yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #82292
[Bug 1854041] Re: Keystone should propagate redirect exceptions from auth plugins
** Changed in: keystone
Status: Expired => Confirmed
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1854041
Title:
Keystone should propagate redirect exceptions from auth plugins
Status in OpenStack Identity (keystone):
Confirmed
Bug description:
When a developer is implementing an Authentication plugin [1] they can
only return None and setup the relevant information in the auth
context or raise an Unauthorized exception. However, in some cases
(like an OpenID Connect plugin) it is needed to perform a redirect to
the provider to complete the flow. IIRC this was possible in the past
(before moving to Flask) by raising an exception with the proper HTTP
code set, but with the current implementation this is impossible.
[1]: https://docs.openstack.org/keystone/latest/contributor/auth-
plugins.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1854041/+subscriptions
References