[Yahoo-eng-team] [Bug 1626794] [NEW] [api] document "belongsTo" query for HEAD/GET tokens on v2

Thu, 22 Sep 2016 17:56:24 -0700 

Public bug reported:

Apparently there is a query parameter -- belongsTo -- that can be used
on GET/HEAD requests to /v2.0/tokens/{token_id} -- it's not documented
in the API reference at all.

Here's what it does:

 def _token_belongs_to(self, token, belongs_to):
        """Check if the token belongs to the right tenant.

        This is only used on v2 tokens.  The structural validity of the token
        will have already been checked before this method is called.

        """
        if belongs_to:
            token_data = token['access']['token']
            if ('tenant' not in token_data or
                    token_data['tenant']['id'] != belongs_to):
                raise exception.Unauthorized()


https://github.com/openstack/keystone/blob/0340cd0150af04f950e2b868c932dfee2dbf8530/keystone/token/provider.py#L354-L365

** Affects: keystone
     Importance: Medium
         Status: Triaged


** Tags: api-ref

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1626794

Title:
  [api] document "belongsTo" query for HEAD/GET tokens on v2

Status in OpenStack Identity (keystone):
  Triaged

Bug description:
  Apparently there is a query parameter -- belongsTo -- that can be used
  on GET/HEAD requests to /v2.0/tokens/{token_id} -- it's not documented
  in the API reference at all.

  Here's what it does:

   def _token_belongs_to(self, token, belongs_to):
          """Check if the token belongs to the right tenant.

          This is only used on v2 tokens.  The structural validity of the token
          will have already been checked before this method is called.

          """
          if belongs_to:
              token_data = token['access']['token']
              if ('tenant' not in token_data or
                      token_data['tenant']['id'] != belongs_to):
                  raise exception.Unauthorized()

  
  
https://github.com/openstack/keystone/blob/0340cd0150af04f950e2b868c932dfee2dbf8530/keystone/token/provider.py#L354-L365

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1626794/+subscriptions

-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

Reply via email to