This commit is a product of two separate commits in order to unwedge
the stable/newton gate. The first commit is a oauth refactor to
properly handle token exceptions. The second is a patch to that
uses the proper url when verifying an oauth request token. The
problem is that the second patch can't be applied due to the
refactor from the first. This commit merges the two commits
together so that their isn't a merge conflict and it passes the
currently broken gate.
The first commit is:
Handle the exception from creating access token properly
If there is any request from client with any invalid request
parameters, invalid signature for example, keystone should
capture that and raise the exception.
It was `NotImplementedError`, `TypeError` thrown out and
presented directly to end user, and nothing helpful message
is given.
This patch fix that and show as many exception message that
is helpful for diagnosis as possible.
Change-Id: I112d0cd0c8a460c7b4d8d0e1c0b9c742aab9fde7
Closes-Bug: #1616424
(cherry picked from commit be5385c538)
This is the second commit
Change url passed to oauth signature verifier to request url
OAUTH signature verification should happen with the same URL used for signing.
Typically at the user end it should be signed with the request URL and hence it
should be verified with the same.
Currently keystone uses public endpoint URL for signature verification.
Modified the URL passed to oauth signature verification to request URL.
Change-Id: I28059a43cb0088c2952c19f696042ebec54d26c9
Partial-Bug: #1687593
(cherry picked from commit 926685c5a4)
48a5336d3d