Currently an invalid service token will cause a request to be denied by auth_token middleware regardless of the setting of delay_auth_decision. This prevents service tokens being used with other auth middleware when auth_token co-exists in the wsgi pipeline, because auth_token will consider the other auth system's service token to be invalid and erroneously deny the request.
Devstack [1] and some production systems configure swift with auth_token and other auth middleware. Swift support for service tokens is currently in review [2] but functional tests will not pass using devstack unless auth_token allows delayed auth decisions when a service token is found but is invalid (i.e. same behavior as for X-Auth-Token.
[1] https://github.com/openstack-dev/devstack/blob/master/lib/swift#L396
[2] change I6072b4efb3a479a8e0cc2d9c11ffda5764b55e30
Fix proposed here: /review. openstack. org/#/c/ 153247
https:/