We don't have to keep the retrieved token anymore

Since the change in s3_token_middleware to retrieve the auth info from keystone directly, now, we don't need to have any tokens provided by keystone in the request header as X-Auth-Token. Note that this makes the pipeline ordering change documented in the related changes mandatory, even when working with a v2 Keystone server. Change-Id: I7c251a758dfc1fedb3fb61e351de305b431afa79 Related-Change: I21e38884a2aefbb94b76c76deccd815f01db7362 Related-Change: Ic9af387b9192f285f0f486e7171eefb23968007e
author: Kota Tsuyuzaki <tsuyuzaki.kota@lab.ntt.co.jp> 2018-10-09 16:42:18 -0700
committer: Tim Burke <tim.burke@gmail.com> 2019-05-09 11:21:00 -0700
commit: 4aa71aa25caed34f36fafe2de025425aa1d1e0b2 (patch)
tree: 9dc5a0c447670097e2a8c8103891d2f13a6a4e35 /swift/common/middleware/s3api/s3request.py
parent: 032cf3b3b4599bd720131c8f02cc6ed8a155683d (diff)
download: swift-4aa71aa25caed34f36fafe2de025425aa1d1e0b2.tar.gz
1 files changed, 8 insertions, 10 deletions
diff --git a/swift/common/middleware/s3api/s3request.py b/swift/common/middleware/s3api/s3request.py
index 2ae7ac4f6..3720e9d58 100644
--- a/swift/common/middleware/s3api/s3request.py
+++ b/swift/common/middleware/s3api/s3request.py
@@ -534,7 +534,6 @@ class S3Request(swob.Request):
             'string_to_sign': self.string_to_sign,
             'check_signature': self.check_signature,
         }
-        self.token = None
         self.account = None
         self.user_id = None
         self.slo_enabled = slo_enabled
@@ -1134,8 +1133,6 @@ class S3Request(swob.Request):
         if method is not None:
             env['REQUEST_METHOD'] = method
 
-        env['HTTP_X_AUTH_TOKEN'] = self.token
-
         if obj:
             path = '/v1/%s/%s/%s' % (account, container, obj)
         elif container:
@@ -1327,7 +1324,7 @@ class S3Request(swob.Request):
         except swob.HTTPException as err:
             sw_resp = err
         else:
-            # reuse account and tokens
+            # reuse account
             _, self.account, _ = split_path(sw_resp.environ['PATH_INFO'],
                                             2, 3, True)
 
@@ -1337,10 +1334,11 @@ class S3Request(swob.Request):
         if not self.user_id:
             if 'HTTP_X_USER_NAME' in sw_resp.environ:
                 # keystone
-                self.user_id = \
-                    utf8encode("%s:%s" %
-                               (sw_resp.environ['HTTP_X_TENANT_NAME'],
-                                sw_resp.environ['HTTP_X_USER_NAME']))
+                self.user_id = "%s:%s" % (
+                    sw_resp.environ['HTTP_X_TENANT_NAME'],
+                    sw_resp.environ['HTTP_X_USER_NAME'])
+                if six.PY2 and not isinstance(self.user_id, bytes):
+                    self.user_id = self.user_id.encode('utf8')
             else:
                 # tempauth
                 self.user_id = self.access_key
@@ -1501,8 +1499,8 @@ class S3AclRequest(S3Request):
             # keystone
             self.user_id = "%s:%s" % (sw_resp.environ['HTTP_X_TENANT_NAME'],
                                       sw_resp.environ['HTTP_X_USER_NAME'])
-            self.user_id = utf8encode(self.user_id)
-            self.token = sw_resp.environ.get('HTTP_X_AUTH_TOKEN')
+            if six.PY2 and not isinstance(self.user_id, bytes):
+                self.user_id = self.user_id.encode('utf8')
         else:
             # tempauth
             self.user_id = self.access_key
author	Kota Tsuyuzaki <tsuyuzaki.kota@lab.ntt.co.jp>	2018-10-09 16:42:18 -0700
committer	Tim Burke <tim.burke@gmail.com>	2019-05-09 11:21:00 -0700
commit	4aa71aa25caed34f36fafe2de025425aa1d1e0b2 (patch)
tree	9dc5a0c447670097e2a8c8103891d2f13a6a4e35 /swift/common/middleware/s3api/s3request.py
parent	032cf3b3b4599bd720131c8f02cc6ed8a155683d (diff)
download	swift-4aa71aa25caed34f36fafe2de025425aa1d1e0b2.tar.gz