On Fri, Aug 16, 2013 at 11:42:52AM -0400, Steve Martinelli wrote: > > Hi Steven, > > You can look at the unit tests being run. > https://github.com/openstack/keystone/blob/master/keystone/tests/test_v3_auth.py#L1782 > > It looks like you need to provide the trustee uname/password and the trust > id. Keep digging into 'build_authentication_request" to see how it's > structured, then it's just a call to /auth/tokens.
Thanks for the pointers, I've looked at the tests, and it seems like most of them are error path tests, I'm not sure which one demonstrates a successful response from the v3 /auth/tokens with a trust ID specified in the scope section of the request? I've raised two bugs related to this issue: https://bugs.launchpad.net/keystone/+bug/1213340 https://bugs.launchpad.net/keystone/+bug/1212778 The latter was discussed on IRC yesterday and I've tested the fix and the 500 error is fixed, but now I get the same 401 response for both token and username/password requests. If I don't specify a trust ID in the request, I get a token back without any problem. It may be that there is an issue with my keystoneclient patch: https://review.openstack.org/#/c/39899/ However, despite looking carefully at the requests generated, I can't spot any problem, the requests appear to match the required format in the API docs AFAICS: https://github.com/openstack/identity-api/blob/master/openstack-identity-api/v3/src/markdown/identity-api-v3-os-trust-ext.md#consuming-a-trust-with-post-authtokens There are reproducers on each of the bugs above, showing the failure in both token and password methods, if anyone has time to take a look and help me figure out the next step, that would be much appreciated as atm I'm a bit stumped! Thanks! Steve _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
