my solution codes:
diff --git a/keystone/token/provider.py b/keystone/token/provider.py index fb41d4b..e4cea63 100644 --- a/keystone/token/provider.py +++ b/keystone/token/provider.py @@ -284,6 +284,24 @@ class Manager(manager.Manager): # Get the data we need from the correct location (V2 and V3 tokens # differ in structure, Try V3 first, fall back to V2 second) token_data = token.get('token', token.get('access')) + + user_data = token_data['user'] + user_ref = self.identity_api.get_user(user_data['id']) ## Y.Kawada + + if not user_ref.get('enabled', True): + msg = _('User is disabled: %s') % user_ref['id'] + LOG.warning(msg) + raise exception.Unauthorized(msg) + + _token_data = token_data.get('token', token_data) + project_data = _token_data.get('tenant', _token_data.get('project')) + if project_data: + project_ref = self.assignment_api.get_project(project_data['id']) + if not project_ref.get('enabled', True): + msg = _('Project is disabled: %s') % project_ref['id'] + LOG.warning(msg) + raise exception.Unauthorized(msg) + expires_at = token_data.get('expires_at', token_data.get('expires'))
But run_test.sh reports v3_federation FAILs.
my solution codes:
diff --git a/keystone/ token/provider. py b/keystone/ token/provider. py token/provider. py token/provider. py manager. Manager) :
token_ data = token.get('token', token.get( 'access' )) api.get_ user(user_ data['id' ]) ## Y.Kawada get('enabled' , True): Unauthorized( msg) get('token' , token_data) data.get( 'tenant' , _token_ data.get( 'project' )) _api.get_ project( project_ data['id' ]) ref.get( 'enabled' , True): Unauthorized( msg)
expires_ at = token_data. get('expires_ at',
token_ data.get( 'expires' ))
index fb41d4b..e4cea63 100644
--- a/keystone/
+++ b/keystone/
@@ -284,6 +284,24 @@ class Manager(
# Get the data we need from the correct location (V2 and V3 tokens
# differ in structure, Try V3 first, fall back to V2 second)
+
+ user_data = token_data['user']
+ user_ref = self.identity_
+
+ if not user_ref.
+ msg = _('User is disabled: %s') % user_ref['id']
+ LOG.warning(msg)
+ raise exception.
+
+ _token_data = token_data.
+ project_data = _token_
+ if project_data:
+ project_ref = self.assignment
+ if not project_
+ msg = _('Project is disabled: %s') % project_ref['id']
+ LOG.warning(msg)
+ raise exception.
+
But run_test.sh reports v3_federation FAILs.