There are 2 known issues which breaks token auth method in CLI:
* The wrong check of flag (the check should be for --os-token since
arguments are not parsed at that moment) is performed in CLI inner method
`_append_global_identity_args`. It led to usage of "password" auth
type by default[1] even if `--os-token` cli argument is specified.
If `--os-auth-type` is specified to token, keystoneauth1 library makes
the right decision[2].
* Based on an auth type, keystoneauth library registers different CLI
arguments[3]. It means that `--os-username` argument is available only
in password auth type, `--os-token` is available only in token auth
type, etc.
It also affects the way in which the python code should access such
arguments. The arguments which are unrelated to the selected auth type
are omitted from the parsed arguments object.
That sounds reasonable, but unfortunately the code assumes the
unrelated arguments are always present which leads to an
AttributeError.
Combination of these 2 issues made token auth type broken in CLI layer.
Reviewed: https:/ /review. openstack. org/424256 /git.openstack. org/cgit/ openstack/ python- novaclient/ commit/ ?id=6049be67c0f 66bd2d15c7b52f7 7dd89ac4ec2e94
Committed: https:/
Submitter: Zuul
Branch: master
commit 6049be67c0f66bd 2d15c7b52f77dd8 9ac4ec2e94
Author: Andrey Kurilin <email address hidden>
Date: Mon Jan 23 19:22:14 2017 +0200
[CLI] Fix token auth type
There are 2 known issues which breaks token auth method in CLI:
* The wrong check of flag (the check should be for --os-token since _append_ global_ identity_ args`. It led to usage of "password" auth
arguments are not parsed at that moment) is performed in CLI inner method
`
type by default[1] even if `--os-token` cli argument is specified.
If `--os-auth-type` is specified to token, keystoneauth1 library makes
the right decision[2].
* Based on an auth type, keystoneauth library registers different CLI Error.
arguments[3]. It means that `--os-username` argument is available only
in password auth type, `--os-token` is available only in token auth
type, etc.
It also affects the way in which the python code should access such
arguments. The arguments which are unrelated to the selected auth type
are omitted from the parsed arguments object.
That sounds reasonable, but unfortunately the code assumes the
unrelated arguments are always present which leads to an
Attribute
Combination of these 2 issues made token auth type broken in CLI layer.
[1] https:/ /github. com/openstack/ python- novaclient/ blob/ee2221f052 6c4a6bed431229e 363c740d07b8ee9 /novaclient/ shell.py# L255-L257 /github. com/openstack/ keystoneauth/ blob/14dd37b34c 4821abf145ea24e 593eddaa9f607c8 /keystoneauth1/ loading/ cli.py# L51-L52 /github. com/openstack/ keystoneauth/ blob/14dd37b34c 4821abf145ea24e 593eddaa9f607c8 /keystoneauth1/ loading/ cli.py# L65-L73
[2] https:/
[3] https:/
Closes-Bug: #1659015 105288d8336623c c22cf92523e
Change-Id: Ibc861d396b71fe