yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1239303] Re: trust-scoped tokens from v2 API have wrong user_id

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1239303@xxxxxxxxxxxxxxxxxx>
Date: Wed, 16 Oct 2013 08:02:47 -0000
Reply-to: Bug 1239303 <1239303@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.openstack.org/51972
Committed: http://github.com/openstack/keystone/commit/4285b798a36a206ad420326f593525740d71d7ac
Submitter: Jenkins
Branch:    milestone-proposed

commit 4285b798a36a206ad420326f593525740d71d7ac
Author: Steven Hardy <shardy@xxxxxxxxxx>
Date:   Sun Oct 13 10:44:52 2013 +0100

    Fix v2 token user ref with trust impersonation=True
    
    The v2 token controller incorrectly checks for a string instead
    of a boolean, which results in the wrong user ID (trustee, when
    it should be the trustor) when impersonation=True.  So fix the
    comparison and tests, adding a test which illustrates the issue.
    
    Change-Id: Ic94f30f2354c9fda20531bb598387368fde8a096
    Closes-Bug: #1239303


** Changed in: keystone
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1239303

Title:
  trust-scoped tokens from v2 API have wrong user_id

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  When requesting a trust scoped token via the v2 API with
  impersonation=True, the resulting user_id is wrong, it's the trustee
  not the trustor.

  The problem is comparing with 'True' string instead of boolean True
  here:

  https://github.com/openstack/keystone/blob/master/keystone/token/controllers.py#L184

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1239303/+subscriptions