68 lines
2.7 KiB
Plaintext
68 lines
2.7 KiB
Plaintext
ONE:
|
|
|
|
Looks like the on-behalf-of functionality in python novaclient is borked in association w/ keystone
|
|
*There are 2 different calls to keystone to get token info, and they return different hash's
|
|
*The service catalog borks out if 'access' is not the main key, but in the 2nd case 'token' is the main key.
|
|
|
|
Modified Files
|
|
* novaclient/service_catalog.py
|
|
|
|
Until this is fixed you need to mod python-novaclient after it gets downloaded via devstack
|
|
###### BEGIN PATCH
|
|
@@ -44,12 +44,17 @@ class ServiceCatalog(object):
|
|
raise novaclient.exceptions.EndpointNotFound()
|
|
|
|
# We don't always get a service catalog back ...
|
|
- if not 'serviceCatalog' in self.catalog['access']:
|
|
+ try:
|
|
+ if 'serviceCatalog' in self.catalog['access']:
|
|
+ # Full catalog ...
|
|
+ catalog = self.catalog['access']['serviceCatalog']
|
|
+ except KeyError:
|
|
+ if 'serviceCatalog' in self.catalog['token']:
|
|
+ # Full catalog ...
|
|
+ catalog = self.catalog['token']['serviceCatalog']
|
|
+ if catalog is None:
|
|
return None
|
|
|
|
- # Full catalog ...
|
|
- catalog = self.catalog['access']['serviceCatalog']
|
|
-
|
|
for service in catalog:
|
|
if service.get("type") != service_type:
|
|
continue
|
|
###### END PATCH
|
|
|
|
TWO:
|
|
|
|
funkyness w/ the extensions. the extensions url itself wont load. Seems to have to do with authorization & tenants.
|
|
* mitigated in reddwarf/common/extensions.py, see for more information
|
|
|
|
|
|
keystone haves issues with the get endpoints method and causing NotImplementedError/ClientException HTTP/500:
|
|
###### BEGIN PATCH
|
|
diff --git a/keystone/service.py b/keystone/service.py
|
|
index d0d4470..4feb966 100644
|
|
--- a/keystone/service.py
|
|
+++ b/keystone/service.py
|
|
@@ -408,8 +408,17 @@ class TokenController(wsgi.Application):
|
|
self.token_api.delete_token(context=context, token_id=token_id)
|
|
|
|
def endpoints(self, context, token_id):
|
|
- """Return a list of endpoints available to the token."""
|
|
- raise NotImplementedError()
|
|
+ """Return service catalog endpoints."""
|
|
+ try:
|
|
+ token_ref = self.token_api.get_token(context=context,
|
|
+ token_id=token_id)
|
|
+ except exception.NotFound:
|
|
+ raise exception.Unauthorized()
|
|
+
|
|
+ catalog_ref = self.catalog_api.get_catalog(context,
|
|
+ token_ref['user']['id'],
|
|
+ token_ref['tenant']['id'])
|
|
+ return {'token': {'serviceCatalog': self._format_catalog(catalog_ref)}}
|
|
|
|
def _format_authenticate(self, token_ref, roles_ref, catalog_ref):
|
|
o = self._format_token(token_ref, roles_ref)
|
|
###### END PATCH |