)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"b49bd44cfb6378e2ce32bde8ccf81d3fea6d6bde","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"386a711e_c9b8ac52","updated":"2022-03-01 09:16:44.000000000","message":"Thank you for the patch.\n\nPlease kindly find my comments.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"c1f5e908dea37abf9f1c5a3445f968df2104e2c2","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":3,"id":"ab59566b_1861f59f","in_reply_to":"386a711e_c9b8ac52","updated":"2022-03-02 03:00:53.000000000","message":"All comments has been fixed.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"8c7e50e21401ff82d41cb5c4e41dca126448caa5","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"82d2ae25_838765bf","in_reply_to":"ab59566b_1861f59f","updated":"2022-03-09 04:43:49.000000000","message":"Ack","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"c1f5e908dea37abf9f1c5a3445f968df2104e2c2","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":4,"id":"4599f579_4429d483","updated":"2022-03-02 03:00:53.000000000","message":"All comments in Patchset3 have been fixed. Please check to confirm.","commit_id":"a945c2e4a51ba56d718a8f1a65a2b0a46beab20c"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"8c7e50e21401ff82d41cb5c4e41dca126448caa5","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"01218780_d71f8f73","in_reply_to":"4599f579_4429d483","updated":"2022-03-09 04:43:49.000000000","message":"Ack","commit_id":"a945c2e4a51ba56d718a8f1a65a2b0a46beab20c"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"8c7e50e21401ff82d41cb5c4e41dca126448caa5","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"5b0c933e_5e78fa60","updated":"2022-03-09 04:43:49.000000000","message":"Except for the comment at [1], I\u0027ve confirmed fixes. Please kindly submit the patch to solve [1].\n\n[1] https://review.opendev.org/c/openstack/keystoneauth/+/830734/comment/91dd0aa8_e0fe65f1/","commit_id":"6b5c55d617700a9029bfd3ff0e3dd48d36c7dbcd"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"1a2ed2d0145ba9d31cf218c9e7d3e8abab7900df","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"54dffceb_5512ae3f","updated":"2022-03-10 04:38:16.000000000","message":"LGTM","commit_id":"85fab7ab2916072c76ccaeab5a95ec03b1050d3c"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"36b085885f5976cfa68ccbb7ba1803a042ec41d9","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"7bdc2e85_c8eac1c6","updated":"2022-03-10 02:28:25.000000000","message":"The comment has been fixed. Please review again.","commit_id":"85fab7ab2916072c76ccaeab5a95ec03b1050d3c"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"6e1909e6a0fc0a5482b43bc58a0f6c0fd9c5b2cf","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"8dd8e650_6b4d1eba","updated":"2022-03-10 04:53:34.000000000","message":"recheck","commit_id":"85fab7ab2916072c76ccaeab5a95ec03b1050d3c"},{"author":{"_account_id":14250,"name":"Grzegorz Grasza","email":"xek@redhat.com","username":"xek"},"change_message_id":"63402051c46848ecb6690ae72a34b97ecc0188e7","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":10,"id":"3b3dc61b_f6ec4109","updated":"2022-06-06 08:53:31.000000000","message":"https://review.opendev.org/c/openstack/keystoneauth/+/844616 should fix the failing tests","commit_id":"4fd8235ceda3a444628bd965476818ae30617a21"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"d4251edaa1e0139f3c8c43dbfebf612ec4897f6d","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":12,"id":"76b749ee_f44da942","updated":"2022-07-26 02:40:24.000000000","message":"LGTM","commit_id":"a43f6748aa703b6d0fb32ec19515f7a551547ed0"}],"keystoneauth1/identity/v3/oauth2_client_credential.py":[{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"c9b16f4306fa7161b70cc4e660658b380b428d54","unresolved":true,"context_lines":[{"line_number":70,"context_line":"    \"\"\"A plugin for authenticating via an OAuth2.0 client credential."},{"line_number":71,"context_line":""},{"line_number":72,"context_line":"    :param string auth_url: Identity service endpoint for authentication."},{"line_number":73,"context_line":"    :param string oauth2_endpoint:　OAuth2.0 endpoint."},{"line_number":74,"context_line":"    :param string oauth2_client_id: OAuth2.0 client credential id."},{"line_number":75,"context_line":"    :param string oauth2_client_secret: OAuth2.0 client credential secret."},{"line_number":76,"context_line":"    \"\"\""}],"source_content_type":"text/x-python","patch_set":6,"id":"bcc5a894_1af685b1","line":73,"range":{"start_line":73,"start_character":34,"end_line":73,"end_character":35},"updated":"2022-03-10 04:44:30.000000000","message":"nits.\n\nPlease replace this char to space \u0027 \u0027.","commit_id":"85fab7ab2916072c76ccaeab5a95ec03b1050d3c"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"5a82b7c669e9c4522ff7fe5ae94f100328a92989","unresolved":false,"context_lines":[{"line_number":70,"context_line":"    \"\"\"A plugin for authenticating via an OAuth2.0 client credential."},{"line_number":71,"context_line":""},{"line_number":72,"context_line":"    :param string auth_url: Identity service endpoint for authentication."},{"line_number":73,"context_line":"    :param string oauth2_endpoint:　OAuth2.0 endpoint."},{"line_number":74,"context_line":"    :param string oauth2_client_id: OAuth2.0 client credential id."},{"line_number":75,"context_line":"    :param string oauth2_client_secret: OAuth2.0 client credential secret."},{"line_number":76,"context_line":"    \"\"\""}],"source_content_type":"text/x-python","patch_set":6,"id":"4730e617_3d73a4af","line":73,"range":{"start_line":73,"start_character":34,"end_line":73,"end_character":35},"in_reply_to":"bcc5a894_1af685b1","updated":"2022-03-11 07:38:20.000000000","message":"fixed","commit_id":"85fab7ab2916072c76ccaeab5a95ec03b1050d3c"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"aef78d13d240791ab540e3c19c8338d2e13c534e","unresolved":true,"context_lines":[{"line_number":109,"context_line":"        # using the HTTPS protocol."