Mistral

Can't create cron trigger when authen with token get from application credentials

Bug #1908811 reported by Bo Tran
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mistral
New
Undecided
Unassigned

Bug Description

When I use application credential, I can't create new cron trigger.
I was perform as follows:
1. Create a new application credential
2. Make a command line auth with above application credential
   OS_AUTH_TYPE=v3applicationcredential
   OS_AUTH_URL=http://127.0.0.1:5000/v3
   OS_IDENTITY_API_VERSION=3
   OS_APPLICATION_CREDENTIAL_ID=17d58fe21c9c49d7a7418bd60b841c73
   OS_APPLICATION_CREDENTIAL_SECRET=qoeIFJztgDVX-LRTWIpQJ-PhzSEh9CBvpxNu-xxxx
3. Create a new cron trigger

I was receiverd a error:
2020-12-20 14:28:23.603 68 ERROR wsme.api [req-31bcbeb3-b925-4c8d-94b0-fbf8e06d861f 3502ac4dda5247829c20b6561c5d188a 4a92824aa74445f28d7cf814a54ee283 - default default] Server-side error: "Authorization failed: Internal Server Error (HTTP 500)". Detail:
Traceback (most recent call last):

  File "/usr/local/lib/python2.7/dist-packages/wsmeext/pecan.py", line 85, in callfunction
    result = f(self, *args, **kwargs)

  File "/opt/mistral/mistral/api/controllers/v2/cron_trigger.py", line 78, in post
    workflow_id=values.get('workflow_id')

  File "/opt/mistral/mistral/db/utils.py", line 106, in decorate
    return retry.call(_with_auth_context, auth_ctx, func, *args, **kw)

  File "/opt/mistral/mistral/utils/rest_utils.py", line 249, in call
    return super(MistralRetrying, self).call(fn, *args, **kwargs)

  File "/usr/local/lib/python2.7/dist-packages/tenacity/__init__.py", line 391, in call
    do = self.iter(retry_state=retry_state)

  File "/usr/local/lib/python2.7/dist-packages/tenacity/__init__.py", line 338, in iter
    return fut.result()

  File "/usr/local/lib/python2.7/dist-packages/concurrent/futures/_base.py", line 455, in result
    return self.__get_result()

  File "/usr/local/lib/python2.7/dist-packages/tenacity/__init__.py", line 394, in call
    result = fn(*args, **kwargs)

  File "/opt/mistral/mistral/db/utils.py", line 54, in _with_auth_context
    return func(*args, **kw)

  File "/opt/mistral/mistral/services/triggers.py", line 132, in create_cron_trigger
    security.add_trust_id(trigger_parameters)

  File "/opt/mistral/mistral/services/security.py", line 110, in add_trust_id
    trust = create_trust()

  File "/opt/mistral/mistral/services/security.py", line 41, in create_trust
    client = keystone.client()

  File "/opt/mistral/mistral/utils/openstack/keystone.py", line 41, in client
    auth_url=auth_url

  File "/usr/local/lib/python2.7/dist-packages/keystoneclient/v3/client.py", line 267, in __init__
    self.authenticate()

  File "/usr/local/lib/python2.7/dist-packages/keystoneclient/httpclient.py", line 583, in authenticate
    resp = self.get_raw_token_from_identity_service(**kwargs)

  File "/usr/local/lib/python2.7/dist-packages/keystoneclient/v3/client.py", line 353, in get_raw_token_from_identity_service
    _('Authorization failed: %s') % e)

AuthorizationFailure: Authorization failed: Internal Server Error (HTTP 500)
: AuthorizationFailure: Authorization failed: Internal Server Error (HTTP 500)

This bug have a relationship with https://bugs.launchpad.net/keystone/+bug/1878438 :(

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.