From 92d11d139e9f76d4fd76859aea78643fc32ef36b Mon Sep 17 00:00:00 2001
From: asteroide <thomas.duval@orange.com>
Date: Thu, 24 Sep 2015 16:27:16 +0200
Subject: Update Keystone code from repository.

Change-Id: Ib3d0a06b10902fcc6d520f58e85aa617bc326d00
---
 keystone-moon/keystone/server/common.py |  8 ++++++++
 keystone-moon/keystone/server/wsgi.py   | 22 ++++++++++++++++++++++
 2 files changed, 30 insertions(+)

(limited to 'keystone-moon/keystone/server')

diff --git a/keystone-moon/keystone/server/common.py b/keystone-moon/keystone/server/common.py
index 2de6d39e..7bc5958e 100644
--- a/keystone-moon/keystone/server/common.py
+++ b/keystone-moon/keystone/server/common.py
@@ -13,14 +13,17 @@
 
 
 from oslo_config import cfg
+from oslo_log import log
 
 from keystone.common import dependency
 from keystone.common import sql
 from keystone import config
+from keystone.i18n import _LW
 from keystone.server import backends
 
 
 CONF = cfg.CONF
+LOG = log.getLogger(__name__)
 
 
 def configure(version=None, config_files=None,
@@ -35,6 +38,11 @@ def configure(version=None, config_files=None,
     pre_setup_logging_fn()
     config.setup_logging()
 
+    if CONF.debug:
+        LOG.warn(_LW(
+            'debug is enabled so responses may include sensitive '
+            'information.'))
+
 
 def setup_backends(load_extra_backends_fn=lambda: {},
                    startup_application_fn=lambda: None):
diff --git a/keystone-moon/keystone/server/wsgi.py b/keystone-moon/keystone/server/wsgi.py
index dbdad326..ae24c48e 100644
--- a/keystone-moon/keystone/server/wsgi.py
+++ b/keystone-moon/keystone/server/wsgi.py
@@ -16,6 +16,7 @@ import logging
 
 from oslo_config import cfg
 import oslo_i18n
+import oslo_middleware.cors as cors
 
 
 # NOTE(dstanek): i18n.enable_lazy() must be called before
@@ -27,12 +28,24 @@ oslo_i18n.enable_lazy()
 
 from keystone.common import environment
 from keystone import config
+import keystone.middleware.core as middleware_core
 from keystone.server import common
 from keystone import service as keystone_service
 
 
 CONF = cfg.CONF
 
+KEYSTONE_HEADERS = [
+    middleware_core.AUTH_TOKEN_HEADER,
+    middleware_core.SUBJECT_TOKEN_HEADER,
+    'X-Project-Id',
+    'X-Project-Name',
+    'X-Project-Domain-Id',
+    'X-Project-Domain-Name',
+    'X-Domain-Id',
+    'X-Domain-Name'
+]
+
 
 def initialize_application(name):
     common.configure()
@@ -49,6 +62,15 @@ def initialize_application(name):
 
     _unused, application = common.setup_backends(
         startup_application_fn=loadapp)
+
+    # Create a CORS wrapper, and attach keystone-specific defaults that must be
+    # included in all CORS responses
+    application = cors.CORS(application, CONF)
+    application.set_latent(
+        allow_headers=KEYSTONE_HEADERS,
+        allow_methods=['GET', 'PUT', 'POST', 'DELETE', 'PATCH'],
+        expose_headers=KEYSTONE_HEADERS
+    )
     return application
 
 
-- 
cgit 1.2.3-korg