summaryrefslogtreecommitdiffstats
path: root/keystone-moon/doc/source/extensions/oauth1.rst
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/doc/source/extensions/oauth1.rst')
-rw-r--r--keystone-moon/doc/source/extensions/oauth1.rst50
1 files changed, 50 insertions, 0 deletions
diff --git a/keystone-moon/doc/source/extensions/oauth1.rst b/keystone-moon/doc/source/extensions/oauth1.rst
new file mode 100644
index 00000000..c89ee126
--- /dev/null
+++ b/keystone-moon/doc/source/extensions/oauth1.rst
@@ -0,0 +1,50 @@
+..
+ Copyright 2011-2013 OpenStack, Foundation
+ All Rights Reserved.
+
+ Licensed under the Apache License, Version 2.0 (the "License"); you may
+ not use this file except in compliance with the License. You may obtain
+ a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ License for the specific language governing permissions and limitations
+ under the License.
+
+=============================
+Enabling the OAuth1 Extension
+=============================
+
+To enable the OAuth1 extension:
+
+1. Optionally, add the oauth1 extension driver to the ``[oauth1]`` section in ``keystone.conf``. For example::
+
+ [oauth1]
+ driver = keystone.contrib.oauth1.backends.sql.OAuth1
+
+2. Add the ``oauth1`` authentication method to the ``[auth]`` section in ``keystone.conf``::
+
+ [auth]
+ methods = external,password,token,oauth1
+ oauth1 = keystone.auth.plugins.oauth1.OAuth
+
+3. Add the ``oauth1_extension`` filter to the ``api_v3`` pipeline in
+ ``keystone-paste.ini``. This must be added after ``json_body`` and before
+ the last entry in the pipeline. For example::
+
+ [pipeline:api_v3]
+ pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth json_body ec2_extension_v3 s3_extension simple_cert_extension revoke_extension oauth1_extension service_v3
+
+4. Create the OAuth1 extension tables if using the provided SQL backend. For example::
+
+ ./bin/keystone-manage db_sync --extension oauth1
+
+5. Optionally, if deploying under an HTTPD server (i.e. Apache), set the
+ `WSGIPassAuthorization` to allow the OAuth Authorization headers to
+ pass through `mod_wsgi`. For example, add the following to the Keystone
+ virtual host file::
+
+ WSGIPassAuthorization On