Use unscoped token for scoping to project

When authenticating a user in v3, always request for an unscoped token. Otherwise it would automatically default to the default project. Change-Id: I9e1d9129e2fb35933c803096fca9f1236affc27f Closes-Bug: #1474893
2015-07-15 11:13:38 -07:00 · 2015-07-15 11:13:38 -07:00 · e4062e3706
commit e4062e3706
parent ff51ae3a5e
3 changed files with 7 additions and 7 deletions
--- a/openstack_auth/backend.py
+++ b/openstack_auth/backend.py
@ -144,11 +144,9 @@ class KeystoneBackend(object):
        request = kwargs.get('request')
        if request:
-            # Check if token is automatically scoped to default_project
+            # Grab recent_project found in the cookie, try to scope
-            # grab the project from this token, to use as a default
+            # to the last project used.
-            # if no recent_project is found in the cookie
+            recent_project = request.COOKIES.get('recent_project')
            recent_project = request.COOKIES.get('recent_project',
                                                 unscoped_auth_ref.project_id)
        # if a most recent project was found, try using it first
        if recent_project:
--- a/openstack_auth/plugin/password.py
+++ b/openstack_auth/plugin/password.py
@ -42,7 +42,8 @@ class PasswordPlugin(base.BasePlugin):
            return v3_auth.Password(auth_url=auth_url,
                                    username=username,
                                    password=password,
-                                    user_domain_name=user_domain_name)
+                                    user_domain_name=user_domain_name,
                                    unscoped=True)
        else:
            return v2_auth.Password(auth_url=auth_url,
--- a/openstack_auth/tests/tests.py
+++ b/openstack_auth/tests/tests.py
@ -496,7 +496,8 @@ class OpenStackAuthTestsV3(OpenStackAuthTestsMixin, test.TestCase):
        return auth_v3.Password(auth_url=url,
                                password=password,
                                username=username,
-                                user_domain_name=DEFAULT_DOMAIN)
+                                user_domain_name=DEFAULT_DOMAIN,
                                unscoped=True)
    def _create_token_auth(self, project_id, token=None, url=None):
        if not token: