yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1637682] Re: [api] scoped string defined as 'unscope: {}'

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1637682@xxxxxxxxxxxxxxxxxx>
Date: Mon, 03 Apr 2017 09:13:09 -0000
Reply-to: Bug 1637682 <1637682@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Fix proposed to branch: master
Review: https://review.openstack.org/452652

** Changed in: keystoneauth
       Status: Invalid => In Progress

** Changed in: keystoneauth
     Assignee: (unassigned) => Samriddhi (s-jain)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1637682

Title:
  [api] scoped string defined as 'unscope: {}'

Status in OpenStack Identity (keystone):
  In Progress
Status in keystoneauth:
  In Progress

Bug description:
  keystoneauth1/identity/v3/base.py:
  ...
          elif self.unscoped:
              body['auth']['scope'] = {'unscoped': {}}
  ...

  According to Identity API v3 spec( http://developer.openstack.org/api-
  ref/identity/v3/index.html?expanded=password-authentication-with-
  unscoped-authorization-detail,password-authentication-with-scoped-
  authorization-detail ), there should be no '{'scope': {'unscoped':
  {}}' in 'auth'. For some keystone version which is strictly following
  the spec, it would be an security error, so the code slice should be
  deleted.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1637682/+subscriptions