Public bug reported: Create request token API returns 401 error when the request URL is admin endpoint.
Error scenario: URL used to generate OAUTH signature and for POST request is Keystone admin endpoint http://<keystone ip:port>/identity_admin/v3/OS-OAUTH1/request_token Working scenario: When the URL used to generate OAUTH signature is public endpoint, then the response is 201. http://<keystone ip:port>/identity/v3/OS-OAUTH1/request_token Endpoints in devstack for identity: ocata@ocata-VirtualBox:~/devstack$ openstack endpoint list | grep identity | 549f73e17b0e471e95176bb508561bb3 | RegionOne | keystone | identity | True | internal | http://192.168.56.101/identity | | 739cda51666f4ab197241beac5c5c14c | RegionOne | keystone | identity | True | admin | http://192.168.56.101/identity_admin | | a0eb39c0ecff46c3b61bc6184c42bc13 | RegionOne | keystone | identity | True | public | http://192.168.56.101/identity Steps to reproduce the problem: Run the python script in the below link (by changing the necessary credentials and IP address) https://pastebin.com/AqL9674n If #L38 is modified to public endpoint (http://<keystone ip:port>/identity/v3/OS-OAUTH1/request_token), the status code is 201. Seems like Keystone code verifies the OAUTH signature using Public endpoint irrespective of the request URL. ** Affects: keystone Importance: Undecided Assignee: Hemanth Nakkina (hemanth-n) Status: New ** Affects: python-keystoneclient (Ubuntu) Importance: Undecided Status: New ** Also affects: python-keystoneclient (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1687593 Title: Create OAUTH request token gives 401 error when request url is admin endpoint To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1687593/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
