← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #20782

[Bug 1328067] Re: Token with "placeholder" ID issued

  Thread PreviousDate PreviousThread Next 
This would cause a breakage in the backwards compatibility of the
Keystone API. The V2 token requires an id, however, under PKI tokens the
id in the token body is part of the signing/hashing that is used to
generate the token id. This means that we cannot have an accurate ID in
the v2 token body.

When using PKI tokens do not use the id encoded in the token body.

** Changed in: keystone
       Status: In Progress => Won't Fix

** Changed in: keystone
    Milestone: juno-rc1 => None

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1328067

Title:
  Token with "placeholder" ID issued

Status in OpenStack Identity (Keystone):
  Won't Fix
Status in OpenStack Identity  (Keystone) Middleware:
  New
Status in Python client library for Keystone:
  Fix Committed

Bug description:
  We're seeing test failures, where it seems that an invalid token is
  issued, with the ID of "placeholder"

  http://logs.openstack.org/69/97569/2/check/check-tempest-dsvm-
  full/565d328/logs/screen-h-eng.txt.gz

  See context_auth_token_info which is being passed using the auth_token
  keystone.token_info request environment variable (ref
  https://review.openstack.org/#/c/97568/ which is the previous patch in
  the chain from the log referenced above).

  It seems like auth_token is getting a token, but there's some sort of
  race in the backend which prevents an actual token being stored?
  Trying to use "placeholder" as a token ID doesn't work, so it seems
  like this default assigned in the controller is passed back to
  auth_token, which treats it as a valid token, even though it's not.

  https://github.com/openstack/keystone/blob/master/keystone/token/controllers.py#L121

  I'm not sure how to debug this further, as I can't reproduce this
  problem locally.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1328067/+subscriptions

References

  Thread PreviousDate PreviousThread Next