OpenStack Image Registry and Delivery Service (Glance)

With keystone v2 auth does not use v2 path (/v2.0/tokens)

Reported by Stuart McLaren on 2011-12-08
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Glance
Medium
Stuart McLaren
Diablo
Undecided
Unassigned

Bug Description

In auth.py the token_url ends up being the same
whether you are using v1 or v2 auth.

ie in the following code segment:

        def _authenticate(auth_url):
            token_url = urlparse.urljoin(auth_url, "tokens") (*)

            # 1. Check Keystone version
            is_v2 = auth_url.rstrip('/').endswith('v2.0')
            if is_v2:
                self._v2_auth(token_url)
            else:
                self._v1_auth(token_url)

the line marked (*) sets the token_url to the same value
irrespective of whether v2.0 or v1.0 auth is being used.

I think something like this is needed so that we
post to /tokens for v1 but /v2.0/tokens for v2:

+++ b/glance/common/auth.py
@@ -83,13 +83,14 @@ class KeystoneStrategy(BaseStrategy):
            protocol.
         """
         def _authenticate(auth_url):
- token_url = urlparse.urljoin(auth_url, "tokens")
-
             # 1. Check Keystone version
             is_v2 = auth_url.rstrip('/').endswith('v2.0')
+
             if is_v2:
+ token_url = urlparse.urljoin(auth_url, "v2.0/tokens")
                 self._v2_auth(token_url)
             else:
+ token_url = urlparse.urljoin(auth_url, "tokens")
                 self._v1_auth(token_url)

         for required in ('username', 'password', 'auth_url'):

Jay Pipes (jaypipes) wrote :
Changed in glance:
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Stuart McLaren (stuart-mclaren)
milestone: none → essex-3

Reviewed: https://review.openstack.org/2235
Committed: http://github.com/openstack/glance/commit/c827316cd3be96c5bf70b4fbba78e46f038b8a7d
Submitter: Jenkins
Branch: master

commit c827316cd3be96c5bf70b4fbba78e46f038b8a7d
Author: Stuart McLaren <email address hidden>
Date: Thu Dec 8 13:19:51 2011 +0000

    Fix for bug 901609, when using v2 auth should use /v2.0/tokens path.

    Added relevant V1 and V2 auth unit tests.

    Also allow keystone authentication to work whether OS_AUTH_URL
    has a trailing slash or not.

    Change-Id: Ia94c759644c9394d72cc07999a1eb8eedda5ea3a

Changed in glance:
status: In Progress → Fix Committed

Reviewed: https://review.openstack.org/2867
Committed: http://github.com/openstack/glance/commit/5d7bd2180ee01ae73c4bc60e17d479769992c3ee
Submitter: Jenkins
Branch: stable/diablo

commit 5d7bd2180ee01ae73c4bc60e17d479769992c3ee
Author: Stuart McLaren <email address hidden>
Date: Thu Dec 8 13:19:51 2011 +0000

    Fix for bug 901609, when using v2 auth should use /v2.0/tokens path.

    Added relevant V1 and V2 auth unit tests.

    Also allow keystone authentication to work whether OS_AUTH_URL
    has a trailing slash or not.

    (cherry picked from commit c827316cd3be96c5bf70b4fbba78e46f038b8a7d)

    Change-Id: Ia94c759644c9394d72cc07999a1eb8eedda5ea3a

tags: added: in-stable-diablo
Thierry Carrez (ttx) on 2012-01-25
Changed in glance:
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2012-04-05
Changed in glance:
milestone: essex-3 → 2012.1
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers