yahoo-eng-team team mailing list archive

[Steve Martinelli <1637682@xxxxxxxxxxxxxxxxxx>]

In this case, the API needs to be updated, it should include the
"unscoped" option: https://github.com/openstack/keystone/blob/master
/api-ref/source/v3/authenticate-v3.inc

The issue here is that we moved our APIs from one repo to another and
some content went missing in the transition.

Information about "unscoped" in the old API is here:
https://github.com/openstack/keystone-specs/blob/master/attic/v3
/identity-api-v3.rst#unscoped

** Also affects: keystone
   Importance: Undecided
       Status: New

** Changed in: keystoneauth
       Status: New => Invalid

** Changed in: keystone
       Status: New => Triaged

** Changed in: keystone
   Importance: Undecided => Low

** Changed in: keystoneauth
     Assignee: chenyujie (gzyjchen) => (unassigned)

** Tags added: api-ref documentation

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1637682

Title:
  scoped string defined as 'unscope: {}'

Status in OpenStack Identity (keystone):
  Triaged
Status in keystoneauth:
  Invalid

Bug description:
  keystoneauth1/identity/v3/base.py:
  ...
          elif self.unscoped:
              body['auth']['scope'] = {'unscoped': {}}
  ...

  According to Identity API v3 spec( http://developer.openstack.org/api-
  ref/identity/v3/index.html?expanded=password-authentication-with-
  unscoped-authorization-detail,password-authentication-with-scoped-
  authorization-detail ), there should be no '{'scope': {'unscoped':
  {}}' in 'auth'. For some keystone version which is strictly following
  the spec, it would be an security error, so the code slice should be
  deleted.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1637682/+subscriptions