yahoo-eng-team team mailing list archive

[OpenStack Infra <1754048@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/653068
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=c2be944fb89f94a10d7105b2e072eeab5582c5a7
Submitter: Zuul
Branch:    master

commit c2be944fb89f94a10d7105b2e072eeab5582c5a7
Author: Kristi Nikolla <kristi@xxxxxxxxxx>
Date:   Tue Apr 16 14:11:36 2019 -0400

    Report correct domain in federated user token
    
    Regardless of what domain the user was in, the domain reported in
    the token would be hardcoded to 'Federated' (regardless of the
    federated_domain_name config option).
    
    This patch removes the places where the domain was overwritten,
    and allows the correct domain to flow to the rendered token.
    It also updates the tests where it was being checked for
    the 'Federated' domain.
    
    Change-Id: Idad4e077c488d87f75172664fb519232eb78e292
    Closes-Bug: 1754048


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1754048

Title:
  Federated domain is reported when validating a federated token

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  Prior to introducing per idp domains, all federated users lived in the
  Federated domain. That is not the case anymore but Keystone keeps
  reporting that federated users are part of that domain rather their
  per-idp domains.

  Token validation: http://paste.openstack.org/show/693652/

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1754048/+subscriptions