From fc541633190a08ea3913ec7020b4c568ad4c21bc Mon Sep 17 00:00:00 2001
From: Jeffrey Zhang <zhang.lei.fly@gmail.com>
Date: Thu, 10 Nov 2016 21:32:03 +0800
Subject: [PATCH] Use uuid as keystone default token provider

Keystone uses fernet as default provider in its code now. This patch
adds provider=token in keystone.conf file explicitly.

TrivialFix

Change-Id: Id7142ff4f00ee99579ad420573eafefea0f4dcb7
---
 ansible/group_vars/all.yml                        | 1 +
 ansible/roles/keystone/templates/keystone.conf.j2 | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 24772f765c..6e165f00d2 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -338,6 +338,7 @@ keystone_admin_url: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keyston
 keystone_internal_url: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v3"
 keystone_public_url: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ keystone_public_port }}/v3"
 
+# Valid options are [ uuid, fernet ]
 keystone_token_provider: "uuid"
 fernet_token_expiry: 86400
 
diff --git a/ansible/roles/keystone/templates/keystone.conf.j2 b/ansible/roles/keystone/templates/keystone.conf.j2
index 6f73e98a03..ff33a241ff 100644
--- a/ansible/roles/keystone/templates/keystone.conf.j2
+++ b/ansible/roles/keystone/templates/keystone.conf.j2
@@ -20,8 +20,10 @@ domain_specific_drivers_enabled = true
 domain_config_dir = /etc/keystone/domains
 {% endif %}
 
-{% if keystone_token_provider == 'fernet' %}
 [token]
+{% if keystone_token_provider == 'uuid' %}
+provider = uuid
+{% elif keystone_token_provider == 'fernet' %}
 provider = {{ keystone_token_provider }}
 expiration = {{ fernet_token_expiry }}