Endpoint Versioning

Registered by Adam Young

The following is written based on the python-openstack common cli (OSC) but I think it is true for any of the clients attempting to talk to Keystone.

For OSC, to specify the version, the user passes in

 --os-identity-api-version=3
or
 --os-identity-api-version=2.0

No other values are currently supported.

0 Always strip any final / from the auth_url before proceeding
1. If the auth_url ends in v3, assume the v3 api
2. If the auth_url ends in v2.0 assume the v2 api
3. If the auth_url does not end in either of the above, assume the v3 api.
4. If the user specifies an API version to use, that should override the above.
5. If the request API version does not match the URL, attempt to compose a valid URL
5.1 If the user wants the v2.0 api and the URL ends in /v3, remove the /v3 and append /v2.0
5.2 If the user wants the v3 api and the URL ends in /v2.0, remove the /v2.0 and append /v3 and the URL does not end in /v3, append /v3
5.3 If the user wants the v2.0 api and the URL ends in /v2.0, use the URL as is
5.4 If the user wants the v3 api and the URL ends in /v3, use the URL as is
5.5 Otherwise, attempt to do auth_url discovery:

Discovery is basically: Assume the auth URL is the root of the tree. Do an unauthenticated fetch on the URL. Search through the resulting JSON for the "versions" key, which should contain an array. Iterate through the members of the this collection until one has an "id" attribute that matches the requested API version, and select the corresponding "self" link as the auth_url from that point forward.

We don't want to do discover on every request, as it is expensive (complete round trip). Once it has been performed, the updated AUTH_URL should be cached. This is a tricky proposition, as the only updatable store is the python-keystore. We don't want to prevent someone from updating their AUTH_URL if the server gets upgraded.

Blueprint information

Status:
Complete
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
None
Definition:
Obsolete
Series goal:
None
Implementation:
Unknown
Milestone target:
None
Completed by
Dolph Mathews

Related branches

Sprints

Whiteboard

Dolphm: Don't parse apart the specified endpoint & don't make assumptions about it

nothing else here even approximates discovery

ayoung: the only other alternative is to have a separate set of of non-versioned endpoints.

dolph: the alternative is to implement actual version discovery, not a sad hack based on the default keystone paste configuration

Gerrit topic: https://review.openstack.org/#q,topic:bp/endpoint-versioning,n,z

Addressed by: https://review.openstack.org/62801
    Correct versions in the URLs

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.