openstack/kolla-ansible
Code Issues Proposed changes
9892976119
kolla-ansible/releasenotes
History
Jakub Darmach 9892976119
Keystone OIDC JWKS fix 
JWT failed to validate on auth-oidc endpoint used by openstack cli
with "could not find key with kid: XX" error. To fix this we need
to use jwks provided in "jwks_uri" by OIDC metadata endpoint.

Missing "ServerName" directive from vhost config causes redirection
to fail in some cases when external tls is enabled.

  - added "keystone_federation_oidc_jwks_uri" variable
  - added "OIDCOAuthVerifyJwksUri" to keystone vhost config
  - added "ServerName" to keystone vhost config
  - jinja templating additional whitespace trimmed to
    correct end result indentation and empty newlines

Closes-bug: 1990375
Change-Id: I4f5c1bd8be8e23cf6299ca4bdfd79e9d98c9a9eb
2022-10-03 12:36:11 +02:00
..
notes Keystone OIDC JWKS fix 2022-10-03 12:36:11 +02:00
source Update master for stable/yoga 2022-04-07 12:43:45 +00:00
templates [docs] Add templates and examples of renos 2021-01-13 10:19:19 +00:00