pyrax icon indicating copy to clipboard operation
pyrax copied to clipboard

Published 20 hours ago verified publisher icon pycontribs

Tenant_id parsing is not working due to different response from API_KEY authentication in some usser

Open biswazr opened this issue 2 years ago • 2 comments

https://github.com/pycontribs/pyrax/blob/a0c022981f76a4cba96a22ecc19bb52843ac4fbe/pyrax/base_identity.py#L631

there are few token which do not generate the needed response

{
  u'access': {
    u'token': {
      u'RAX-AUTH:authenticatedBy': [u'APIKEY'], 
      u'RAX-AUTH:issued': u'2022-09-08T07:07:07.616Z',
      u'expires': u'2022-09-09T06:58:44.616Z',
      u'id': '***REDACTED ***'
    },
u'serviceCatalog': [{u'endpoints': [{u'region': u'IAD', u'publicURL': u'https://global.metrics.api.rackspacecloud.com/v2.0/***REDACTED ***', u'tenantId': u'hybrid:00000'}], u'type': u'rax:cloudmetrics', u'name': u'cloudMetrics'}, {u'endpoints': [{u'publicURL': u'https://monitoring.api.rackspacecloud.com/v1.0/hybrid:***REDACTED ***', u'tenantId': u'hybrid:***REDACTED ***'}], u'type': u'rax:monitor', u'name': u'cloudMonitoring'}], u'user': {u'RAX-AUTH:domainId': u'dedicated:***REDACTED ***', u'RAX-AUTH:phonePinState': u'ACTIVE', u'name': u'***REDACTED ***', u'roles': [{u'id': u'***REDACTED ***', u'description': u'Monitoring Admin Role for Account User', u'name': u'monitoring:admin', u'tenantId': u'hybrid:***REDACTED ***'}, {u'id': u'16', u'description': u'a role that allows a user access to dedicated service methods', u'name': u'dedicated:default', u'tenantId': u'hybrid:***REDACTED ***'}, {u'id': u'***REDACTED ***', u'description': u'A role to grant visibility to a tenant', u'name': u'identity:tenant-access', u'tenantId': u'hybrid:00000'}, {u'id': u'2', u'name': u'identity:default', u'description': u'Default Role.'}], u'RAX-AUTH:phonePin': u'***REDACTED ***', u'email': u'***REDACTED ***', u'RAX-AUTH:sessionInactivityTimeout': u'PT12H', u'RAX-AUTH:defaultRegion': u'IAD', u'RAX-AUTH:contactId': u'***REDACTED ***', u'id': ***REDACTED ***'}}}

Values redacted to hide user detail but the response structure kept as it is

File "/Users/bisw8246/Desktop/repos/py2devtoolsenv2/lib/python2.7/site-packages/pyrax/identity/rax_identity.py", line 83, in authenticate password=password, api_key=api_key, tenant_id=tenant_id) File "/Users/bisw8246/Desktop/repos/py2devtoolsenv2/lib/python2.7/site-packages/pyrax/base_identity.py", line 622, in authenticate self._parse_response(resp_body) File "/Users/bisw8246/Desktop/repos/py2devtoolsenv2/lib/python2.7/site-packages/pyrax/identity/rax_identity.py", line 123, in _parse_response super(RaxIdentity, self)._parse_response(resp) File "/Users/bisw8246/Desktop/repos/py2devtoolsenv2/lib/python2.7/site-packages/pyrax/base_identity.py", line 631, in _parse_response self.tenant_id = token["tenant"]["id"]

biswazr avatar Sep 08 '22 07:09 biswazr

soln :

[pyrax/pyrax/base_identity.py] (https://github.com/pycontribs/pyrax/blob/a0c022981f76a4cba96a22ecc19bb52843ac4fbe/pyrax/base_identity.py#L631) self.tenant_id = access['serviceCatalog'][0]['endpoints'][0]['tenantId'].split(":")[-1] self.tenant_name = access['serviceCatalog'][0]['name']

biswazr avatar Sep 08 '22 08:09 biswazr

The underlying issue here is that pyrax is for Rackspace's OpenStack Public Cloud services and the user in question doesn't have those.

cardoe avatar Sep 22 '22 15:09 cardoe