token 'expires' padding differs between POST and GET/HEAD on Fernet tokens
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Medium
|
Unassigned |
Bug Description
We are using fernet tokens and found that with Mitaka the 'expires' values returned by the token POST and token GET/HEAD differ when one would expect these to be the same.
POST /v2.0/tokens
Response:
{"access": {
"token": {
"issued_at": "2016-06-
"expires": "2016-06-
"id": "gAAAAABXcsaYGn
"audit_ids": ["OGGd2bYeTQOi-
},
"serviceCata
"user": {
"username": "account1",
"
"id": "af4012992a154f
"roles": [],
"name": "account1"
},
"metadata": {
"is_admin": 0,
"roles": []
}
}}
GET /v2.0/tokens/
Response:
{"access": {
"token": {
"issued_at": "2016-06-
"expires": "2016-06-
"id": "gAAAAABXcsaYGn
"audit_ids": ["OGGd2bYeTQOi-
},
"serviceCata
"user": {
"username": "account1",
"
"id": "af4012992a154f
"roles": [],
"name": "account1"
},
"metadata": {
"is_admin": 0,
"roles": []
}
}}
The POST response:"expires": "2016-06-
The GET response: "expires": "2016-06-
summary: |
- Mitaka token 'expires' padding differs between POST and GET/HEAD + Mitaka token 'expires' padding differs between POST and GET/HEAD on + Fernet tokens |
tags: | added: fernet |
Changed in keystone: | |
importance: | Undecided → Medium |
status: | New → Triaged |
summary: |
- Mitaka token 'expires' padding differs between POST and GET/HEAD on - Fernet tokens + token 'expires' padding differs between POST and GET/HEAD on Fernet + tokens |
Changed in keystone: | |
assignee: | Lance Bragstad (lbragstad) → Anthony Washington (anthony-washington) |
Might be fixed with https:/ /review. openstack. org/#/c/ 332493/