OpenStack Identity (keystone)

Federation documentation is not clear about mapping.rules.local.user.name

Bug #1320140 reported by Gabriel Assis Bezerra on 2014-05-16

This bug report is a duplicate of: Bug #1312221: Add user objects to mapping rules examples in OS-FEDERATION docs. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Triaged	Medium	Unassigned	OpenStack Identity (keystone) juno-rc1 "RC1"

Bug Description

The documentation of the Federation API [1] brings a lot of examples where the local part of the rule does not have the user object with the name property, such as:

{
    "user": {
        "name": "user name"
    }
}

However one cannot get a token with Federation if the mapping doesn't have such rule, because of the lines below: [2]

        mapped_properties = self._transform(identity_values)
        if mapped_properties.get('name') is None:
            raise exception.Unauthorized(_("Could not map user"))

and the implementation of the method _transform, that is not lenient about the lack of the aforementioned object [3].

[1] https://github.com/openstack/identity-api/blob/master/openstack-identity-api/v3/src/markdown/identity-api-v3-os-federation-ext.md
[2] https://github.com/openstack/keystone/blob/01eea87dea766714015a62f5d24f07d2407f9612/keystone/contrib/federation/utils.py#L223
[3] https://github.com/openstack/keystone/blob/01eea87dea766714015a62f5d24f07d2407f9612/keystone/contrib/federation/utils.py#L228

Tags:

Revision history for this message

Lance Bragstad (lbragstad) wrote on 2014-05-19:

Some new documentation just landed this last week concerning Federation documentation.

https://review.openstack.org/#/c/89220/

Revision history for this message

Gabriel Assis Bezerra (gabriel-bezerra) wrote on 2014-05-19:

This bug was posted after that. The text in that change redirects the user to the pages I mentioned when it is time to configure mapping and doesn't add more information about that part.

David Stanek (dstanek) on 2014-05-29

Changed in keystone:
status:	New → Triaged
importance:	Undecided → Medium

Revision history for this message

Steve Martinelli (stevemar) wrote on 2014-05-30:

https://review.openstack.org/#/c/90121/ is also related to it, it's a change to add user examples to the API spec.

Revision history for this message

Steve Martinelli (stevemar) wrote on 2014-05-30:

not sure if this can be considered a dupe of https://bugs.launchpad.net/openstack-api-site/+bug/1312221

Revision history for this message

Lance Bragstad (lbragstad) wrote on 2014-09-04:

Gabriel,

Does the fix tracked here [1] address your concerns? If so, we can mark this as a duplicate of bug 1312221

[1] https://bugs.launchpad.net/openstack-api-site/+bug/1312221

tags:

added: meeting-topic

Revision history for this message

Lance Bragstad (lbragstad) wrote on 2014-09-04:

If it doesn't address your concerns, then we'll think about tagging this for Juno RC1.

Changed in keystone:
milestone:	none → juno-rc1

Revision history for this message

Gabriel Assis Bezerra (gabriel-bezerra) wrote on 2014-09-08:

It seems to address, lbragstad. It even mentions the same line of code. Thanks for the update.

Revision history for this message

Lance Bragstad (lbragstad) wrote on 2014-09-13:

Gabriel, thanks for following up!

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1312221 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.