Public bug reported: I have scenario that first I authenticate user with username and password with explicit unscoped and receive a token. By using the token I request user projects list and getting projects id, then at last using one of project id and unscoped token I want to get project scoped token.
This scenario happens with three api call: 1 url: {{KEYSTONE_BASE_URL}}/v3/auth/tokens request: { "auth": { "identity": { "methods": ["password"], "password": { "user": { "name": "tester", "domain": { "id": "default" }, "password": "testing" } } }, "scope": "unscoped" } } response: header: X-Subject-Token : token_id 2 url: {{KEYSTONE_BASE_URL}}/v3/auth/projects request: header: X-Auth-Token: token_id response: { "links": { "self": "http://key:5000/v3/auth/projects", "previous": null, "next": null }, "projects": [ { "is_domain": false, "description": "", "links": { "self": "http://key:5000/v3/projects/5e9609787c4640118e8e007a25b30e4c" }, "tags": [], "enabled": true, "id": "5e9609787c4640118e8e007a25b30e4c", "parent_id": "default", "domain_id": "default", "name": "test" }, { "is_domain": false, "description": "", "links": { "self": "http://key:5000/v3/projects/fb7822bd49614bd8bbaf133576e3e324" }, "tags": [], "enabled": true, "id": "fb7822bd49614bd8bbaf133576e3e324", "parent_id": "default", "domain_id": "default", "name": "test2" } ] } 3 url: {{KEYSTONE_BASE_URL}}/v3/auth/tokens request: body: { "auth": { "identity": { "methods": [ "token" ], "token": { "id": "'token_id" } }, "scope": { "project": { "name": "test", "domain": {"id":"default"} } } } } response: body: { "error": { "message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized" } } ** Affects: keystone Importance: Undecided Status: New ** Description changed: I have scenario that first I authenticate user with username and password with explicit unscoped and receive a token. By using the token I request user projects list and getting projects id, then at last using one of project id and unscoped token I want to get project scoped token. This scenario happens with three api call: 1 url: {{KEYSTONE_BASE_URL}}/v3/auth/tokens request: + ```json { "auth": { - "identity": { - "methods": ["password"], - "password": { - "user": { - "name": "tester", - "domain": { "id": "default" }, - "password": "testing" - } - } - }, - "scope": "unscoped" - } + "identity": { + "methods": ["password"], + "password": { + "user": { + "name": "tester", + "domain": { "id": "default" }, + "password": "testing" + } + } + }, + "scope": "unscoped" + } } - + ``` response: header: X-Subject-Token : token_id 2 url: {{KEYSTONE_BASE_URL}}/v3/auth/projects request: header: X-Auth-Token: token_id response: { - "links": { - "self": "http://key:5000/v3/auth/projects", - "previous": null, - "next": null - }, - "projects": [ - { - "is_domain": false, - "description": "", - "links": { - "self": "http://key:5000/v3/projects/5e9609787c4640118e8e007a25b30e4c" - }, - "tags": [], - "enabled": true, - "id": "5e9609787c4640118e8e007a25b30e4c", - "parent_id": "default", - "domain_id": "default", - "name": "test" - }, - { - "is_domain": false, - "description": "", - "links": { - "self": "http://key:5000/v3/projects/fb7822bd49614bd8bbaf133576e3e324" - }, - "tags": [], - "enabled": true, - "id": "fb7822bd49614bd8bbaf133576e3e324", - "parent_id": "default", - "domain_id": "default", - "name": "test2" - } - ] + "links": { + "self": "http://key:5000/v3/auth/projects", + "previous": null, + "next": null + }, + "projects": [ + { + "is_domain": false, + "description": "", + "links": { + "self": "http://key:5000/v3/projects/5e9609787c4640118e8e007a25b30e4c" + }, + "tags": [], + "enabled": true, + "id": "5e9609787c4640118e8e007a25b30e4c", + "parent_id": "default", + "domain_id": "default", + "name": "test" + }, + { + "is_domain": false, + "description": "", + "links": { + "self": "http://key:5000/v3/projects/fb7822bd49614bd8bbaf133576e3e324" + }, + "tags": [], + "enabled": true, + "id": "fb7822bd49614bd8bbaf133576e3e324", + "parent_id": "default", + "domain_id": "default", + "name": "test2" + } + ] } 3 url: {{KEYSTONE_BASE_URL}}/v3/auth/tokens request: body: { - "auth": { - "identity": { - "methods": [ - "token" - ], - "token": { - "id": "'token_id" - } - }, - "scope": { - "project": { - "name": "test", - "domain": {"id":"default"} - } - } - } + "auth": { + "identity": { + "methods": [ + "token" + ], + "token": { + "id": "'token_id" + } + }, + "scope": { + "project": { + "name": "test", + "domain": {"id":"default"} + } + } + } } response: body: { - "error": { - "message": "The request you have made requires authentication.", - "code": 401, - "title": "Unauthorized" - } + "error": { + "message": "The request you have made requires authentication.", + "code": 401, + "title": "Unauthorized" + } } ** Description changed: I have scenario that first I authenticate user with username and password with explicit unscoped and receive a token. By using the token I request user projects list and getting projects id, then at last using one of project id and unscoped token I want to get project scoped token. This scenario happens with three api call: 1 url: {{KEYSTONE_BASE_URL}}/v3/auth/tokens request: - ```json { "auth": { "identity": { "methods": ["password"], "password": { "user": { "name": "tester", "domain": { "id": "default" }, "password": "testing" } } }, "scope": "unscoped" } } - ``` + response: header: X-Subject-Token : token_id 2 url: {{KEYSTONE_BASE_URL}}/v3/auth/projects request: header: X-Auth-Token: token_id response: { "links": { "self": "http://key:5000/v3/auth/projects", "previous": null, "next": null }, "projects": [ { "is_domain": false, "description": "", "links": { "self": "http://key:5000/v3/projects/5e9609787c4640118e8e007a25b30e4c" }, "tags": [], "enabled": true, "id": "5e9609787c4640118e8e007a25b30e4c", "parent_id": "default", "domain_id": "default", "name": "test" }, { "is_domain": false, "description": "", "links": { "self": "http://key:5000/v3/projects/fb7822bd49614bd8bbaf133576e3e324" }, "tags": [], "enabled": true, "id": "fb7822bd49614bd8bbaf133576e3e324", "parent_id": "default", "domain_id": "default", "name": "test2" } ] } 3 url: {{KEYSTONE_BASE_URL}}/v3/auth/tokens request: body: { "auth": { "identity": { "methods": [ "token" ], "token": { "id": "'token_id" } }, "scope": { "project": { "name": "test", "domain": {"id":"default"} } } } } response: body: { "error": { "message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized" } } -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1909119 Title: Getting error 401 when use get token by token method Status in OpenStack Identity (keystone): New Bug description: I have scenario that first I authenticate user with username and password with explicit unscoped and receive a token. By using the token I request user projects list and getting projects id, then at last using one of project id and unscoped token I want to get project scoped token. This scenario happens with three api call: 1 url: {{KEYSTONE_BASE_URL}}/v3/auth/tokens request: { "auth": { "identity": { "methods": ["password"], "password": { "user": { "name": "tester", "domain": { "id": "default" }, "password": "testing" } } }, "scope": "unscoped" } } response: header: X-Subject-Token : token_id 2 url: {{KEYSTONE_BASE_URL}}/v3/auth/projects request: header: X-Auth-Token: token_id response: { "links": { "self": "http://key:5000/v3/auth/projects", "previous": null, "next": null }, "projects": [ { "is_domain": false, "description": "", "links": { "self": "http://key:5000/v3/projects/5e9609787c4640118e8e007a25b30e4c" }, "tags": [], "enabled": true, "id": "5e9609787c4640118e8e007a25b30e4c", "parent_id": "default", "domain_id": "default", "name": "test" }, { "is_domain": false, "description": "", "links": { "self": "http://key:5000/v3/projects/fb7822bd49614bd8bbaf133576e3e324" }, "tags": [], "enabled": true, "id": "fb7822bd49614bd8bbaf133576e3e324", "parent_id": "default", "domain_id": "default", "name": "test2" } ] } 3 url: {{KEYSTONE_BASE_URL}}/v3/auth/tokens request: body: { "auth": { "identity": { "methods": [ "token" ], "token": { "id": "'token_id" } }, "scope": { "project": { "name": "test", "domain": {"id":"default"} } } } } response: body: { "error": { "message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized" } } To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1909119/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp