← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #50143

[Bug 1577558] [NEW] v2.0 fernet tokens audit ids are inconsistent

  Thread PreviousDate PreviousThread Next 
Public bug reported:

If you set the token provider to token.provider = fernet, get an
unscoped token from v2.0, then rescope that token to a project, you'll
notice the audit ids don't match. I've recreated this issue in a test
[0].

What should happen is that the unscoped token response will have a list
of audit_ids containing a single audit_id. The project scoped token
response from the unscoped token will also have a list of audit_ids in
the token response but the original audit_id from the unscoped token
will be in the list of the project scoped token.

Right now this behavior doesn't exist in with the fernet provider on
v2.0.


[0] https://review.openstack.org/#/c/311816/1

** Affects: keystone
     Importance: Undecided
         Status: New


** Tags: fernet mitaka-backport-potential

** Tags added: fernet

** Tags added: mitaka-backport-potential

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1577558

Title:
  v2.0 fernet tokens audit ids are inconsistent

Status in OpenStack Identity (keystone):
  New

Bug description:
  If you set the token provider to token.provider = fernet, get an
  unscoped token from v2.0, then rescope that token to a project, you'll
  notice the audit ids don't match. I've recreated this issue in a test
  [0].

  What should happen is that the unscoped token response will have a
  list of audit_ids containing a single audit_id. The project scoped
  token response from the unscoped token will also have a list of
  audit_ids in the token response but the original audit_id from the
  unscoped token will be in the list of the project scoped token.

  Right now this behavior doesn't exist in with the fernet provider on
  v2.0.

  
  [0] https://review.openstack.org/#/c/311816/1

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1577558/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next