yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1154737] Re: credentials are not loading domain_id from token_data (loaded from token table)

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Juliano Ciocari <juliano.ciocari@xxxxxx>
Date: Mon, 20 May 2013 17:02:01 -0000
Reply-to: Bug 1154737 <1154737@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1154737

Title:
  credentials are not loading domain_id from token_data (loaded from
  token table)

Status in OpenStack Identity (Keystone):
  Invalid

Bug description:
  
  /keystone/keystone/common/controller.py

  line 45:        if 'domain' in token_data:
  line 46:            creds['domain_id'] = token_data['domain']['id']

  When retrieving information from token to load into creds, it doesnt find the domain in token_data.
  This domain information data is available in extra column from token table, but it is inside user and/or project.

  Sample of extra column value:

  "{"token_data": {"token": {"
  methods": ["password"], 
  "roles": [{"id": "9e988c2843ed4fe0a0a4bb065ce5d88d", "name": "admin"}], 
  "expires": "2013-03-14T13:10:31Z", 

  "project": {"domain": {"id": "default", "name": "Default"}, "id":
  "87b776fc60254e8eaa8fbe3cf6c91c78", "name": "admin"},

  "catalog": [{"endpoints": [{"url": "http://127.0.0.1:35357/v2.0";, "interface": "admin", "region": "pulsar", "id": "f73ce2df5b0848f9a22b5624f0a951ce", "legacy_endpoint_id": "b3d2138bdb2e4bbd8e4e0635622514f6"}, {"url": "http://127.0.0.1:5000/v2.0";, "interface": "internal", "region": "pulsar", "id": "81cfdd3e7d7e4c85b96aae95303cbce0", "legacy_endpoint_id": "b3d2138bdb2e4bbd8e4e0635622514f6"}, {"url": "http://172.16.103.235:5000/v2.0";, "interface": "public", "region": "pulsar", "id": "1a1ea68101a94e108d77e1543e00ce5f", "legacy_endpoint_id": "b3d2138bdb2e4bbd8e4e0635622514f6"}], "type": "identity", "id": "7b32b9dc250c458e83d3b9666917bb0d"}], 
  "extras": {}, 

  "user": {"domain": {"id": "default", "name": "Default"}, "id":
  "c239322dd47d4cfc93659237584742ba", "name": "anne"},

  "issued_at": "2013-03-13T13:10:31.720749"}}, 
  "metadata": {"roles": ["9e988c2843ed4fe0a0a4bb065ce5d88d"]}, 

  "user": {"domain": {"id": "default", "name": "Default"}, "id":
  "c239322dd47d4cfc93659237584742ba", "name": "anne"},

  "key": "cfc6a376e61346dcb34d814cba18fcc8",

  "tenant": {"domain": {"id": "default", "name": "Default"}, "id":
  "87b776fc60254e8eaa8fbe3cf6c91c78", "name": "admin"}}"

  
  As you can see token_data['domain'] doesnt exists. So the user credentials will never have a domain_id.

  
  Notice that we have 2 user entries in this column.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1154737/+subscriptions