** Changed in: keystone
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1420120
Title:
oauth request token can created with a project that doesn't exist
Status in OpenStack Identity (Keystone):
Fix Released
Bug description:
An oauth request token can be created with an project that doesn't
exist, there is no security risk here since when the request token is
exchanged for an access token, the controller checks if the user has
roles on that project.
This causes confusion for the delagator/delegatee, since the request
token was created fine, leading to a poor user experience. We should
check to ensure the project is created.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1420120/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
