api: Address TODO in microversion v2.99

There's a TODO to prevent passing random query strings to the
'/os-console-auth-tokens' API that should be addressed while we are
updating the API. Do it now.

Change-Id: Ic19f75b1e26ae048df110f6cd9217b706bf3c0a4
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>

nova/api/openstack/compute/console_auth_tokens.py

@@ -99,7 +99,7 @@ class ConsoleAuthTokensController(wsgi.Controller):
 
     @wsgi.Controller.api_version("2.99")  # noqa
     @wsgi.expected_errors((400, 404))
-    @validation.query_schema(schema.show_query)
+    @validation.query_schema(schema.show_query_v299)
     @validation.response_body_schema(schema.show_response_v299)
     def show(self, req, id):  # noqa
         return self._show(req, id, include_tls_port=True)

nova/api/openstack/compute/rest_api_version_history.rst

@@ -1288,7 +1288,8 @@ API response.
 
 Add the ``spice-direct`` console type to the spice console protocol. Also
 add a ``tls_port`` field to the return value from
-``GET /os-console-auth-tokens/{console_token}``.
+``GET /os-console-auth-tokens/{console_token}`` and no longer allow random
+query string parameters.
 
 .. _microversion 2.100:
 

nova/api/openstack/compute/schemas/console_auth_tokens.py

@@ -12,13 +12,15 @@
 
 import copy
 
-# TODO(stephenfin): Remove additionalProperties in a future API version
 show_query = {
     'type': 'object',
     'properties': {},
     'additionalProperties': True,
 }
 
+show_query_v299 = copy.deepcopy(show_query)
+show_query_v299['additionalProperties'] = False
+
 show_response = {
     'type': 'object',
     'properties': {