OpenStack Identity (keystone)

  1. Bug #1641026
  2. Comment #17

Comment 17 for bug 1641026

Revision history for this message
Aurelien Lourot (aurelien-lourot) wrote :

The original issue (Keystone failing to tell oslo.config which encoding to use) still exist in Keystone, see analysis in lp:1933109 . I believe now these two bugs are duplicates.

#6 sounds promising and I couldn't find any Keystone Gerrit review attempting it. Should we give it a try?

Traceback of this issue seen on OpenStack Ussuri when having cyrillic chars in the LDAP config:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/keystone/server/flask/request_processing/middleware/auth_context.py", line 103, in _inner
    return method(self, request)
  File "/usr/lib/python3/dist-packages/keystone/server/flask/request_processing/middleware/auth_context.py", line 358, in process_request
    resp = super(AuthContextMiddleware, self).process_request(request)
  File "/usr/lib/python3/dist-packages/keystonemiddleware/auth_token/__init__.py", line 409, in process_request
    data, user_auth_ref = self._do_fetch_token(
  File "/usr/lib/python3/dist-packages/keystonemiddleware/auth_token/__init__.py", line 445, in _do_fetch_token
    data = self.fetch_token(token, **kwargs)
  File "/usr/lib/python3/dist-packages/keystone/server/flask/request_processing/middleware/auth_context.py", line 252, in fetch_token
    self.token = self.token_provider_api.validate_token(
  File "/usr/lib/python3/dist-packages/keystone/common/manager.py", line 115, in wrapped
    __ret_val = __f(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/keystone/token/provider.py", line 145, in validate_token
    token = self._validate_token(token_id)
  File "<decorator-gen-26>", line 2, in _validate_token
  File "/usr/lib/python3/dist-packages/dogpile/cache/region.py", line 1359, in get_or_create_for_user_func
    return self.get_or_create(
  File "/usr/lib/python3/dist-packages/dogpile/cache/region.py", line 957, in get_or_create
    with Lock(
  File "/usr/lib/python3/dist-packages/dogpile/lock.py", line 187, in __enter__
    return self._enter()
  File "/usr/lib/python3/dist-packages/dogpile/lock.py", line 94, in _enter
    generated = self._enter_create(value, createdtime)
 File "/usr/lib/python3/dist-packages/dogpile/lock.py", line 180, in _enter_create
    return self.creator()
  File "/usr/lib/python3/dist-packages/dogpile/cache/region.py", line 915, in gen_value
    created_value = creator(
  File "/usr/lib/python3/dist-packages/keystone/token/provider.py", line 179, in _validate_token
    token.mint(token_id, issued_at)
  File "/usr/lib/python3/dist-packages/keystone/models/token_model.py", line 580, in mint
    self._validate_token_user()
  File "/usr/lib/python3/dist-packages/keystone/models/token_model.py", line 503, in _validate_token_user
    if not self.user_domain.get('enabled'):
  File "/usr/lib/python3/dist-packages/keystone/models/token_model.py", line 139, in user_domain
    if self.user:
  File "/usr/lib/python3/dist-packages/keystone/models/token_model.py", line 133, in user
    self.__user = PROVIDERS.identity_api.get_user(self.user_id)
  File "/usr/lib/python3/dist-packages/keystone/common/manager.py", line 115, in wrapped
    __ret_val = __f(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/keystone/identity/core.py", line 412, in wrapper
    self.domain_configs.setup_domain_drivers(
  File "/usr/lib/python3/dist-packages/keystone/identity/core.py", line 306, in setup_domain_drivers
    self._setup_domain_drivers_from_files(standard_driver,
  File "/usr/lib/python3/dist-packages/keystone/identity/core.py", line 159, in _setup_domain_drivers_from_files
    self._load_config_from_file(
  File "/usr/lib/python3/dist-packages/keystone/identity/core.py", line 125, in _load_config_from_file
    domain_config['cfg'](args=[], project='keystone',
  File "/usr/lib/python3/dist-packages/oslo_config/cfg.py", line 2131, in __call__
    self._namespace = self._parse_cli_opts(args if args is not None
  File "/usr/lib/python3/dist-packages/oslo_config/cfg.py", line 2897, in _parse_cli_opts
    return self._parse_config_files()
  File "/usr/lib/python3/dist-packages/oslo_config/cfg.py", line 2914, in _parse_config_files
    ConfigParser._parse_file(config_file, namespace)
  File "/usr/lib/python3/dist-packages/oslo_config/cfg.py", line 1604, in _parse_file
    parser.parse()
  File "/usr/lib/python3/dist-packages/oslo_config/cfg.py", line 1559, in parse
    return super(ConfigParser, self).parse(f.readlines())
File "/usr/lib/python3.8/encodings/ascii.py", line 26, in decode
    return codecs.ascii_decode(input, self.errors)[0]
UnicodeDecodeError: 'ascii' codec can't decode byte 0xd0 in position 94: ordinal not in range(128)
(keystone.server.flask.request_processing.middleware.auth_context): 2021-06-21 12:23:14,525 ERROR 'ascii' codec can't decode byte 0xd0 in position 94: ordinal not in range(128)