diff options
author | Jenkins <jenkins@review.openstack.org> | 2013-03-08 22:24:56 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2013-03-08 22:24:56 +0000 |
commit | d6722fe5974a2a25915e167d4550e0aa3d0d6330 (patch) | |
tree | 3e75791c3596a6153c5d2d91ed48141cdf5cd424 /keystone/auth | |
parent | a2c3636bfdebc3af3738e87fc2295dc3845913d2 (diff) | |
parent | b1474da1413b0334b8975875ebb584df8a1342f5 (diff) | |
download | keystone-d6722fe5974a2a25915e167d4550e0aa3d0d6330.tar.gz keystone-d6722fe5974a2a25915e167d4550e0aa3d0d6330.tar.xz keystone-d6722fe5974a2a25915e167d4550e0aa3d0d6330.zip |
Merge "unable to load certificate should abort request"
Diffstat (limited to 'keystone/auth')
-rw-r--r-- | keystone/auth/token_factory.py | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/keystone/auth/token_factory.py b/keystone/auth/token_factory.py index 4d5c0b87..172216e9 100644 --- a/keystone/auth/token_factory.py +++ b/keystone/auth/token_factory.py @@ -17,6 +17,7 @@ """Token Factory""" import json +import subprocess import uuid import webob @@ -255,13 +256,17 @@ def create_token(context, auth_context, auth_info): if CONF.signing.token_format == 'UUID': token_id = uuid.uuid4().hex elif CONF.signing.token_format == 'PKI': - token_id = cms.cms_sign_token(json.dumps(token_data), - CONF.signing.certfile, - CONF.signing.keyfile) + try: + token_id = cms.cms_sign_token(json.dumps(token_data), + CONF.signing.certfile, + CONF.signing.keyfile) + except subprocess.CalledProcessError: + raise exception.UnexpectedError(_( + 'Unable to sign token.')) else: - raise exception.UnexpectedError( + raise exception.UnexpectedError(_( 'Invalid value for token_format: %s.' - ' Allowed values are PKI or UUID.' % + ' Allowed values are PKI or UUID.') % CONF.signing.token_format) token_api = token_module.Manager() try: |