From 94b08af4314bf6552183573fb2f92ceca15dd50a Mon Sep 17 00:00:00 2001
From: Lance Bragstad <lbragstad@gmail.com>
Date: Mon, 29 Aug 2016 15:53:53 +0000
Subject: [PATCH] Make token_id a required parameter in v3_to_v2_token

The v3_to_v2_token() method in keystone.token.providers.common
accepted token_id as an option parameter. This is because it was
not always passed in on validation. This commit makes token_id
a required parameter of the method and fixes its usage to always
supply it.

Change-Id: I6cc9c7a0e306dbbad61c77caa07df00fb3fa7a97
---
 keystone/token/provider.py         | 3 +--
 keystone/token/providers/common.py | 7 ++++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/keystone/token/provider.py b/keystone/token/provider.py
index 304353217d..1bef328dd1 100644
--- a/keystone/token/provider.py
+++ b/keystone/token/provider.py
@@ -246,8 +246,7 @@ class Manager(manager.Manager):
             # that makes sense for the request.
             v3_token_ref = self.validate_non_persistent_token(token_id)
             v2_token_data_helper = providers.common.V2TokenDataHelper()
-            token = v2_token_data_helper.v3_to_v2_token(v3_token_ref,
-                                                        token_id=token_id)
+            token = v2_token_data_helper.v3_to_v2_token(v3_token_ref, token_id)
 
         # these are common things that happen regardless of token provider
         self._token_belongs_to(token, belongs_to)
diff --git a/keystone/token/providers/common.py b/keystone/token/providers/common.py
index 028c30d8b0..22edd426f0 100644
--- a/keystone/token/providers/common.py
+++ b/keystone/token/providers/common.py
@@ -37,7 +37,7 @@ CONF = keystone.conf.CONF
 class V2TokenDataHelper(object):
     """Create V2 token data."""
 
-    def v3_to_v2_token(self, v3_token_data, token_id=None):
+    def v3_to_v2_token(self, v3_token_data, token_id):
         """Convert v3 token data into v2.0 token data.
 
         This method expects a dictionary generated from
@@ -45,6 +45,7 @@ class V2TokenDataHelper(object):
         token dictionary.
 
         :param v3_token_data: dictionary formatted for v3 tokens
+        :param token_id: ID of the token being converted
         :returns: dictionary formatted for v2 tokens
         :raises keystone.exception.Unauthorized: If a specific token type is
             not supported in v2.
@@ -777,15 +778,15 @@ class BaseProvider(provider.Provider):
             # management layer is now pluggable, one can always provide
             # their own implementation to suit their needs.
             token_data = token_ref.get('token_data')
+            token_id = token_ref['id']
             if (self.get_token_version(token_data) != token.provider.V2):
                 # Validate the V3 token as V2
                 token_data = self.v2_token_data_helper.v3_to_v2_token(
-                    token_data)
+                    token_data, token_id)
 
             return token_data
         except exception.ValidationError:
             LOG.exception(_LE('Failed to validate token'))
-            token_id = token_ref['token_data']['access']['token']['id']
             raise exception.TokenNotFound(token_id=token_id)
 
     def validate_non_persistent_token(self, token_id):