heat api : don't store whole request in ec2Credentials context

The ec2token middleware currently dumps the whole request into the
request context when using AWS Auth, when all we really want are
the credentials (accesskey/signature)

fixes bug 1072917

Change-Id: I8fb0d4d7ada29d7d19c702a7da1251384166c246

diff --git a/heat/api/aws/ec2token.py b/heat/api/aws/ec2token.py
index 9088311ef864fa411c1b73b83551122928ef2c17..83b06b17d82b3cd14590b9d79c2a5df4d50346bc 100644 (file)
--- a/heat/api/aws/ec2token.py
+++ b/heat/api/aws/ec2token.py
@@ -123,7 +123,9 @@ class EC2Token(wsgi.Middleware):
                 raise exception.HeatAccessDeniedError()
 
         # Authenticated!
-        req.headers['X-Auth-EC2-Creds'] = creds_json
+        ec2_creds = {'ec2Credentials': {'access': access,
+                                        'signature': signature}}
+        req.headers['X-Auth-EC2-Creds'] = json.dumps(ec2_creds)
         req.headers['X-Auth-Token'] = token_id
         req.headers['X-Auth-URL'] = self.conf['auth_uri']
         req.headers['X-Auth-EC2_URL'] = self.conf['keystone_ec2_uri']