[openstack-dev] [keystone] Create keystoneclient with existing token?

Steven Hardy shardy at redhat.com
Mon Jun 2 22:07:13 UTC 2014

Hi all,

Looking for some help with $subject:

What I'm trying to do is take an existing token (a trust scoped token,
which cannot be use to request another token), and initialize the auth_ref
correctly in a keystoneclient object.

The problem is keystoneclient always requests a new token, via the
TokenMethod auth plugin, and re-requesting a new token won't work for
trust-scoped tokens.

However, the API is already successfully validating the token, and adding
all the token details to keystone.token_info in the request environment, so
can I just store the token_info in the context, and use that to initialize
the auth_ref, without an additional call to keystone?

I've tried the latter approach, so far unsuccessfully.  The problem seems
to be that the token_info doesn't match the expected format for the kwargs
when validating the auth_ref in AccessInfo.factory

Are there any examples of reusing token_info from auth_token in this way?

Any assistance would be much appreciated!



More information about the OpenStack-dev mailing list