yahoo-eng-team team mailing list archive

[Harri Hämäläinen <hhamalai@xxxxxx>]

*** This bug is a duplicate of bug 1212778 ***
    https://bugs.launchpad.net/bugs/1212778

** This bug has been marked a duplicate of bug 1212778
   Authenticating v2 token against v3 api fails with error 500

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1182448

Title:
  Misleading error message in protocol state error when using V2 tokens
  with trusts from V3

Status in OpenStack Identity (Keystone):
  Triaged

Bug description:
  Keystone Identity API V2 and V3 tokens have a different schemas
  (stored in SQL table "token" field "extra"). When V2 tokens are used
  with V3 functionality (e.g. with OS-TRUST extension) the
  authentication still assumes that V3 are used and tries to access non-
  existing keys from token_ref.

  The following happens when trying to consume a trust with V2 token.

  Keystone log file:

  Traceback (most recent call last):
    File "/usr/lib/python2.6/site-packages/keystone/auth/controllers.py", line 287, in authenticate_for_token
      self.authenticate(context, auth_info, auth_context)
    File "/usr/lib/python2.6/site-packages/keystone/auth/controllers.py", line 353, in authenticate
      auth_context)
    File "/usr/lib/python2.6/site-packages/keystone/auth/plugins/token.py", line 41, in authenticate
      'user_id', token_ref['token_data']['token']['user']['id'])
  KeyError: 'token_data'
  2013-05-21 13:02:29  WARNING [keystone.common.wsgi] Authorization failed. 'token_data' from 10.0.0.10

  The API call response in this case contains:

  {"error": {"message": "'token_data'", "code": 401, "title": "Not
  Authorized"}}

  For the users of the API it would be helpful to provide a better error
  description when this happens.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1182448/+subscriptions