},{"line_number":110,"context_line":"        if self._oauth2_endpoint.lower().startswith(\u0027https\u0027):"},{"line_number":111,"context_line":"            data \u003d {\"grant_type\": \"client_credentials\"}"},{"line_number":112,"context_line":"            auth_base64 \u003d base64.standard_b64encode(\"{0}:{1}\".format("},{"line_number":113,"context_line":"                self._oauth2_client_id,"},{"line_number":114,"context_line":"                self._oauth2_client_secret"},{"line_number":115,"context_line":"            ).encode(\"utf-8\")).decode(\"utf-8\")"},{"line_number":116,"context_line":"            resp \u003d session.request(self._oauth2_endpoint,"},{"line_number":117,"context_line":"                                   \"POST\","},{"line_number":118,"context_line":"                                   authenticated\u003dFalse,"},{"line_number":119,"context_line":"                                   raise_exc\u003dFalse,"},{"line_number":120,"context_line":"                                   data\u003ddata,"},{"line_number":121,"context_line":"                                   headers\u003d{"},{"line_number":122,"context_line":"                                       \"Authorization\": \"Basic {0}\".format("},{"line_number":123,"context_line":"                                           auth_base64)"},{"line_number":124,"context_line":"                                   })"},{"line_number":125,"context_line":"            if resp.status_code \u003d\u003d 200:"},{"line_number":126,"context_line":"                oauth2 \u003d resp.json()"},{"line_number":127,"context_line":"                oauth2_token \u003d oauth2[\"access_token\"]"}],"source_content_type":"text/x-python","patch_set":8,"id":"1b084d05_52294711","line":124,"range":{"start_line":112,"start_character":12,"end_line":124,"end_character":37},"updated":"2022-04-28 12:49:38.000000000","message":"If I\u0027m not wrong, requests provides a parameter for doing basic authentication, this perhaps might make the code here simpler and easier to maintain.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"2cfaefa40b0636cd3d6c9e1a0a47ea4f94df12fd","unresolved":true,"context_lines":[{"line_number":109,"context_line":"        # using the HTTPS protocol."},{"line_number":110,"context_line":"        if self._oauth2_endpoint.lower().startswith(\u0027https\u0027):"},{"line_number":111,"context_line":"            data \u003d {\"grant_type\": \"client_credentials\"}"},{"line_number":112,"context_line":"            auth_base64 \u003d base64.standard_b64encode(\"{0}:{1}\".format("},{"line_number":113,"context_line":"                self._oauth2_client_id,"},{"line_number":114,"context_line":"                self._oauth2_client_secret"},{"line_number":115,"context_line":"            ).encode(\"utf-8\")).decode(\"utf-8\")"},{"line_number":116,"context_line":"            resp \u003d session.request(self._oauth2_endpoint,"},{"line_number":117,"context_line":"                                   \"POST\","},{"line_number":118,"context_line":"                                   authenticated\u003dFalse,"},{"line_number":119,"context_line":"                                   raise_exc\u003dFalse,"},{"line_number":120,"context_line":"                                   data\u003ddata,"},{"line_number":121,"context_line":"                                   headers\u003d{"},{"line_number":122,"context_line":"                                       \"Authorization\": \"Basic {0}\".format("},{"line_number":123,"context_line":"                                           auth_base64)"},{"line_number":124,"context_line":"                                   })"},{"line_number":125,"context_line":"            if resp.status_code \u003d\u003d 200:"},{"line_number":126,"context_line":"                oauth2 \u003d resp.json()"},{"line_number":127,"context_line":"                oauth2_token \u003d oauth2[\"access_token\"]"}],"source_content_type":"text/x-python","patch_set":8,"id":"51567fad_446a4836","line":124,"range":{"start_line":112,"start_character":12,"end_line":124,"end_character":37},"in_reply_to":"1b084d05_52294711","updated":"2022-05-25 03:06:32.000000000","message":"Thank you for your comment.\nThe session.request used here appears to do more than just send a request.\nTherefore, it is not known how to use the requests library to perform the exact same operation.\nWe think it should be the same as the existing logic, so we want to keep the implementation using the current session.request.\nWhat do you think?","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"50db56fdc5c7061c89646fe6071e3e4420c9fe7f","unresolved":true,"context_lines":[{"line_number":109,"context_line":"        # using the HTTPS protocol."},{"line_number":110,"context_line":"        if self._oauth2_endpoint.lower().startswith(\u0027https\u0027):"},{"line_number":111,"context_line":"            data \u003d {\"grant_type\": \"client_credentials\"}"},{"line_number":112,"context_line":"            auth_base64 \u003d base64.standard_b64encode(\"{0}:{1}\".format("},{"line_number":113,"context_line":"                self._oauth2_client_id,"},{"line_number":114,"context_line":"                self._oauth2_client_secret"},{"line_number":115,"context_line":"            ).encode(\"utf-8\")).decode(\"utf-8\")"},{"line_number":116,"context_line":"            resp \u003d session.request(self._oauth2_endpoint,"},{"line_number":117,"context_line":"                                   \"POST\","},{"line_number":118,"context_line":"                                   authenticated\u003dFalse,"},{"line_number":119,"context_line":"                                   raise_exc\u003dFalse,"},{"line_number":120,"context_line":"                                   data\u003ddata,"},{"line_number":121,"context_line":"                                   headers\u003d{"},{"line_number":122,"context_line":"                                       \"Authorization\": \"Basic {0}\".format("},{"line_number":123,"context_line":"                                           auth_base64)"},{"line_number":124,"context_line":"                                   })"},{"line_number":125,"context_line":"            if resp.status_code \u003d\u003d 200:"},{"line_number":126,"context_line":"                oauth2 \u003d resp.json()"},{"line_number":127,"context_line":"                oauth2_token \u003d oauth2[\"access_token\"]"}],"source_content_type":"text/x-python","patch_set":8,"id":"d55d63bd_38a42582","line":124,"range":{"start_line":112,"start_character":12,"end_line":124,"end_character":37},"in_reply_to":"51567fad_446a4836","updated":"2022-07-22 10:14:39.000000000","message":"Fix to simplify code that sends a request.