Merge "Remove the redundant verification in OAuth1 authorization"

2016-08-15 23:25:02 +00:00 · 2016-08-15 23:25:02 +00:00 · 1d34614121
parent 7fef28cb13 b26200beb8
commit 1d34614121
1 changed files with 0 additions and 10 deletions
--- a/keystone/oauth1/controllers.py
+++ b/keystone/oauth1/controllers.py
@ -394,16 +394,6 @@ class OAuthControllerV3(controller.V3Controller):
        # create list of just the id's for the backend
        role_ids = list(authed_roles)

-        # verify the user has the project too
-        req_project_id = req_token['requested_project_id']
-        user_projects = self.assignment_api.list_projects_for_user(user_id)
-        for user_project in user_projects:
-            if user_project['id'] == req_project_id:
-                break
-        else:
-            msg = _("User is not a member of the requested project")
-            raise exception.Unauthorized(message=msg)
-
        # finally authorize the token
        authed_token = self.oauth_api.authorize_request_token(
            request_token_id, user_id, role_ids)