auth_token emits deprecation warning for keystoneclient

Bug #1647230 reported by Jamie Lennox
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
keystoneauth
Fix Released
Medium
Jamie Lennox
keystonemiddleware
Won't Fix
Undecided
Unassigned

Bug Description

AuthToken middleware is emitting log warnings like:

UserWarning: Using keystoneclient sessions has been deprecated. Please update your software to use keystoneauth1.

This warning was added as part of https://review.openstack.org/#/c/387733/ to make sure users were passing keystoneauth sessions to keystoneauth libraries and not the older keystoneclient sessions.

Unfortunately this misses a hack we do in auth_token middleware where we build an adapter and pass the whole adapter as a session. This works because the relied on interface is designed to exactly match. Really this is a strange situation and we shouldn't be passing adapters around like this but it's a much larger fix to auth_token middleware to change this that doesn't have a functionality difference.

We should fix this in keystoneauth to allow this recursive adapter situation, as really all we care about in this check is that users aren't mixing keystoneclient and keystoneauth.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystoneauth (master)

Fix proposed to branch: master
Review: https://review.openstack.org/406647

Changed in keystoneauth:
assignee: nobody → Jamie Lennox (jamielennox)
status: New → In Progress
Revision history for this message
Jamie Lennox (jamielennox) wrote :

Filing against keystonemiddleware because this is where people will likely encounter the problem. We should really fix keystonemiddleware to not nest the adapters like this.

Changed in keystoneauth:
importance: Undecided → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystoneauth (master)

Reviewed: https://review.openstack.org/406647
Committed: https://git.openstack.org/cgit/openstack/keystoneauth/commit/?id=c5bac3a32c6a48a1f81e242638e586749a1f514b
Submitter: Jenkins
Branch: master

commit c5bac3a32c6a48a1f81e242638e586749a1f514b
Author: Jamie Lennox <email address hidden>
Date: Mon Dec 5 11:03:20 2016 +1100

    Don't issue deprecation warning when nesting adapters

    Auth token middleware does a bit of a hack where it passes an Adapter in
    as a session to the client. This is useful there because we need to know
    much more about the authentication information than we do in most
    clients.

    We should look at fixing this in auth_token middleware, however for now
    we shouldn't issue a deprecation warning when a user passes an Adapter
    as a session object because this has always been designed to work - just
    not something we recommend.

    Change-Id: If7ebe59d5908275e607f32244027c8e6f3d1e157
    Closes-Bug: #1647230

Changed in keystoneauth:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/keystoneauth 2.17.0

This issue was fixed in the openstack/keystoneauth 2.17.0 release.

Revision history for this message
Morgan Fainberg (mdrnstm) wrote :

Is this still an issue for ksm?

Changed in keystonemiddleware:
status: New → Incomplete
Changed in keystonemiddleware:
status: Incomplete → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.