openid method failed when federation_group_ids is empty list

LOG:
2019-12-17 02:25:09.269827 2019-12-17 02:25:09.269 10 INFO keystone.common.wsgi [req-521eb002-385e-4015-8035-16bfbdcf0d33 - - - - -] POST http://keystone.openstack.svc.region-guiyang-zyy.myinspurcloud.com/v3/auth/tokens
2019-12-17 02:25:09.270180 2019-12-17 02:25:09.269 10 INFO keystone.common.wsgi [req-521eb002-385e-4015-8035-16bfbdcf0d33 - - - - -] POST http://keystone.openstack.svc.region-guiyang-zyy.myinspurcloud.com/v3/auth/tokens
2019-12-17 02:25:09.298401 2019-12-17 02:25:09.297 10 WARNING keystone.common.fernet_utils [req-521eb002-385e-4015-8035-16bfbdcf0d33 - - - - -] key_repository is world readable: /etc/keystone/fernet-keys/: NeedRegenerationException
2019-12-17 02:25:09.298764 2019-12-17 02:25:09.297 10 WARNING keystone.common.fernet_utils [req-521eb002-385e-4015-8035-16bfbdcf0d33 - - - - -] key_repository is world readable: /etc/keystone/fernet-keys/: NeedRegenerationException
2019-12-17 02:25:09.344893 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi [req-521eb002-385e-4015-8035-16bfbdcf0d33 - - - - -] 'NoneType' object is not iterable: TypeError: 'NoneType' object is not iterable
2019-12-17 02:25:09.344916 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi Traceback (most recent call last):
2019-12-17 02:25:09.344921 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/common/wsgi.py", line 148, in __call__
2019-12-17 02:25:09.344925 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi result = method(req, **params)
2019-12-17 02:25:09.344929 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/auth/controllers.py", line 67, in authenticate_for_token
2019-12-17 02:25:09.344934 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi self.authenticate(request, auth_info, auth_context)
2019-12-17 02:25:09.344938 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/auth/controllers.py", line 236, in authenticate
2019-12-17 02:25:09.344942 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi auth_info.get_method_data(method_name))
2019-12-17 02:25:09.344945 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/auth/plugins/mapped.py", line 58, in authenticate
2019-12-17 02:25:09.344949 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi PROVIDERS.identity_api)
2019-12-17 02:25:09.344953 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/auth/plugins/mapped.py", line 80, in handle_scoped_token
2019-12-17 02:25:09.344957 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi for group_dict in token.federated_groups:
2019-12-17 02:25:09.344961 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi TypeError: 'NoneType' object is not iterable
2019-12-17 02:25:09.344965 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi
2019-12-17 02:25:09.345666 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi [req-521eb002-385e-4015-8035-16bfbdcf0d33 - - - - -] 'NoneType' object is not iterable: TypeError: 'NoneType' object is not iterable
2019-12-17 02:25:09.345681 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi Traceback (most recent call last):
2019-12-17 02:25:09.345686 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/common/wsgi.py", line 148, in __call__
2019-12-17 02:25:09.345690 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi result = method(req, **params)
2019-12-17 02:25:09.345694 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/auth/controllers.py", line 67, in authenticate_for_token
2019-12-17 02:25:09.345698 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi self.authenticate(request, auth_info, auth_context)
2019-12-17 02:25:09.345702 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/auth/controllers.py", line 236, in authenticate
2019-12-17 02:25:09.345706 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi auth_info.get_method_data(method_name))
2019-12-17 02:25:09.345710 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/auth/plugins/mapped.py", line 58, in authenticate
2019-12-17 02:25:09.345714 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi PROVIDERS.identity_api)
2019-12-17 02:25:09.345718 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi File "/var/lib/openstack/local/lib/python2.7/site-packages/keystone/auth/plugins/mapped.py", line 80, in handle_scoped_token
2019-12-17 02:25:09.345722 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi for group_dict in token.federated_groups:
2019-12-17 02:25:09.345726 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi TypeError: 'NoneType' object is not iterable
2019-12-17 02:25:09.345730 2019-12-17 02:25:09.343 10 ERROR keystone.common.wsgi
10.16.4.45 - - [17/Dec/2019:02:25:09 +0000] "POST /v3/auth/tokens HTTP/1.1" 400 96 "-" "curl/7.58.0"

OpenStack Version:

Rocky

We are hitting this error message when using keystone federation. The mapping is simple as follow:

[
   {
      "remote":[
         {
            "type":"REMOTE_USER"
         },
         {
            "type":"OIDC-project"
         }
      ],
      "local":[
         {
            "user":{
               "name":"{0}"
            }
         },
         {
            "projects":[
               {
                  "name":"{1}",
                  "roles":[
                     {
                        "name":"member"
                     }
                  ]
               }
            ]
         }
      ]
   }
]