← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #37210

[Bug 1488451] [NEW] It had better to change the sequence of keystone.common.validate_token_bind's code

  Thread PreviousDate PreviousThread Next 
Public bug reported:

The part original code of keystone.common.validate_token_bind function is as follows 
---
def validate_token_bind(context, token_ref):
    ...
    bind = token_ref.bind

    # permissive and strict modes don't require there to be a bind
    permissive = bind_mode in ('permissive', 'strict')

    # get the named mode if bind_mode is not one of the known
    name = None if permissive or bind_mode == 'required' else bind_mode

    if not bind:
        if permissive:
            # no bind provided and none required
            return
        else:
            LOG.info(_LI("No bind information present in token"))
            raise exception.Unauthorized()
   ...
---

If the bind is None, It is not necessary to execute the "name = None if permissive or bind_mode == 'required' else bind_mode".
So It had better to adjust the sequence about the above code.
The changed code is as follows:
---
def validate_token_bind(context, token_ref):
    ...
    bind = token_ref.bind

    # permissive and strict modes don't require there to be a bind
    permissive = bind_mode in ('permissive', 'strict')

    if not bind:
        if permissive:
            # no bind provided and none required
            return
        else:
            LOG.info(_LI("No bind information present in token"))
            raise exception.Unauthorized()

    # get the named mode if bind_mode is not one of the known
    name = None if permissive or bind_mode == 'required' else bind_mode
   ...
---

** Affects: keystone
     Importance: Undecided
     Assignee: majianjun (mjjun)
         Status: New

** Changed in: keystone
     Assignee: (unassigned) => majianjun (mjjun)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1488451

Title:
  It had better to change the sequence of
  keystone.common.validate_token_bind's code

Status in Keystone:
  New

Bug description:
  The part original code of keystone.common.validate_token_bind function is as follows 
  ---
  def validate_token_bind(context, token_ref):
      ...
      bind = token_ref.bind

      # permissive and strict modes don't require there to be a bind
      permissive = bind_mode in ('permissive', 'strict')

      # get the named mode if bind_mode is not one of the known
      name = None if permissive or bind_mode == 'required' else bind_mode

      if not bind:
          if permissive:
              # no bind provided and none required
              return
          else:
              LOG.info(_LI("No bind information present in token"))
              raise exception.Unauthorized()
     ...
  ---

  If the bind is None, It is not necessary to execute the "name = None if permissive or bind_mode == 'required' else bind_mode".
  So It had better to adjust the sequence about the above code.
  The changed code is as follows:
  ---
  def validate_token_bind(context, token_ref):
      ...
      bind = token_ref.bind

      # permissive and strict modes don't require there to be a bind
      permissive = bind_mode in ('permissive', 'strict')

      if not bind:
          if permissive:
              # no bind provided and none required
              return
          else:
              LOG.info(_LI("No bind information present in token"))
              raise exception.Unauthorized()

      # get the named mode if bind_mode is not one of the known
      name = None if permissive or bind_mode == 'required' else bind_mode
     ...
  ---

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1488451/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next