OpenStack Identity (keystone)

Admin API GET /tokens/<TOKEN_ID> returned result does not match documentation

Bug #843170 reported by klmitch
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
High
Unassigned

Bug Description

Page 27 through 28 of the API documentation (most current PDF) shows the correct returned results (in JSON, but the XML returned is similarly incorrect) of:

 {
  "auth" : {
  "token": {
   "id": "ab48a9efdfedb23ty3494",
   "expires": "2010-11-01T03:32:15-05:00"
  },
  "user" : {
   "roleRefs": {
   "roleRef" : [
   {
    "id" : 1,
    "href" : "https://.openstack.org/identity/v2.0/roles/admin",
    "tenantId" : "one"
   }
  ]},
  "username": "jqsmith",
  "tenantId": "1234"
   }
 }
}

The actual returned JSON is the following:

 {
  "auth" : {
  "token": {
   "id": "ab48a9efdfedb23ty3494",
   "expires": "2010-11-01T03:32:15-05:00"
  },
  "user" : {
   "roleRefs": [
     {
      "id" : 1,
      "tenantId" : "one"
     }
    ]
   "username": "jqsmith",
   "tenantId": "1234"
   }
 }
}

I've cut out the groups attribute of the documented returned result, as it has the same issues as the user's roleRefs attribute. Here are the problems:

1) JSON lists don't have names. Lists are lists. They have no other attributes other than being a list. Therefore, this:

{"auth": {"user": {"roleRefs": [ {"id": 1, "roleId": "admin"}, ... ]}}}

is correct. And this (which is what is documented) is not correct:

{"auth": {"user": {"roleRefs": { "roleRef" [ {"id": 1, "roleId": "admin"}, ... ]}}}}

There should be no "roleRef" attribute at all. This is the result of trying to XML-ify JSON. It simply doesn't work.

2) There is no "href" attribute of the roleRef object returned in the results. The documentation says there should be.

3) The documentation shows a versioned URI as a value for the href attribute. There should be no versioning in an href attribute, according to HTTP standards.

Revision history for this message
klmitch (q-noreply) wrote :

At this time in point, I think the code might be changing faster and moving ahead of the docs. We'll try to stabilize both by the end of the week. Next big shift in the code (and docs) is to make the Rackspace extensions extensions...

Revision history for this message
klmitch (q-noreply) wrote :

OK, no worries. Makes sense.

Revision history for this message
klmitch (q-noreply) wrote :

I went through every JSON sample file for the developer docs and reformatted them, and fixed JSON syntax errors. I also revised this particular example (JSON & XML for Token Validation) with the data structure returned by the current implementation.

Revision history for this message
klmitch (q-noreply) wrote :

Fix included in current pull request, although I did not address the third item Jay described... I'm not clear on its scope.

Revision history for this message
klmitch (q-noreply) wrote :

Hey Dolph, I was just remarking that versions should not be in a permalink. Jorge would agree with that I believe :)

Revision history for this message
klmitch (q-noreply) wrote :

Can you open a new issue to describe what you're looking for? I assume you're not just talking about tokens or roles.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.