← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #64410

[Bug 1694589] [NEW] Federation protocol creation gives error

  Thread PreviousDate PreviousThread Next 
Public bug reported:

I am trying to configure OIDC with keystone.
I have followed the below steps to create the federated resources.

source accr/admin/admin
export OS_IDENTITY_API_VERSION=3
openstack domain create federated_domain
openstack group create federated_users
openstack role add --group federated_users --domain federated_domain admin
openstack identity provider create --remote-id https://accounts.google.com myidp

export remote_type=REMOTE_USER
export remote_type=HTTP_OIDC_EMAIL
cat > rules.json <<EOF
[
    {
        "local": [
            {
                "user": {
                    "name": "{0}"
                },
                "group": {
                    "domain": {
                        "name": "Default"
                    },
                    "name": "federated_users"
                }
            }
        ],
        "remote": [
            {
                "type": "${remote_type}"
            }
        ]
    }
]
EOF
openstack mapping create --rules rules.json myidp_mapping

however the step to create the federation protocol is giving me errors
openstack federation protocol create mapped --mapping myidp_mapping --identity-provider myidp


I'm getting the below error:
string indices must be integers (HTTP 400) (Request-ID: req-85e59791-fc09-49ab-9204-4363b12f95e1)

The first time i created a mapping and a protocol things were fine. But
when i deleted the older mapping and re-created new rules for mapping
and tried creating the protocol, i got the above error

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1694589

Title:
  Federation protocol creation gives error

Status in OpenStack Identity (keystone):
  New

Bug description:
  I am trying to configure OIDC with keystone.
  I have followed the below steps to create the federated resources.

  source accr/admin/admin
  export OS_IDENTITY_API_VERSION=3
  openstack domain create federated_domain
  openstack group create federated_users
  openstack role add --group federated_users --domain federated_domain admin
  openstack identity provider create --remote-id https://accounts.google.com myidp

  export remote_type=REMOTE_USER
  export remote_type=HTTP_OIDC_EMAIL
  cat > rules.json <<EOF
  [
      {
          "local": [
              {
                  "user": {
                      "name": "{0}"
                  },
                  "group": {
                      "domain": {
                          "name": "Default"
                      },
                      "name": "federated_users"
                  }
              }
          ],
          "remote": [
              {
                  "type": "${remote_type}"
              }
          ]
      }
  ]
  EOF
  openstack mapping create --rules rules.json myidp_mapping

  however the step to create the federation protocol is giving me errors
  openstack federation protocol create mapped --mapping myidp_mapping --identity-provider myidp

  
  I'm getting the below error:
  string indices must be integers (HTTP 400) (Request-ID: req-85e59791-fc09-49ab-9204-4363b12f95e1)

  The first time i created a mapping and a protocol things were fine.
  But when i deleted the older mapping and re-created new rules for
  mapping and tried creating the protocol, i got the above error

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1694589/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next