Respect cached tokens issued before upgrade

Right after keystone is upgraded from Zed to 2023.1
attempt to use previously cached tokens fails with
AttributeError, as tokens do not have oauth2_thumbprint
attribute yet.

Thus, services misbehave until cache is exipred or flushed.

In order to prevent this from happening, we use safe
getattr() instead of just assuming that attribute is there.

Change-Id: I911fec106178ebf37e004767cf8d0bdc8f001297
Closes-Bug: #2029134
This commit is contained in:
Dmitriy Rabotyagov 2023-08-15 19:38:15 +02:00 committed by Dmitriy Rabotyagov
parent 349706a448
commit 0970481a50

View File

@ -142,7 +142,11 @@ def render_token_response_from_model(token, include_catalog=True):
token_reference['token'][key]['access_rules'] = (
token.application_credential['access_rules']
)
if token.oauth2_thumbprint:
# NOTE(noonedeadpunk): We are using getattr as previously cached tokens
# won't have the attribute and keystone will fail
# with AttributeError for TTL of the cache.
token_oauth2_thumbprint = getattr(token, 'oauth2_thumbprint', None)
if token_oauth2_thumbprint:
token_reference['token']['oauth2_credential'] = {
'x5t#S256': token.oauth2_thumbprint
}