Reviewed: https://review.opendev.org/c/openstack/keystone/+/925596 Committed: https://opendev.org/openstack/keystone/commit/d01cde5a19d83736c9be235b27af8cc84ee01ed6 Submitter: "Zuul (22348)" Branch: master
commit d01cde5a19d83736c9be235b27af8cc84ee01ed6 Author: Boris Bobrov <[email protected]> Date: Fri Aug 2 15:16:10 2024 +0200 Correct format for token expiration time Tokens with expiration time limited by application credentials had an incorrect format. Fix the format, control it with the test. Closes-Bug: 2075723 Change-Id: I09fe34541615090766a5c4a010a3f39756debedc ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/2075723 Title: Wrong token expiration time format with expiring application credentials Status in OpenStack Identity (keystone): Fix Released Bug description: In bug #1992183, token expiration time was limited to the application credentials expiration time. Unfortunately, the format used in the token is not the one specified in api-ref. Steps to reproduce: 1. Create application credentials expiring very soon 2. Issue a token with the application credentials 3. Validate the token and check token expiration time Observed: "expires_at": "2024-08-02T13:47:05", Expected: "expires_at": "2024-08-02T13:47:05.000000Z", I expect this, because: 1. https://docs.openstack.org/api-ref/identity/v3/#validate-and-show-information-for-token - our docs say so 2. The format is with Z in the end in all other authentication plugins This is also expected by tools that parse the token and convert it to objects, and are more strict to the formats. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/2075723/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
