-
-
Save KenjiI/0d9008182fd84fa5ddb3d4f840499498 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"mapping": { | |
"rules": [ | |
{ | |
"remote": [ | |
{ | |
"type": "HTTP_OIDC_SUB" | |
} | |
], | |
"local": [ | |
{ | |
"user": { | |
"name": "{0}", | |
"domain": { | |
"id" : "2da2e8e4c32b4df6a9f257d5f1e466b1" | |
}, | |
"type": "local" | |
}, | |
"group": { | |
"name": "test-group", | |
"domain": { | |
"id" : "2da2e8e4c32b4df6a9f257d5f1e466b1" | |
} | |
} | |
} | |
] | |
}, | |
{ | |
"remote": [ | |
{ | |
"type": "HTTP_OIDC_SUB" | |
} | |
], | |
"local": [ | |
{ | |
"user": { | |
"name": "{0}", | |
"domain": { | |
"id" : "2da2e8e4c32b4df6a9f257d5f1e466b1" | |
}, | |
"type": "local" | |
}, | |
"group": { | |
"id": "c5ec03982b6d42cd82877bc2a697e3e7" | |
} | |
} | |
] | |
} | |
] | |
} | |
} | |
' \ | |
http://localhost:5000/v3/OS-FEDERATION/mappings/test-mapping-id |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/openstack_auth/backend.py b/openstack_auth/backend.py | |
index 9509f45..b4d267d 100644 | |
--- a/openstack_auth/backend.py | |
+++ b/openstack_auth/backend.py | |
@@ -139,13 +139,21 @@ class KeystoneBackend(object): | |
# for keystone. | |
domain_auth = None | |
domain_auth_ref = None | |
- if utils.get_keystone_version() >= 3 and 'user_domain_name' in kwargs: | |
+ | |
+ if 'user_domain_name' in kwargs: | |
+ domain_name=kwargs['user_domain_name'] | |
+ elif 'token' in kwargs: | |
+ domain_name = unscoped_auth_ref.user_domain_name | |
+ else: | |
+ domain_name = None | |
+ | |
+ if utils.get_keystone_version() >= 3 and domain_name: | |
try: | |
token = unscoped_auth_ref.auth_token | |
domain_auth = utils.get_token_auth_plugin( | |
auth_url, | |
token, | |
- domain_name=kwargs['user_domain_name']) | |
+ domain_name=domain_name) | |
domain_auth_ref = domain_auth.get_access(session) | |
except Exception: | |
LOG.debug('Error getting domain scoped token.', exc_info=True) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment