From aae181817e5f463a959b08477e9c2c8d94eadc25 Mon Sep 17 00:00:00 2001
From: Michael Krotscheck <krotscheck@gmail.com>
Date: Tue, 1 Mar 2016 12:21:33 -0800
Subject: [PATCH] Moved CORS middleware configuration into
 oslo-config-generator

The default values needed for neutron's implementation of cors
middleware have been moved from paste.ini into the configuration
hooks provided by oslo.config. Furthermore, these values have been
added to neutron's default configuration parsing. This ensures
that if a value remains unset in neutron.conf, it will be set to use
sane defaults, and that an operator modifying the configuration
file will be presented with a default set of necessary sane headers.

Change-Id: I327d1d7ce50dd4a20d781e6251a5af81c57e6ca1
Closes-Bug: 1551836
---
 etc/api-paste.ini          |  3 ---
 neutron/common/config.py   | 32 ++++++++++++++++++++++++++++++++
 neutron/server/__init__.py |  1 +
 setup.cfg                  |  2 ++
 4 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/etc/api-paste.ini b/etc/api-paste.ini
index 4884fe382c8..5902651634c 100644
--- a/etc/api-paste.ini
+++ b/etc/api-paste.ini
@@ -17,9 +17,6 @@ paste.filter_factory = oslo_middleware:CatchErrors.factory
 [filter:cors]
 paste.filter_factory = oslo_middleware.cors:filter_factory
 oslo_config_project = neutron
-latent_allow_headers = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
-latent_expose_headers = X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
-latent_allow_methods = GET, PUT, POST, DELETE, PATCH
 
 [filter:keystonecontext]
 paste.filter_factory = neutron.auth:NeutronKeystoneContext.factory
diff --git a/neutron/common/config.py b/neutron/common/config.py
index c92106cd63e..aebda628317 100644
--- a/neutron/common/config.py
+++ b/neutron/common/config.py
@@ -24,6 +24,7 @@ from oslo_config import cfg
 from oslo_db import options as db_options
 from oslo_log import log as logging
 import oslo_messaging
+from oslo_middleware import cors
 from oslo_service import wsgi
 
 from neutron._i18n import _, _LI
@@ -260,6 +261,7 @@ def reset_service():
     # Note that this is called only in case a service is running in
     # daemon mode.
     setup_logging()
+    set_config_defaults()
     policy.refresh()
 
 
@@ -271,3 +273,33 @@ def load_paste_app(app_name):
     loader = wsgi.Loader(cfg.CONF)
     app = loader.load_app(app_name)
     return app
+
+
+def set_config_defaults():
+    """This method updates all configuration default values."""
+    set_cors_middleware_defaults()
+
+
+def set_cors_middleware_defaults():
+    """Update default configuration options for oslo.middleware."""
+    # CORS Defaults
+    # TODO(krotscheck): Update with https://review.openstack.org/#/c/285368/
+    cfg.set_defaults(cors.CORS_OPTS,
+                     allow_headers=['X-Auth-Token',
+                                    'X-Identity-Status',
+                                    'X-Roles',
+                                    'X-Service-Catalog',
+                                    'X-User-Id',
+                                    'X-Tenant-Id',
+                                    'X-OpenStack-Request-ID'],
+                     expose_headers=['X-Auth-Token',
+                                     'X-Subject-Token',
+                                     'X-Service-Token',
+                                     'X-OpenStack-Request-ID',
+                                     'OpenStack-Volume-microversion'],
+                     allow_methods=['GET',
+                                    'PUT',
+                                    'POST',
+                                    'DELETE',
+                                    'PATCH']
+                     )
diff --git a/neutron/server/__init__.py b/neutron/server/__init__.py
index 32ebdf2fad6..312a65c4d3d 100644
--- a/neutron/server/__init__.py
+++ b/neutron/server/__init__.py
@@ -28,6 +28,7 @@ def boot_server(server_func):
     # the configuration will be read into the cfg.CONF global data structure
     config.init(sys.argv[1:])
     config.setup_logging()
+    config.set_config_defaults()
     if not cfg.CONF.config_file:
         sys.exit(_("ERROR: Unable to find configuration file via the default"
                    " search paths (~/.neutron/, ~/, /etc/neutron/, /etc/) and"
diff --git a/setup.cfg b/setup.cfg
index e1d262a2003..8f3ebf225b6 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -147,6 +147,8 @@ oslo.config.opts =
     neutron.ml2.sriov.agent = neutron.opts:list_sriov_agent_opts
     neutron.qos = neutron.opts:list_qos_opts
     nova.auth = neutron.opts:list_auth_opts
+oslo.config.opts.defaults =
+    oslo.middleware.cors = neutron.common.config:set_cors_middleware_defaults
 neutron.db.alembic_migrations =
     neutron = neutron.db.migration:alembic_migrations
 neutron.interface_drivers =