OpenStack Identity (keystone)

HTTP get on s3tokens and ec2tokens endpoint gives 500 internal error

Bug #2052916 reported by Tobias Urdin on 2024-02-12

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	Undecided	Unassigned

Bug Description

When doing a HTTP GET against s3tokens and ec2tokens endpoint we should get a 405 method not allowed but because the get method is getting enforced we get a 500 internal server error instead.

AssertionError: PROGRAMMING ERROR: enforcement (`keystone.common.rbac_enforcer.enforcer.RBACEnforcer.enforce_call()`) has not been called; API is unenforced.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-02-12: Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/keystone/+/908760

Changed in keystone:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-03-08: Fix merged to keystone (master)

Reviewed: https://review.opendev.org/c/openstack/keystone/+/908760
Committed: https://opendev.org/openstack/keystone/commit/6096457d7400c280f9ee07a9c5b9760e74ecee4b
Submitter: "Zuul (22348)"
Branch: master

commit 6096457d7400c280f9ee07a9c5b9760e74ecee4b
Author: Tobias Urdin <email address hidden>
Date: Mon Feb 12 08:36:53 2024 +0000

Dont enforce when HTTP GET on s3tokens and ec2tokens

    When calling the s3tokens or ec2tokens API with a
    HTTP GET we should get a 405 Method Not Allowed but
    we get a 500 Internal Server Error because we enforce
    that method.

    Closes-Bug: #2052916
    Change-Id: I5f60d10dc25551175cc73ca8f3f28b0b95ec9f99
    Signed-off-by: Tobias Urdin <email address hidden>

Changed in keystone:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-03-19: Fix included in openstack/keystone 25.0.0.0rc1

This issue was fixed in the openstack/keystone 25.0.0.0rc1 release candidate.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.