
+"offline validation has been removed. The configuration options "
+"`signing_dir`, and `hash_algorithms` have been removed, if they still exist "
+"in your configuration(s), they are now safe to remove. Please consider "
+"utilizing the newer fernet or JWS token formats."
+msgstr ""
+"[`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] "
+"Keystonemiddleware no longer supports PKI/PKIZ tokens, all associated "
+"offline validation has been removed. The configuration options "
+"`signing_dir`, and `hash_algorithms` have been removed, if they still exist "
+"in your configuration(s), they are now safe to remove. Please consider "
+"utilising the newer Fernet or JWS token formats."
+
+msgid ""
"[`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] The "
"auth_token middleware no longer attempts to retrieve the revocation list "
"from the Keystone server. The deprecated options "
@@ -568,6 +647,23 @@
"removed."
msgid ""
+"[`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] The "
+"auth_token middleware no longer attempts to retrieve the revocation list "
+"from the Keystone server. The deprecated options `revocations_cache_time` "
+"and `check_revocations_for_cached` have been removed. Keystone no longer "
+"issues PKI/PKIZ tokens and now keystonemiddleware's Support for PKI/PKIZ and "
+"associated offline validation has been removed. This includes the deprecated "
+"config options `signing_dir`, and `hash_algorithms`."
+msgstr ""
+"[`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] The "
+"auth_token middleware no longer attempts to retrieve the revocation list "
+"from the Keystone server. The deprecated options `revocations_cache_time` "
+"and `check_revocations_for_cached` have been removed. Keystone no longer "
+"issues PKI/PKIZ tokens and now keystonemiddleware's Support for PKI/PKIZ and "
+"associated offline validation has been removed. This includes the deprecated "
+"config options `signing_dir`, and `hash_algorithms`."
+
+msgid ""
"[`bug 1677308 <https://bugs.launchpad.net/keystonemiddleware/";
"+bug/1677308>`_] Removes ``pycrypto`` dependency as the library is "
"unmaintained, and replaces it with the ``cryptography`` library."
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/requirements.txt
new/keystonemiddleware-10.12.0/requirements.txt
--- old/keystonemiddleware-10.7.1/requirements.txt 2024-08-30
16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/requirements.txt 2025-08-21
11:33:29.000000000 +0200
@@ -3,7 +3,7 @@
# you find any incorrect lower bounds, let us know or propose a fix.
keystoneauth1>=3.12.0 # Apache-2.0
-oslo.cache>=1.26.0 # Apache-2.0
+oslo.cache>=3.11.0 # Apache-2.0
oslo.config>=5.2.0 # Apache-2.0
oslo.context>=2.19.2 # Apache-2.0
oslo.i18n>=3.15.3 # Apache-2.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/setup.cfg
new/keystonemiddleware-10.12.0/setup.cfg
--- old/keystonemiddleware-10.7.1/setup.cfg 2024-08-30 16:23:40.234109400
+0200
+++ new/keystonemiddleware-10.12.0/setup.cfg 2025-08-21 11:34:47.930037700
+0200
@@ -6,7 +6,7 @@
author = OpenStack
author_email = [email protected]
home_page = https://docs.openstack.org/keystonemiddleware/latest/
-python_requires = >=3.8
+python_requires = >=3.10
classifier =
Environment :: OpenStack
Intended Audience :: Information Technology
@@ -17,10 +17,9 @@
Programming Language :: Python :: 3 :: Only
Programming Language :: Python :: 3
Programming Language :: Python :: 3 :: Only
- Programming Language :: Python :: 3.8
- Programming Language :: Python :: 3.9
Programming Language :: Python :: 3.10
Programming Language :: Python :: 3.11
+ Programming Language :: Python :: 3.12
[files]
packages =
@@ -30,10 +29,6 @@
audit_notifications =
oslo.messaging>=5.29.0 # Apache-2.0
-[global]
-setup_hooks =
- pbr.hooks.setup_hook
-
[entry_points]
oslo.config.opts =
keystonemiddleware.auth_token =
keystonemiddleware.auth_token._opts:list_opts
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/test-requirements.txt
new/keystonemiddleware-10.12.0/test-requirements.txt
--- old/keystonemiddleware-10.7.1/test-requirements.txt 2024-08-30
16:23:10.000000000 +0200
+++ new/keystonemiddleware-10.12.0/test-requirements.txt 2025-08-21
11:33:29.000000000 +0200
@@ -1,4 +1,4 @@
-hacking~=6.0.1 # Apache-2.0
+hacking~=6.1.0 # Apache-2.0
flake8-docstrings~=1.7.0 # MIT
coverage>=4.0 # Apache-2.0
@@ -10,6 +10,7 @@
stestr>=2.0.0 # Apache-2.0
testresources>=2.0.0 # Apache-2.0/BSD
testtools>=2.2.0 # MIT
+python-binary-memcached>=0.29.0 # MIT
python-memcached>=1.59 # PSF
WebTest>=2.0.27 # MIT
oslo.messaging>=5.29.0 # Apache-2.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystonemiddleware-10.7.1/tox.ini
new/keystonemiddleware-10.12.0/tox.ini
--- old/keystonemiddleware-10.7.1/tox.ini 2024-08-30 16:23:10.000000000
+0200
+++ new/keystonemiddleware-10.12.0/tox.ini 2025-08-21 11:33:29.000000000
+0200
@@ -9,7 +9,7 @@
OS_STDOUT_NOCAPTURE=False
OS_STDERR_NOCAPTURE=False
deps =
-
-c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+
-c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-r{toxinidir}/requirements.txt
-r{toxinidir}/test-requirements.txt
commands =
@@ -42,13 +42,14 @@
commands = oslo_debug_helper -t keystonemiddleware/tests {posargs}
[testenv:docs]
-deps = -r{toxinidir}/doc/requirements.txt
+deps =
+
-c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+ -r{toxinidir}/doc/requirements.txt
commands=
doc8 doc/source
sphinx-build -W -b html doc/source doc/build/html
[testenv:pdf-docs]
-envdir = {toxworkdir}/docs
deps = {[testenv:docs]deps}
allowlist_externals =
make
@@ -59,8 +60,9 @@
make -C doc/build/pdf
[testenv:releasenotes]
-envdir = {toxworkdir}/docs
-deps = -r{toxinidir}/doc/requirements.txt
+deps =
+
-c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+ -r{toxinidir}/doc/requirements.txt
commands =
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html
releasenotes/source releasenotes/build/html
