OpenStack Identity (keystone)

_perform_auth may cause NameError exception

Bug #1844207 reported by zhufl on 2019-09-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	Low	Colleen Murphy	OpenStack Identity (keystone) train-rc1

Bug Description

1. Problem
In function _perform_auth, if no remote_id_name is found,
we'll get "NameError: name 'remote_id' is not defined" exception
when we first use remote_id before definition.

def _perform_auth(cls, protocol_id):
     idps = PROVIDERS.federation_api.list_idps()
     for idp in idps:
         try:
             remote_id_name = federation_utils.get_remote_id_parameter(
                 idp, protocol_id)
         except exception.FederatedProtocolNotFound:
             # no protocol for this IdP, so this can't be the IdP we're
             # looking for
             continue
         remote_id = flask.request.environ.get(remote_id_name)
         if remote_id:
             break
     if not remote_id:
         msg = 'Missing entity ID from environment'
         tr_msg = _('Missing entity ID from environment')
         LOG.error(msg)
         raise exception.Unauthorized(tr_msg)

2. Fix
Add remote_id definition.

See original description

zhufl (zhu-fanglei) on 2019-09-17

description:	updated
description:	updated
description:	updated
description:	updated

zhufl (zhu-fanglei) on 2019-09-17

description:

updated

OpenStack Infra (hudson-openstack) on 2019-09-17

Changed in keystone:
assignee:	nobody → zhufl (zhu-fanglei)
status:	New → In Progress

OpenStack Infra (hudson-openstack) on 2019-09-17

Changed in keystone:
assignee:	zhufl (zhu-fanglei) → Colleen Murphy (krinkle)

Colleen Murphy (krinkle) on 2019-09-17

Changed in keystone:
importance:	Undecided → Low
milestone:	none → train-rc1

Revision history for this message

Colleen Murphy (krinkle) wrote on 2019-09-18:

https://review.opendev.org/679706

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-09-20: Fix merged to keystone (master)

Reviewed: https://review.opendev.org/679706
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=e224082ecd347202695b8bbc3e5c5253cf729f92
Submitter: Zuul
Branch: master

commit e224082ecd347202695b8bbc3e5c5253cf729f92
Author: zhufl <email address hidden>
Date: Tue Sep 3 14:53:15 2019 +0800

Add remote_id definition in _perform_auth

    This is to add remote_id definition in _perform_auth, otherwise
    if no remote_id is found, we'll get "NameError: name 'remote_id'
    is not defined" exception.

Change-Id: I2ad7dd6d9e7f74dbeaa87a68472be75b04cef631
Closes-Bug: #1844207

Changed in keystone:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-09-27: Fix included in openstack/keystone 16.0.0.0rc1

This issue was fixed in the openstack/keystone 16.0.0.0rc1 release candidate.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.