\n(Patchset 12)","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"aef78d13d240791ab540e3c19c8338d2e13c534e","unresolved":true,"context_lines":[{"line_number":131,"context_line":"                    headers \u003d {\u0027Authorization\u0027: f\u0027Bearer {oauth2_token}\u0027}"},{"line_number":132,"context_line":"            else:"},{"line_number":133,"context_line":"                error \u003d resp.json()"},{"line_number":134,"context_line":"                msg \u003d error[\"error_description\"]"},{"line_number":135,"context_line":"                raise ClientException(msg)"},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"        return headers"}],"source_content_type":"text/x-python","patch_set":8,"id":"bc54c31e_641c817c","line":134,"range":{"start_line":134,"start_character":16,"end_line":134,"end_character":48},"updated":"2022-04-28 12:49:38.000000000","message":"Is error_description a required field for authorization servers when returning an error? You might run into a KeyError here.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"eff35f606db8c6ffe7ea67e246faf996eb2e9b0d","unresolved":true,"context_lines":[{"line_number":131,"context_line":"                    headers \u003d {\u0027Authorization\u0027: f\u0027Bearer {oauth2_token}\u0027}"},{"line_number":132,"context_line":"            else:"},{"line_number":133,"context_line":"                error \u003d resp.json()"},{"line_number":134,"context_line":"                msg \u003d error[\"error_description\"]"},{"line_number":135,"context_line":"                raise ClientException(msg)"},{"line_number":136,"context_line":""},{"line_number":137,"context_line":"        return headers"}],"source_content_type":"text/x-python","patch_set":8,"id":"5afdb707_4dee01f1","line":134,"range":{"start_line":134,"start_character":16,"end_line":134,"end_character":48},"in_reply_to":"bc54c31e_641c817c","updated":"2022-05-31 08:44:00.000000000","message":"Since error always contains \"error_description\", I think there is no problem in the existing implementation, but it was fixed to \"get\" for safety.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"a181d438c1bca8b19af6d0057c18135fd7886f67","unresolved":true,"context_lines":[{"line_number":107,"context_line":""},{"line_number":108,"context_line":"        # Get OAuth2.0 access token and add the field \u0027Authorization\u0027 when"},{"line_number":109,"context_line":"        # using the HTTPS protocol."},{"line_number":110,"context_line":"        if self._oauth2_endpoint.lower().startswith(\u0027https\u0027):"},{"line_number":111,"context_line":"            data \u003d {\"grant_type\": \"client_credentials\"}"},{"line_number":112,"context_line":"            auth \u003d requests.auth.HTTPBasicAuth(self._oauth2_client_id,"},{"line_number":113,"context_line":"                                               self._oauth2_client_secret)"}],"source_content_type":"text/x-python","patch_set":12,"id":"da754db3_8af29953","line":110,"updated":"2022-08-26 15:45:18.000000000","message":"I don\u0027t want to explicitly require HTTPS here. If the only way to reach the keystone endpoint is via HTTPS, then you are already satisfying the requirement that the endpoint MUST use https. Leaving more flexibility here allows playing around with thing in a testing environment when TLS is not necessary.","commit_id":"a43f6748aa703b6d0fb32ec19515f7a551547ed0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"881f7741d8a663e01a46457e984903499e0ed81d","unresolved":true,"context_lines":[{"line_number":107,"context_line":""},{"line_number":108,"context_line":"        # Get OAuth2.0 access token and add the field \u0027Authorization\u0027 when"},{"line_number":109,"context_line":"        # using the HTTPS protocol."},{"line_number":110,"context_line":"        if self._oauth2_endpoint.lower().startswith(\u0027https\u0027):"},{"line_number":111,"context_line":"            data \u003d {\"grant_type\": \"client_credentials\"}"},{"line_number":112,"context_line":"            auth \u003d requests.auth.HTTPBasicAuth(self._oauth2_client_id,"},{"line_number":113,"context_line":"                                               self._oauth2_client_secret)"}],"source_content_type":"text/x-python","patch_set":12,"id":"50ab87f7_48c18bdf","line":110,"in_reply_to":"da754db3_8af29953","updated":"2022-08-30 11:09:22.000000000","message":"I deleted the part to check whether it is https or not.\n(Patchset 13)","commit_id":"a43f6748aa703b6d0fb32ec19515f7a551547ed0"}],"keystoneauth1/session.py":[{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"b49bd44cfb6378e2ce32bde8ccf81d3fea6d6bde","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"91dd0aa8_e0fe65f1","line":932,"updated":"2022-03-01 09:16:44.000000000","message":"Please consider to add NOTE here to clarify that the purpose of this if statement is to prohibit using HTTP with OAuth2.0. This block is not easy to understand for developers who read this part for the first time.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"9a81e9f6663612cea52223ecbcab5d077a631dc5","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"53513bcf_f7f9026b","line":932,"in_reply_to":"16ff1b4e_2cfd6c8f","updated":"2022-03-04 09:53:36.000000000","message":"Thank you for your comment.