Make token_id a required parameter in v3_to_v2_token

The v3_to_v2_token() method in keystone.token.providers.common accepted token_id as an option parameter. This is because it was not always passed in on validation. This commit makes token_id a required parameter of the method and fixes its usage to always supply it. Change-Id: I6cc9c7a0e306dbbad61c77caa07df00fb3fa7a97
2016-08-29 15:53:53 +00:00 · 2016-08-29 15:53:53 +00:00 · 94b08af431
parent ed5df6f26f
commit 94b08af431
2 changed files with 5 additions and 5 deletions
--- a/keystone/token/provider.py
+++ b/keystone/token/provider.py
@ -246,8 +246,7 @@ class Manager(manager.Manager):
            # that makes sense for the request.
            v3_token_ref = self.validate_non_persistent_token(token_id)
            v2_token_data_helper = providers.common.V2TokenDataHelper()
-            token = v2_token_data_helper.v3_to_v2_token(v3_token_ref,
-                                                        token_id=token_id)
+            token = v2_token_data_helper.v3_to_v2_token(v3_token_ref, token_id)

        # these are common things that happen regardless of token provider
        self._token_belongs_to(token, belongs_to)
--- a/keystone/token/providers/common.py
+++ b/keystone/token/providers/common.py
@ -37,7 +37,7 @@ CONF = keystone.conf.CONF
 class V2TokenDataHelper(object):
    """Create V2 token data."""

-    def v3_to_v2_token(self, v3_token_data, token_id=None):
+    def v3_to_v2_token(self, v3_token_data, token_id):
        """Convert v3 token data into v2.0 token data.

        This method expects a dictionary generated from
@ -45,6 +45,7 @@ class V2TokenDataHelper(object):
        token dictionary.

        :param v3_token_data: dictionary formatted for v3 tokens
+        :param token_id: ID of the token being converted
        :returns: dictionary formatted for v2 tokens
        :raises keystone.exception.Unauthorized: If a specific token type is
            not supported in v2.
@ -777,15 +778,15 @@ class BaseProvider(provider.Provider):
            # management layer is now pluggable, one can always provide
            # their own implementation to suit their needs.
            token_data = token_ref.get('token_data')
+            token_id = token_ref['id']
            if (self.get_token_version(token_data) != token.provider.V2):
                # Validate the V3 token as V2
                token_data = self.v2_token_data_helper.v3_to_v2_token(
-                    token_data)
+                    token_data, token_id)

            return token_data
        except exception.ValidationError:
            LOG.exception(_LE('Failed to validate token'))
-            token_id = token_ref['token_data']['access']['token']['id']
            raise exception.TokenNotFound(token_id=token_id)

    def validate_non_persistent_token(self, token_id):