尝试使用Get auth token for accesing Orion FI-LAB instance中的脚本获取oauth2令牌。我在脚本中更改了参数,当我尝试执行时:
./auth-token.sh myuser@mail.com mypass
X-Auth-Token for 'myuser@mail.com':
未找到任何令牌。我在keystone.log中收到了这个:
2016-04-12 06:46:55.705 2171 DEBUG keystone.middleware.core [-] Auth token not in the request header. Will not build auth context. process_request /etc/keystone/keystone/middleware/core.py:269
2016-04-12 06:46:55.715 2171 DEBUG keystone.common.wsgi [-] arg_dict: {} __call__ /etc/keystone/keystone/common/wsgi.py:192
2016-04-12 06:46:55.732 2171 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [12/Apr/2016 06:46:55] "GET /v3/ HTTP/1.1" 200 484 0.027293
2016-04-12 06:46:55.753 2171 DEBUG keystone.common.kvs.core [-] KVS lock acquired for: os-revoke-events acquire /etc/keystone/keystone/common/kvs/core.py:380
2016-04-12 06:46:55.753 2171 DEBUG keystone.common.kvs.core [-] KVS lock released for: os-revoke-events release /etc/keystone/keystone/common/kvs/core.py:399
2016-04-12 06:46:55.754 2171 DEBUG keystone.middleware.core [-] RBAC: auth_context: {'is_delegated_auth': False, 'access_token_id': None, 'user_id': u'idm_user', 'roles': [u'owner', u'admin'], 'trustee_id': None, 'trustor_id': None, 'consumer_id': None, 'token': <KeystoneToken (audit_id=Yp0OOYSHQdu-lo1IicADWg, audit_chain_id=Yp0OOYSHQdu-lo1IicADWg) at 0x7fbadb0f12a0>, 'project_id': u'idm_project', 'trust_id': None} process_request /etc/keystone/keystone/middleware/core.py:279
2016-04-12 06:46:55.772 2171 DEBUG keystone.common.wsgi [-] arg_dict: {} __call__ /etc/keystone/keystone/common/wsgi.py:192
2016-04-12 06:46:55.773 2171 DEBUG keystone.common.controller [-] RBAC: Authorizing identity:list_roles() _build_policy_check_credentials /etc/keystone/keystone/common/controller.py:56
2016-04-12 06:46:55.773 2171 DEBUG keystone.common.controller [-] RBAC: using auth context from the request environment _build_policy_check_credentials /etc/keystone/keystone/common/controller.py:61
2016-04-12 06:46:55.774 2171 DEBUG keystone.common.controller [-] RBAC: Adding query filter params (name=basic) wrapper /etc/keystone/keystone/common/controller.py:188
2016-04-12 06:46:55.775 2171 DEBUG keystone.policy.backends.rules [-] enforce identity:list_roles: {'is_delegated_auth': False, 'access_token_id': None, 'user_id': u'idm_user', 'roles': [u'owner', u'admin'], 'trustee_id': None, 'trustor_id': None, 'consumer_id': None, 'token': <KeystoneToken (audit_id=Yp0OOYSHQdu-lo1IicADWg, audit_chain_id=Yp0OOYSHQdu-lo1IicADWg) at 0x7fbadb0f12a0>, 'project_id': u'idm_project', 'trust_id': None} enforce /etc/keystone/keystone/policy/backends/rules.py:100
2016-04-12 06:46:55.783 2171 ERROR keystone.common.wsgi [-] Expecting ':' delimiter: line 236 column 40 (char 12086)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi Traceback (most recent call last):
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/keystone/common/wsgi.py", line 224, in __call__
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi result = method(context, **params)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/keystone/common/controller.py", line 196, in wrapper
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi utils.flatten_dict(target))
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/keystone/policy/backends/rules.py", line 101, in enforce
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi enforce(credentials, action, target)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/keystone/policy/backends/rules.py", line 93, in enforce
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi return _ENFORCER.enforce(action, target, credentials, **extra)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/keystone/openstack/common/policy.py", line 314, in enforce
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi self.load_rules()
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/keystone/openstack/common/policy.py", line 243, in load_rules
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi self._load_policy_file(self.policy_path, force_reload)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/keystone/openstack/common/policy.py", line 265, in _load_policy_file
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi rules = Rules.load_json(data, self.default_rule)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/keystone/openstack/common/policy.py", line 132, in load_json
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi jsonutils.loads(data).items())
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/etc/keystone/.venv/local/lib/python2.7/site-packages/oslo_serialization/jsonutils.py", line 213, in loads
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi return json.loads(encodeutils.safe_decode(s, encoding), **kwargs)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/usr/lib/python2.7/json/__init__.py", line 338, in loads
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi return _default_decoder.decode(s)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/usr/lib/python2.7/json/decoder.py", line 366, in decode
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi obj, end = self.raw_decode(s, idx=_w(s, 0).end())
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi File "/usr/lib/python2.7/json/decoder.py", line 382, in raw_decode
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi obj, end = self.scan_once(s, idx)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi ValueError: Expecting ':' delimiter: line 236 column 40 (char 12086)
2016-04-12 06:46:55.783 2171 TRACE keystone.common.wsgi
2016-04-12 06:46:55.802 2171 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [12/Apr/2016 06:46:55] "GET /v3/roles?name=basic HTTP/1.1" 500 420 0.067987
但是,如果我执行此卷曲:
curl -d'{“auth”:{“passwordCredentials”:{“username”:“myuser@mail.com”,“password”:“mypass”}}}'-H“内容类型:application / json“http://localhost:5000/v2.0/tokens
json似乎是正确的:
{"access": {"token": {"issued_at": "2016-04-12T07:06:02.555240", "expires": "2016-04-12T08:06:02Z", "id": "39b2a5ba3459495fb411bd39c7c71477", "audit_ids": ["PMdnBWRuRvi970ulYIwOfA"]}, "serviceCatalog": [], "user": {"username": "myuser@mail.com", "roles_links": [], "id": "myuser", "roles": [], "name": "myuser@mail.com"}, "metadata": {"is_admin": 0, "roles": []}}}
并且log告诉我这个:
2016-04-12 07:07:40.213 2173 DEBUG keystone.middleware.core [-] Auth token not in the request header. Will not build auth context. process_request /etc/keystone/keystone/middleware/core.py:269
2016-04-12 07:07:40.222 2173 DEBUG keystone.common.wsgi [-] arg_dict: {} __call__ /etc/keystone/keystone/common/wsgi.py:192
2016-04-12 07:07:40.473 2173 INFO eventlet.wsgi.server [-] 13.81.11.211 - - [12/Apr/2016 07:07:40] "POST /v2.0/tokens HTTP/1.1" 200 507 0.260248
我没有看不到第一个日志。我认为在keystone.conf中有一些错误,但卷曲时有正确的响应吗?¿?¿???
任何人都可以帮助我?
答案 0 :(得分:1)
哎哟!!!我的错:(
尝试解决其他问题,我触摸文件keystone / etc / policy.json并输入错误。
抱歉这个