From 754c4408b3e1af671dd9cf4cadd2ec8c8a41482e Mon Sep 17 00:00:00 2001
From: Brant Knudson <bknudson@us.ibm.com>
Date: Wed, 4 Jun 2014 09:06:01 -0500
Subject: [PATCH] Support option for Keystone PKIZ token provider

Keystone added support for a compressed token provider, PKIZ. This
change adds support to devstack. Set the KEYSTONE_TOKEN_FORMAT
option to "PKIZ" to configure Keystone to use it.

Change-Id: I123eef661c85cc805e950f1179b48e885078d40f
---
 lib/keystone | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/keystone b/lib/keystone
index c4266b9c01..0bedaba68c 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -55,7 +55,7 @@ KEYSTONE_IDENTITY_BACKEND=${KEYSTONE_IDENTITY_BACKEND:-sql}
 KEYSTONE_ASSIGNMENT_BACKEND=${KEYSTONE_ASSIGNMENT_BACKEND:-sql}
 
 # Select Keystone's token format
-# Choose from 'UUID' and 'PKI'
+# Choose from 'UUID', 'PKI', or 'PKIZ'
 KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-PKI}
 
 # Set Keystone interface configuration
@@ -204,6 +204,8 @@ function configure_keystone {
 
     if [[ "$KEYSTONE_TOKEN_FORMAT" = "UUID" ]]; then
         iniset $KEYSTONE_CONF token provider keystone.token.providers.uuid.Provider
+    elif [[ "$KEYSTONE_TOKEN_FORMAT" = "PKIZ" ]]; then
+        iniset $KEYSTONE_CONF token provider keystone.token.providers.pkiz.Provider
     fi
 
     iniset $KEYSTONE_CONF database connection `database_connection_url keystone`
@@ -384,7 +386,7 @@ function init_keystone {
     # Initialize keystone database
     $KEYSTONE_DIR/bin/keystone-manage db_sync
 
-    if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then
+    if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" || "$KEYSTONE_TOKEN_FORMAT" == "PKIZ" ]]; then
         # Set up certificates
         rm -rf $KEYSTONE_CONF_DIR/ssl
         $KEYSTONE_DIR/bin/keystone-manage pki_setup