Skip the services with no endpoints when parsing service catalog

When parsing the service catalog to find the source, audit middleware
should skip over the services which have no endpoints instead of
assuming they will have at least one endpoint.

Change-Id: I287873e99338d95baaf20d52ecb3a43763a401fc
Closes-Bug: #1800017

3 files changed, 29 insertions, 0 deletions

diff --git a/keystonemiddleware/audit/_api.py b/keystonemiddleware/audit/_api.py
index d05d732..e692151 100644
--- a/keystonemiddleware/audit/_api.py
+++ b/keystonemiddleware/audit/_api.py
@@ -261,6 +261,11 @@ class OpenStackAuditApi(object):
 
         default_endpoint = None
         for endp in catalog:
+            if not endp['endpoints']:
+                self._log.warning(
+                    'Skipping service %s as it have no endpoints.',
+                    endp['name'])
+                continue
             endpoint_urls = endp['endpoints'][0]
             admin_urlparse = urlparse.urlparse(
                 endpoint_urls.get('adminURL', ''))
diff --git a/keystonemiddleware/tests/unit/audit/test_audit_api.py b/keystonemiddleware/tests/unit/audit/test_audit_api.py
index 367d7d0..1512e9d 100644
--- a/keystonemiddleware/tests/unit/audit/test_audit_api.py
+++ b/keystonemiddleware/tests/unit/audit/test_audit_api.py
@@ -303,6 +303,23 @@ class AuditApiLogicTest(base.BaseAuditMiddlewareTest):
         payload = self.get_payload('GET', url, environ=env_headers)
         self.assertEqual((payload['target']['addresses'][0]['url']), "unknown")
 
+    def test_service_with_no_endpoints(self):
+        env_headers = {'HTTP_X_SERVICE_CATALOG':
+                       '''[{"endpoints_links": [],
+                             "endpoints": [],
+                             "type": "foo",
+                             "name": "bar"}]''',
+                       'HTTP_X_USER_ID': 'user_id',
+                       'HTTP_X_USER_NAME': 'user_name',
+                       'HTTP_X_AUTH_TOKEN': 'token',
+                       'HTTP_X_PROJECT_ID': 'tenant_id',
+                       'HTTP_X_IDENTITY_STATUS': 'Confirmed',
+                       'REQUEST_METHOD': 'GET'}
+
+        url = 'http://public_host:8774/v2/' + str(uuid.uuid4()) + '/servers'
+        payload = self.get_payload('GET', url, environ=env_headers)
+        self.assertEqual(payload['target']['name'], "unknown")
+
     def test_no_auth_token(self):
         # Test cases where API requests such as Swift list public containers
         # which does not require an auth token. In these cases, CADF event
diff --git a/releasenotes/notes/bug-1800017-0e5a9b8f62b5ca60.yaml b/releasenotes/notes/bug-1800017-0e5a9b8f62b5ca60.yaml
new file mode 100644
index 0000000..0b1c75f
--- /dev/null
+++ b/releasenotes/notes/bug-1800017-0e5a9b8f62b5ca60.yaml
@@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    [`bug 1800017 <https://bugs.launchpad.net/keystonemiddleware/+bug/1800017>`_]
+    Fix audit middleware service catalog parsing for the scenario where a
+    service does not contain any endpoints. In that case, we should just skip
+    over that service.