diff options
| author | Dolph Mathews <dolph.mathews@gmail.com> | 2013-02-20 17:39:52 -0600 |
|---|---|---|
| committer | Dolph Mathews <dolph.mathews@gmail.com> | 2013-02-21 11:02:53 -0600 |
| commit | 0e0d5dc6f756038b7f4cd20f17dfb3f13d2a583c (patch) | |
| tree | 07516c602cd93cd3a5c10cc11ebd5db768869fdb /keystone/auth | |
| parent | 43adc12790c2ca0fee170c51c79ce5f5721f5e5d (diff) | |
| download | keystone-0e0d5dc6f756038b7f4cd20f17dfb3f13d2a583c.tar.gz keystone-0e0d5dc6f756038b7f4cd20f17dfb3f13d2a583c.tar.xz keystone-0e0d5dc6f756038b7f4cd20f17dfb3f13d2a583c.zip | |
Tests for domain-scoped tokens
- Fixes bug 1131292: catalog returned with unscoped tokens
- Fixes bug 1131294: X-Subject-Token not returned on token validation
Change-Id: I1808613f276354e2a37cf8c154b55509a2888d89
Diffstat (limited to 'keystone/auth')
| -rw-r--r-- | keystone/auth/controllers.py | 12 | ||||
| -rw-r--r-- | keystone/auth/token_factory.py | 10 |
2 files changed, 12 insertions, 10 deletions
diff --git a/keystone/auth/controllers.py b/keystone/auth/controllers.py index 2ef4f8d1..d2eaa234 100644 --- a/keystone/auth/controllers.py +++ b/keystone/auth/controllers.py @@ -377,11 +377,13 @@ class Auth(controller.V3Controller): token_id = context.get('subject_token_id') self.check_token(context) token_ref = self.token_api.get_token(context, token_id) - return token_factory.recreate_token_data(context, - token_ref.get('token_data'), - token_ref['expires'], - token_ref.get('user'), - token_ref.get('tenant')) + token_data = token_factory.recreate_token_data( + context, + token_ref.get('token_data'), + token_ref['expires'], + token_ref.get('user'), + token_ref.get('tenant')) + return token_factory.render_token_data_response(token_id, token_data) @controller.protected def revocation_list(self, context, auth=None): diff --git a/keystone/auth/token_factory.py b/keystone/auth/token_factory.py index fdd33d12..03d4ed74 100644 --- a/keystone/auth/token_factory.py +++ b/keystone/auth/token_factory.py @@ -120,11 +120,11 @@ class TokenDataHelper(object): def _populate_service_catalog(self, token_data, user_id, domain_id, project_id): - service_catalog = self.catalog_api.get_v3_catalog(self.context, - user_id, - project_id) - # TODO(gyee): v3 service catalog is not quite completed yet - token_data['catalog'] = service_catalog + if project_id or domain_id: + service_catalog = self.catalog_api.get_v3_catalog( + self.context, user_id, project_id) + # TODO(gyee): v3 service catalog is not quite completed yet + token_data['catalog'] = service_catalog def _populate_token(self, token_data, expires=None): if not expires: |