Reviewed: https://review.openstack.org/161855 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=13f7cf70d59e5d865200f505db085a57eb3ba1eb Submitter: Jenkins Branch: master commit 13f7cf70d59e5d865200f505db085a57eb3ba1eb Author: Dolph Mathews <dolph.mathews at gmail.com> Date: Thu Mar 5 19:36:08 2015 +0000 Refactor: remove token formatters dep on 'token_data' on create() The calling module already has to understand how token_data is composed, so there's no reason for the token formatters create() method to work with such complex data. This patch ensures that token formatters only see primitive strings (of datetimes, audit IDs, and trust IDs) when creating tokens, which they're free to encode however they wish. The subsequent patch removes the same dependency in validate(). As part of this refactor, bug 1428829 is also addressed by simplifying how audit_ids are handled (they're not mutated any more than strictly necessary). Change-Id: Ia07c57ef183d188acea7fc1f731b94a8792c2875 Closes-Bug: 1428829 ** Changed in: keystone Status: In Progress => Fix Committed -- You received this bug notification because you are a member of OpenStack Security Group, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1428829 Title: Fernet tokens don't return audit_ids Status in OpenStack Identity (Keystone): Fix Committed Bug description: The Fernet token formatters accidentally pop the audit_ids from the token_data [1]. The audit_ids shouldn't be removed from the token_data because we need them in the response. [1] https://github.com/openstack/keystone/blob/d36e499a837074d65365ffa440470516c64e2ab6/keystone/token/providers/fernet/token_formatters.py#L126 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1428829/+subscriptions