token authentication does not work
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-openstackclient |
Invalid
|
Undecided
|
Unassigned |
Bug Description
The documented token authentication method does not work.
http://
Nor does token_endpoint work, although token_endpoint is less useful.
By just setting --os-auth-url and --os-token I can't do anything as it asks for username even though the documentation states that it should correctly pick the auth_type based on options.
By setting the auth_type manually I still can't do anything.
Paste of my attempts:
http://
Digging through the OpenStackClient, osc-lib, and Keystoneauth, I can't actually track how any of this works as the functionality is spread across so many libraries.
I would expect that it works with the keystoneauth plugin here:
https:/
But trying to make sense of where this is going wrong without knowing the codebases across all these libraries makes it hard to track.
Token authentication is hugely useful in circumstances when you want to reuse the same token for CLI calls rather than username/password. It is clearly documented, there appears to be code that is meant to do this, so it not working is a bug.
description: | updated |
description: | updated |
I've since tried a few things with curl to confirm both Keystone and the other APIs do actually work as intended.
See bash: paste.openstack .org/show/ 545496/
http://
The functionality that is documented, and how I'd expect it to work, is that using your set token, either fetch a new token+catalog or get a catalog with the current token, then complete the action from there.
Keystone allows getting a new token+catalog with the old one so the issue is somewhere in the OSclient osc-lib keystoneauth chain.