OpenStack Identity (keystone)

creating a federation protocol returns Bad Request instead of Conflict

Bug #1687888 reported by yangweiwei
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Invalid
Undecided
yangweiwei

Bug Description

Do as the following:
1 PUT /v3/OS-FEDERATION/identity_providers/keystone-idp/protocols/saml2
  result:ok

2.PUT /v3/OS-FEDERATION/identity_providers/keystone-idp/protocols/saml2
  result:string indices must be integers (HTTP 400)

But actually, the response should like 'Conflict occurred...'

yangweiwei (496176919-6)
Changed in keystone:
assignee: nobody → yangweiwei (496176919-6)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (stable/ocata)

Fix proposed to branch: stable/ocata
Review: https://review.openstack.org/462061

Revision history for this message
Lance Bragstad (lbragstad) wrote : Re: keystone federation protocol

Is this also an issue on the stable/newton and master branches?

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on keystone (stable/ocata)

Change abandoned by yangweiwei (<email address hidden>) on branch: stable/ocata
Review: https://review.openstack.org/462061
Reason: this patch has fixed in master branch.

Lance Bragstad (lbragstad)
summary: - keystone federation protocol
+ keystone federation protocol returns Bad Request instead of Conflict
summary: - keystone federation protocol returns Bad Request instead of Conflict
+ creating a federation protocol returns Bad Request instead of Conflict
Revision history for this message
Lance Bragstad (lbragstad) wrote :

I was unable to recreate this locally. I took the following steps:

$ openstack identity provider list -f yaml
- Description: null
  Enabled: true
  ID: myidp

$ openstack mapping list -f yaml
- ID: myidp_mapping

$ openstack mapping show myidp_mapping -f yaml
id: myidp_mapping
rules:
- local:
  - group:
      domain:
        name: Default
      name: federated_users
    user:
      name: '{0}'
  remote:
  - type: HTTP_OIDC_EMAIL

$ cat mapping.json
{
    "protocol": {
        "mapping_id": "myidp_mapping"
    }
}

$ curl -X PUT -H "X-Auth-Token: $TOKEN" -H "Content-Type: application/json" -d @mapping.json http:/
/127.0.0.1:35357/v3/OS-FEDERATION/identity_providers/myidp/protocols/saml2
{"protocol": {"mapping_id": "myidp_mapping", "id": "saml2", "links": {"self": "http://127.0.0.1:35357/v3/OS-FEDERATION/identity_providers/myidp/protocols/saml2", "identity_provider": "http://127.0.0.1:35357/v3/OS-FEDERATION/identity_providers/myidp"}}}

$ curl -X PUT -H "X-Auth-Token: $TOKEN" -H "Content-Type: application/json" -d @mapping.json http:/
/127.0.0.1:35357/v3/OS-FEDERATION/identity_providers/myidp/protocols/saml2
{"error": {"message": "Conflict occurred attempting to store federation_protocol - Duplicate entry found with ID saml2.", "code": 409, "title": "Conflict"}}

Marking this as invalid for now. If there is other relevant information required to reproducing this, please let me know and I'll reassess.

Changed in keystone:
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.