yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1487115] [NEW] Ephemeral user's id is not always urlsafe

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Marek Denis <marek.denis@xxxxxxx>
Date: Thu, 20 Aug 2015 16:14:36 -0000
Reply-to: Bug 1487115 <1487115@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Ephemeral users' id should always be url-safe. Sadly, id the mapping
rule specifies user's id the value will be passed as-is and never url-
encoded. We should change auth.plugins.mapped.setup_username() function
and make sure user_id is always treated with
six.moves.urllib.parse.quote()  function.

** Affects: keystone
     Importance: Medium
     Assignee: Marek Denis (marek-denis)
         Status: In Progress


** Tags: federation

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1487115

Title:
  Ephemeral user's id is not always urlsafe

Status in Keystone:
  In Progress

Bug description:
  Ephemeral users' id should always be url-safe. Sadly, id the mapping
  rule specifies user's id the value will be passed as-is and never url-
  encoded. We should change auth.plugins.mapped.setup_username()
  function and make sure user_id is always treated with
  six.moves.urllib.parse.quote()  function.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1487115/+subscriptions

Follow ups

[Bug 1487115] Re: Ephemeral user's id is not always urlsafe
From: Dave Walker, 2016-01-21
[Bug 1487115] Re: Ephemeral user's id is not always urlsafe
From: Dave Walker, 2016-01-21
[Bug 1487115] Re: Ephemeral user's id is not always urlsafe
From: Doug Hellmann, 2015-09-03