From: Steven Hardy <shardy@redhat.com>
Date: Thu, 21 Feb 2013 17:12:53 +0000 (+0000)
Subject: heat api : don't store whole request in ec2Credentials context
X-Git-Tag: 2014.1~870^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=5d6745e8e6b7bac34ff943dbffda8aa6316ffb24;p=openstack-build%2Fheat-build.git

heat api : don't store whole request in ec2Credentials context

The ec2token middleware currently dumps the whole request into the
request context when using AWS Auth, when all we really want are
the credentials (accesskey/signature)

fixes bug 1072917

Change-Id: I8fb0d4d7ada29d7d19c702a7da1251384166c246
---

diff --git a/heat/api/aws/ec2token.py b/heat/api/aws/ec2token.py
index 9088311e..83b06b17 100644
--- a/heat/api/aws/ec2token.py
+++ b/heat/api/aws/ec2token.py
@@ -123,7 +123,9 @@ class EC2Token(wsgi.Middleware):
                 raise exception.HeatAccessDeniedError()
 
         # Authenticated!
-        req.headers['X-Auth-EC2-Creds'] = creds_json
+        ec2_creds = {'ec2Credentials': {'access': access,
+                                        'signature': signature}}
+        req.headers['X-Auth-EC2-Creds'] = json.dumps(ec2_creds)
         req.headers['X-Auth-Token'] = token_id
         req.headers['X-Auth-URL'] = self.conf['auth_uri']
         req.headers['X-Auth-EC2_URL'] = self.conf['keystone_ec2_uri']