\n\nI think these are different things. We need to think about obtaining an access token and sending a request separately as follows.\n\n1. Check ``auth_url`` starts with https\n2. If Step 1 is true, get an access token from ``/v3/OS-OAUTH2/token``\n3. Check ``url`` starts with https\n4. if Step 3 is false, remove ``Authorization`` from headers.\n\nStep 1 and 2 should be handled by ``get_headers``, and Step 3 and 4 should be handled by ``request``, respectively.\n\n[1] https://review.opendev.org/c/openstack/keystoneauth/+/830734/3/keystoneauth1/identity/v3/oauth2_client_credential.py#76\n[2] https://review.opendev.org/c/openstack/keystoneauth/+/830734/3..4/keystoneauth1/session.py#937","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"fe7b7b73d53186ac0fb0d3ebb0507d56f82eb604","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"335b3d96_ba10593e","line":932,"in_reply_to":"19ee1ee0_d4a79254","updated":"2022-03-07 07:54:48.000000000","message":"[Additional]\nThe main points I care about are the following.\nAlthough session.py is a common class, can we add special handling for a particular auth_type in the request method of that class?\nSome special cases may be affected if we remove ``Authorization`` directly without determining if auth_type is OAuth2ClientCredential.\ne.g. When the ``Authorization`` field is used in the http protocol on a local area network","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"354456baba4eb9e858619b28de297e1276de956e","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"f587affb_e2fa51a6","line":932,"in_reply_to":"2041ed80_d2c39aa1","updated":"2022-03-02 12:13:43.000000000","message":"To: Kristi Nikolla and Gage Hugo\nThis is also related to a part of main logic for keystoneauth, so, if you have some comments, please give us.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"1a2ed2d0145ba9d31cf218c9e7d3e8abab7900df","unresolved":false,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"b5529ade_e51c425f","line":932,"in_reply_to":"2eab6b52_c67bf1ee","updated":"2022-03-10 04:38:16.000000000","message":"Thank you for your hard work. I really appreciate that.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"2c5d260672e1913319d90a61eb8e6ee2d3253132","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"9b279eb6_6e3302d6","line":932,"in_reply_to":"335b3d96_ba10593e","updated":"2022-03-08 07:47:26.000000000","message":"Sorry, I didn\u0027t make things clear. \"3. Check ``url`` starts with https\" in my previous comment means \"3. Check OAuth2ClientCredential is used and ``url`` starts with https\", so, it doesn\u0027t affect to the other authentication methods. \nMy point is obtaining an access token and making API request headers should be processed separately, and the access token should be obtained from `/v3/OS-OAUTH2/token``.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"46d48f157f69c13692c723015656a898410a44ef","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"19ee1ee0_d4a79254","line":932,"in_reply_to":"53513bcf_f7f9026b","updated":"2022-03-07 07:30:07.000000000","message":"Thank you for your comment.\nAs Asahina commented above, it would be possible to remove the ``Authorization`` field from the header if it is OAuth2ClientCredential and the url does not start with https.\nWould removing the ``Authorization`` field directly in session.py be a problem for KeyStone coding rules?\nIf there is no problem, we would like to modify the implementation with this policy.\nI would like to know the views of the core members of KeyStone.\nThank you and best regards,","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"c1f5e908dea37abf9f1c5a3445f968df2104e2c2","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"1128f2e4_01e63124","line":932,"in_reply_to":"91dd0aa8_e0fe65f1","updated":"2022-03-02 03:00:53.000000000","message":"A comment of the processing logic has been added.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"0f256963afbbcb827ed042e0bc05784792565ae7","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"2041ed80_d2c39aa1","line":932,"in_reply_to":"91dd0aa8_e0fe65f1","updated":"2022-03-02 03:43:23.000000000","message":"I feel we need to discuss this procedure, i.e., setting both \u0027X-Auth-Token\u0027 and \u0027Authorization\u0027 headers, in terms of the place and the method. \n\n**Place**\n\nAfter reading keystonauth codes again, I came to think here is not an appropriate place to do this procedure. The ``get_headers`` method in ``BaseAuthPlugin`` might be an appropriate method to handle this procedure. So, I suggest to override ``get_headers`` in ``OAuth2ClientCredential``.\n\n**Method**\n\nI think confirming auth_url for OAuth2.0 uses HTTPS is also necessary. In addition, an OAuth2.0 access token should be obtained from ``/v3/OS-OAUTH2/token`` endpoint even if the same token as the application credentials is used because this is what users expect. I suppose you can do this in ``get_headers`` method mentioned earlier.\n\nCould you please tell me the feasibility of the above suggestions?\n\n[1] https://github.com/openstack/keystoneauth/blob/master/keystoneauth1/plugin.py#L75-L96\n[2] https://review.opendev.org/c/openstack/keystoneauth/+/830734/3/keystoneauth1/identity/v3/oauth2_client_credential.py#76","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"36b085885f5976cfa68ccbb7ba1803a042ec41d9","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"2eab6b52_c67bf1ee","line":932,"in_reply_to":"9b279eb6_6e3302d6","updated":"2022-03-10 02:28:25.000000000","message":"The processing logic has been modified in accordance with the above recommendations.