← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #94379

[Bug 2075723] [NEW] Wrong token expiration time format with expiring application credentials

  Thread PreviousDate PreviousThread Next 
Public bug reported:

In bug #1992183, token expiration time was limited to the application
credentials expiration time. Unfortunately, the format used in the token
is not the one specified in api-ref.

Steps to reproduce:
1. Create application credentials expiring very soon
2. Issue a token with the application credentials
3. Validate the token and check token expiration time

Observed:
    "expires_at": "2024-08-02T13:47:05",

Expected:
    "expires_at": "2024-08-02T13:47:05.000000Z",

I expect this, because:
1. https://docs.openstack.org/api-ref/identity/v3/#validate-and-show-information-for-token - our docs say so
2. The format is with Z in the end in all other authentication plugins

This is also expected by tools that parse the token and convert it to
objects, and are more strict to the formats.

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/2075723

Title:
  Wrong token expiration time format with expiring application
  credentials

Status in OpenStack Identity (keystone):
  New

Bug description:
  In bug #1992183, token expiration time was limited to the application
  credentials expiration time. Unfortunately, the format used in the
  token is not the one specified in api-ref.

  Steps to reproduce:
  1. Create application credentials expiring very soon
  2. Issue a token with the application credentials
  3. Validate the token and check token expiration time

  Observed:
      "expires_at": "2024-08-02T13:47:05",

  Expected:
      "expires_at": "2024-08-02T13:47:05.000000Z",

  I expect this, because:
  1. https://docs.openstack.org/api-ref/identity/v3/#validate-and-show-information-for-token - our docs say so
  2. The format is with Z in the end in all other authentication plugins

  This is also expected by tools that parse the token and convert it to
  objects, and are more strict to the formats.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2075723/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next