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"f1b5a9ab31f94f5cb8ac9303c09f5326e4babbec","unresolved":true,"context_lines":[{"line_number":929,"context_line":"        else:"},{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":"        if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":933,"context_line":"                isinstance(auth if auth else self.auth,"},{"line_number":934,"context_line":"                           OAuth2ClientCredential)):"},{"line_number":935,"context_line":"            token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"16ff1b4e_2cfd6c8f","line":932,"in_reply_to":"f587affb_e2fa51a6","updated":"2022-03-04 01:06:38.000000000","message":"In my opinion, when using the get_headers method, we need to pass the \u0027url\u0027 to the get_headers method to determine if the url starts with \u0027https\u0027.\nSpecifically, pass the \u0027url\u0027 as kwargs to `get_auth_headers` method, which is processed below[1].\nBut this is part of the general process of keystone and tacker, so I think it has a big impact.\nDo you have any comments on which is better, the current way or to pass \u0027url\u0027 to the get_auth_headers method?\n[1] https://review.opendev.org/c/openstack/keystoneauth/+/830734/3..4/keystoneauth1/session.py#990","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"b49bd44cfb6378e2ce32bde8ccf81d3fea6d6bde","unresolved":true,"context_lines":[{"line_number":986,"context_line":""},{"line_number":987,"context_line":"                if auth_headers is not None:"},{"line_number":988,"context_line":"                    headers.update(auth_headers)"},{"line_number":989,"context_line":"                    if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":990,"context_line":"                            isinstance(auth if auth else self.auth,"},{"line_number":991,"context_line":"                                       OAuth2ClientCredential)):"},{"line_number":992,"context_line":"                        token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"ce547b82_b9feec9a","line":989,"updated":"2022-03-01 09:16:44.000000000","message":"ditto","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"8c7e50e21401ff82d41cb5c4e41dca126448caa5","unresolved":false,"context_lines":[{"line_number":986,"context_line":""},{"line_number":987,"context_line":"                if auth_headers is not None:"},{"line_number":988,"context_line":"                    headers.update(auth_headers)"},{"line_number":989,"context_line":"                    if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":990,"context_line":"                            isinstance(auth if auth else self.auth,"},{"line_number":991,"context_line":"                                       OAuth2ClientCredential)):"},{"line_number":992,"context_line":"                        token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"ac82dc16_01f5bdbf","line":989,"in_reply_to":"0c6723d8_3f485f91","updated":"2022-03-09 04:43:49.000000000","message":"Ack","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"c1f5e908dea37abf9f1c5a3445f968df2104e2c2","unresolved":true,"context_lines":[{"line_number":986,"context_line":""},{"line_number":987,"context_line":"                if auth_headers is not None:"},{"line_number":988,"context_line":"                    headers.update(auth_headers)"},{"line_number":989,"context_line":"                    if (url.lower().startswith(\u0027https\u0027) and"},{"line_number":990,"context_line":"                            isinstance(auth if auth else self.auth,"},{"line_number":991,"context_line":"                                       OAuth2ClientCredential)):"},{"line_number":992,"context_line":"                        token \u003d headers.get(\u0027X-Auth-Token\u0027)"}],"source_content_type":"text/x-python","patch_set":3,"id":"0c6723d8_3f485f91","line":989,"in_reply_to":"ce547b82_b9feec9a","updated":"2022-03-02 03:00:53.000000000","message":"A comment of the processing logic has been added.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"aef78d13d240791ab540e3c19c8338d2e13c534e","unresolved":true,"context_lines":[{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":""},{"line_number":933,"context_line":"        # According to RFC6749, the \"Authorization\" field for Oauth2.0"},{"line_number":934,"context_line":"        # authentication needs be added to the request headers. In addition,"},{"line_number":935,"context_line":"        # because the authentication field is a sensitive field, the request"},{"line_number":936,"context_line":"        # header can not contain this field when not using the HTTPS protocol."},{"line_number":937,"context_line":"        if (isinstance(auth if auth else self.auth, OAuth2ClientCredential)"},{"line_number":938,"context_line":"                and not url.lower().startswith(\u0027https\u0027)"},{"line_number":939,"context_line":"                and \u0027Authorization\u0027 in headers):"},{"line_number":940,"context_line":"            headers.pop(\u0027Authorization\u0027)"},{"line_number":941,"context_line":""}],"source_content_type":"text/x-python","patch_set":8,"id":"ecb456cf_3b16eef9","line":938,"range":{"start_line":933,"start_character":8,"end_line":938,"end_character":55},"updated":"2022-04-28 12:49:38.000000000","message":"I don\u0027t believe that we should be enforcing a check on \u0027https\u0027. I don\u0027t believe I\u0027ve encountered other clients that do that, and we\u0027re not doing it for other authentication methods like fernet, etc which are also sensitive bearer tokens.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"change_message_id":"586eeb18dae42060ca6373f63b7aeaede1de0fbd","unresolved":true,"context_lines":[{"line_number":935,"context_line":"        # because the authentication field is a sensitive field, the request"},{"line_number":936,"context_line":"        # header can not contain this field when not using the HTTPS protocol."},{"line_number":937,"context_line":"        if (isinstance(auth if auth else self.auth, OAuth2ClientCredential)"},{"line_number":938,"context_line":"                and not url.lower().startswith(\u0027https\u0027)"},{"line_number":939,"context_line":"                and \u0027Authorization\u0027 in headers):"},{"line_number":940,"context_line":"            headers.pop(\u0027Authorization\u0027)"},{"line_number":941,"context_line":""}],"source_content_type":"text/x-python","patch_set":8,"id":"624d8999_a7ad9801","line":938,"updated":"2022-04-28 12:50:12.000000000","message":"Nowhere else in the client do we make such an assertion.  According to the RFC the server is responsible for this.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"eff35f606db8c6ffe7ea67e246faf996eb2e9b0d","unresolved":true,"context_lines":[{"line_number":935,"context_line":"        # because the authentication field is a sensitive field, the request"},{"line_number":936,"context_line":"        # header can not contain this field when not using the HTTPS protocol."},{"line_number":937,"context_line":"        if (isinstance(auth if auth else self.auth, OAuth2ClientCredential)"},{"line_number":938,"context_line":"                and not url.lower().startswith(\u0027https\u0027)"},{"line_number":939,"context_line":"                and \u0027Authorization\u0027 in headers):"},{"line_number":940,"context_line":"            headers.pop(\u0027Authorization\u0027)"},{"line_number":941,"context_line":""}],"source_content_type":"text/x-python","patch_set":8,"id":"daa2e133_3e5b6a78","line":938,"in_reply_to":"624d8999_a7ad9801","updated":"2022-05-31 08:44:00.000000000","message":"The operation to check whether it is http or https has been deleted.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"eff35f606db8c6ffe7ea67e246faf996eb2e9b0d","unresolved":true,"context_lines":[{"line_number":930,"context_line":"            if connection_params:"},{"line_number":931,"context_line":"                kwargs.update(connection_params)"},{"line_number":932,"context_line":""},{"line_number":933,"context_line":"        # According to RFC6749, the \"Authorization\" field for Oauth2.0"},{"line_number":934,"context_line":"        # authentication needs be added to the request headers. In addition,"},{"line_number":935,"context_line":"        # because the authentication field is a sensitive field, the request"},{"line_number":936,"context_line":"        # header can not contain this field when not using the HTTPS protocol."},{"line_number":937,"context_line":"        if (isinstance(auth if auth else self.auth, OAuth2ClientCredential)"},{"line_number":938,"context_line":"                and not url.lower().startswith(\u0027https\u0027)"},{"line_number":939,"context_line":"                and \u0027Authorization\u0027 in headers):"},{"line_number":940,"context_line":"            headers.pop(\u0027Authorization\u0027)"},{"line_number":941,"context_line":""}],"source_content_type":"text/x-python","patch_set":8,"id":"f59a33e1_18e627c6","line":938,"range":{"start_line":933,"start_character":8,"end_line":938,"end_character":55},"in_reply_to":"ecb456cf_3b16eef9","updated":"2022-05-31 08:44:00.000000000","message":"The operation to check whether it is http or https has been deleted.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"edc622057e2de93c3d92303b293bb3b0233b9a5a","unresolved":true,"context_lines":[{"line_number":986,"context_line":"                    # a sensitive field, the request header cant not contains"},{"line_number":987,"context_line":"                    # this field when not using the HTTPS protocol."},{"line_number":988,"context_line":"                    if (isinstance(auth if auth else self.auth,"},{"line_number":989,"context_line":"                                   OAuth2ClientCredential)"},{"line_number":990,"context_line":"                            and not url.lower().startswith(\u0027https\u0027)"},{"line_number":991,"context_line":"                            and \u0027Authorization\u0027 in headers):"},{"line_number":992,"context_line":"                        headers.pop(\u0027Authorization\u0027)"}],"source_content_type":"text/x-python","patch_set":10,"id":"639bf6c5_6d151aa6","line":989,"updated":"2022-07-04 10:13:08.000000000","message":"I think the same change as ``https://review.opendev.org/c/openstack/keystoneauth/+/830734/comments/ecb456cf_3b16eef9`` is needed here.","commit_id":"4fd8235ceda3a444628bd965476818ae30617a21"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"d4251edaa1e0139f3c8c43dbfebf612ec4897f6d","unresolved":false,"context_lines":[{"line_number":986,"context_line":"                    # a sensitive field, the request header cant not contains"},{"line_number":987,"context_line":"                    # this field when not using the HTTPS protocol."},{"line_number":988,"context_line":"                    if (isinstance(auth if auth else self.auth,"},{"line_number":989,"context_line":"                                   OAuth2ClientCredential)"},{"line_number":990,"context_line":"                            and not url.lower().startswith(\u0027https\u0027)"},{"line_number":991,"context_line":"                            and \u0027Authorization\u0027 in headers):"},{"line_number":992,"context_line":"                        headers.pop(\u0027Authorization\u0027)"}],"source_content_type":"text/x-python","patch_set":10,"id":"a2e15d0f_6984c0df","line":989,"in_reply_to":"32841933_2f8cd747","updated":"2022-07-26 02:40:24.000000000","message":"Done","commit_id":"4fd8235ceda3a444628bd965476818ae30617a21"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"50db56fdc5c7061c89646fe6071e3e4420c9fe7f","unresolved":true,"context_lines":[{"line_number":986,"context_line":"                    # a sensitive field, the request header cant not contains"},{"line_number":987,"context_line":"                    # this field when not using the HTTPS protocol."},{"line_number":988,"context_line":"                    if (isinstance(auth if auth else self.auth,"},{"line_number":989,"context_line":"                                   OAuth2ClientCredential)"},{"line_number":990,"context_line":"                            and not url.lower().startswith(\u0027https\u0027)"},{"line_number":991,"context_line":"                            and \u0027Authorization\u0027 in headers):"},{"line_number":992,"context_line":"                        headers.pop(\u0027Authorization\u0027)"}],"source_content_type":"text/x-python","patch_set":10,"id":"32841933_2f8cd747","line":989,"in_reply_to":"639bf6c5_6d151aa6","updated":"2022-07-22 10:14:39.000000000","message":"I fixed it according to the comment.\n(Patchset 12)","commit_id":"4fd8235ceda3a444628bd965476818ae30617a21"}],"keystoneauth1/tests/unit/identity/test_identity_v3.py":[{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"b49bd44cfb6378e2ce32bde8ccf81d3fea6d6bde","unresolved":true,"context_lines":[{"line_number":835,"context_line":"        s \u003d session.Session(auth\u003dclient_cre)"},{"line_number":836,"context_line":"        initial_cache_id \u003d client_cre.get_cache_id()"},{"line_number":837,"context_line":""},{"line_number":838,"context_line":"        self.assertEqual({\u0027X-Auth-Token\u0027: self.TEST_TOKEN},"},{"line_number":839,"context_line":"                         s.get_auth_headers())"},{"line_number":840,"context_line":"        self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":841,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa6fbb86_427326d9","line":838,"updated":"2022-03-01 09:16:44.000000000","message":"It\u0027s better to check the request body, which must specify the `application credential` as a method, like the other tests. We can see OAuth2ClientCredential correctly creates a request for the application credentials and other developers can understand OAuth2ClientCedential, actually, creates a request for the application credentials.\n\n```\n        self.assertRequestBodyIs(json\u003dreq)\n```","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"8c7e50e21401ff82d41cb5c4e41dca126448caa5","unresolved":false,"context_lines":[{"line_number":835,"context_line":"        s \u003d session.Session(auth\u003dclient_cre)"},{"line_number":836,"context_line":"        initial_cache_id \u003d client_cre.get_cache_id()"},{"line_number":837,"context_line":""},{"line_number":838,"context_line":"        self.assertEqual({\u0027X-Auth-Token\u0027: self.TEST_TOKEN},"},{"line_number":839,"context_line":"                         s.get_auth_headers())"},{"line_number":840,"context_line":"        self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":841,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"}],"source_content_type":"text/x-python","patch_set":3,"id":"fcf7e7ab_31fe05d3","line":838,"in_reply_to":"d803f147_58d0f6b1","updated":"2022-03-09 04:43:49.000000000","message":"Ack\n\nbut it might have to be changed according to the discussion in https://review.opendev.org/c/openstack/keystoneauth/+/830734/comment/91dd0aa8_e0fe65f1/","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"c1f5e908dea37abf9f1c5a3445f968df2104e2c2","unresolved":true,"context_lines":[{"line_number":835,"context_line":"        s \u003d session.Session(auth\u003dclient_cre)"},{"line_number":836,"context_line":"        initial_cache_id \u003d client_cre.get_cache_id()"},{"line_number":837,"context_line":""},{"line_number":838,"context_line":"        self.assertEqual({\u0027X-Auth-Token\u0027: self.TEST_TOKEN},"},{"line_number":839,"context_line":"                         s.get_auth_headers())"},{"line_number":840,"context_line":"        self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":841,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"}],"source_content_type":"text/x-python","patch_set":3,"id":"d803f147_58d0f6b1","line":838,"in_reply_to":"fa6fbb86_427326d9","updated":"2022-03-02 03:00:53.000000000","message":"Has added test code for checking the request body.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"b49bd44cfb6378e2ce32bde8ccf81d3fea6d6bde","unresolved":true,"context_lines":[{"line_number":840,"context_line":"        self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":841,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"},{"line_number":842,"context_line":""},{"line_number":843,"context_line":"    def test_oauth2_client_credential_method_https(self):"},{"line_number":844,"context_line":"        self.TEST_URL \u003d self.TEST_URL.replace(\u0027http:\u0027, \u0027https:\u0027)"},{"line_number":845,"context_line":"        self.stub_auth(json\u003dself.TEST_APP_CRED_TOKEN_RESPONSE)"},{"line_number":846,"context_line":"        client_cre \u003d v3.OAuth2ClientCredential("}],"source_content_type":"text/x-python","patch_set":3,"id":"66fc8036_dc8c3bd9","line":843,"updated":"2022-03-01 09:16:44.000000000","message":"Isn\u0027t possible to test whether or not ``Authorization`` header is set correctly in a request?","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"c1f5e908dea37abf9f1c5a3445f968df2104e2c2","unresolved":true,"context_lines":[{"line_number":840,"context_line":"        self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":841,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"},{"line_number":842,"context_line":""},{"line_number":843,"context_line":"    def test_oauth2_client_credential_method_https(self):"},{"line_number":844,"context_line":"        self.TEST_URL \u003d self.TEST_URL.replace(\u0027http:\u0027, \u0027https:\u0027)"},{"line_number":845,"context_line":"        self.stub_auth(json\u003dself.TEST_APP_CRED_TOKEN_RESPONSE)"},{"line_number":846,"context_line":"        client_cre \u003d v3.OAuth2ClientCredential("}],"source_content_type":"text/x-python","patch_set":3,"id":"82f859b5_17976bd3","line":843,"in_reply_to":"66fc8036_dc8c3bd9","updated":"2022-03-02 03:00:53.000000000","message":"Has added test code for checking if the request includes \u0027Authorization\u0027 field.","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"8c7e50e21401ff82d41cb5c4e41dca126448caa5","unresolved":false,"context_lines":[{"line_number":840,"context_line":"        self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":841,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"},{"line_number":842,"context_line":""},{"line_number":843,"context_line":"    def test_oauth2_client_credential_method_https(self):"},{"line_number":844,"context_line":"        self.TEST_URL \u003d self.TEST_URL.replace(\u0027http:\u0027, \u0027https:\u0027)"},{"line_number":845,"context_line":"        self.stub_auth(json\u003dself.TEST_APP_CRED_TOKEN_RESPONSE)"},{"line_number":846,"context_line":"        client_cre \u003d v3.OAuth2ClientCredential("}],"source_content_type":"text/x-python","patch_set":3,"id":"1748be41_a0075713","line":843,"in_reply_to":"82f859b5_17976bd3","updated":"2022-03-09 04:43:49.000000000","message":"Ack","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"8c7e50e21401ff82d41cb5c4e41dca126448caa5","unresolved":false,"context_lines":[{"line_number":840,"context_line":"        self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":841,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"},{"line_number":842,"context_line":""},{"line_number":843,"context_line":"    def test_oauth2_client_credential_method_https(self):"},{"line_number":844,"context_line":"        self.TEST_URL \u003d self.TEST_URL.replace(\u0027http:\u0027, \u0027https:\u0027)"},{"line_number":845,"context_line":"        self.stub_auth(json\u003dself.TEST_APP_CRED_TOKEN_RESPONSE)"},{"line_number":846,"context_line":"        client_cre \u003d v3.OAuth2ClientCredential("}],"source_content_type":"text/x-python","patch_set":3,"id":"309ef24d_89b21896","line":843,"in_reply_to":"82f859b5_17976bd3","updated":"2022-03-09 04:43:49.000000000","message":"Ack","commit_id":"3325085e755e0d82d4ea3408963ff75718ffc377"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"aef78d13d240791ab540e3c19c8338d2e13c534e","unresolved":true,"context_lines":[{"line_number":845,"context_line":"        self.assertEqual(self.TEST_TOKEN, auth_head[\u0027X-Auth-Token\u0027])"},{"line_number":846,"context_line":"        self.assertNotIn(\u0027Authorization\u0027, auth_head)"},{"line_number":847,"context_line":""},{"line_number":848,"context_line":"        verify_req_json \u003d {"},{"line_number":849,"context_line":"            \u0027auth\u0027: {"},{"line_number":850,"context_line":"                \u0027identity\u0027: {"},{"line_number":851,"context_line":"                    \u0027application_credential\u0027: {"},{"line_number":852,"context_line":"                        \u0027id\u0027: \u0027clientcredid\u0027,"},{"line_number":853,"context_line":"                        \u0027secret\u0027: \u0027secret\u0027"},{"line_number":854,"context_line":"                    },"},{"line_number":855,"context_line":"                    \u0027methods\u0027: [\u0027application_credential\u0027]"},{"line_number":856,"context_line":"                }"},{"line_number":857,"context_line":"            }"},{"line_number":858,"context_line":"        }"},{"line_number":859,"context_line":"        self.assertRequestBodyIs(json\u003dverify_req_json)"},{"line_number":860,"context_line":"        self.assertEqual(sess.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":861,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"}],"source_content_type":"text/x-python","patch_set":8,"id":"fddbedb0_8b0cff02","line":858,"range":{"start_line":848,"start_character":8,"end_line":858,"end_character":9},"updated":"2022-04-28 12:49:38.000000000","message":"Why is this authenticating as an application credential?","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"2cfaefa40b0636cd3d6c9e1a0a47ea4f94df12fd","unresolved":true,"context_lines":[{"line_number":845,"context_line":"        self.assertEqual(self.TEST_TOKEN, auth_head[\u0027X-Auth-Token\u0027])"},{"line_number":846,"context_line":"        self.assertNotIn(\u0027Authorization\u0027, auth_head)"},{"line_number":847,"context_line":""},{"line_number":848,"context_line":"        verify_req_json \u003d {"},{"line_number":849,"context_line":"            \u0027auth\u0027: {"},{"line_number":850,"context_line":"                \u0027identity\u0027: {"},{"line_number":851,"context_line":"                    \u0027application_credential\u0027: {"},{"line_number":852,"context_line":"                        \u0027id\u0027: \u0027clientcredid\u0027,"},{"line_number":853,"context_line":"                        \u0027secret\u0027: \u0027secret\u0027"},{"line_number":854,"context_line":"                    },"},{"line_number":855,"context_line":"                    \u0027methods\u0027: [\u0027application_credential\u0027]"},{"line_number":856,"context_line":"                }"},{"line_number":857,"context_line":"            }"},{"line_number":858,"context_line":"        }"},{"line_number":859,"context_line":"        self.assertRequestBodyIs(json\u003dverify_req_json)"},{"line_number":860,"context_line":"        self.assertEqual(sess.auth.auth_ref.auth_token, self.TEST_TOKEN)"},{"line_number":861,"context_line":"        self.assertEqual(initial_cache_id, client_cre.get_cache_id())"}],"source_content_type":"text/x-python","patch_set":8,"id":"2617f4ca_1e6f7802","line":858,"range":{"start_line":848,"start_character":8,"end_line":858,"end_character":9},"in_reply_to":"fddbedb0_8b0cff02","updated":"2022-05-25 03:06:32.000000000","message":"Thank you for your comment.\nOAuth 2.0 authentication is compatible with traditional application credential authentication.\nThat is, it includes the x-auth-token and the OAuth 2.0 header at the same time.\nTherefore, the code in this section is intended to test whether you have obtained a token of application credential.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"aef78d13d240791ab540e3c19c8338d2e13c534e","unresolved":true,"context_lines":[{"line_number":914,"context_line":"        self.assertRequestHeaderEqual(\u0027X-Auth-Token\u0027, self.TEST_TOKEN)"},{"line_number":915,"context_line":"        self.assertEqual(200, resp.status_code)"},{"line_number":916,"context_line":""},{"line_number":917,"context_line":"    def test_oauth2_client_credential_method_base_header_none(self):"},{"line_number":918,"context_line":"        base_https \u003d self.TEST_URL.replace(\u0027http:\u0027, \u0027https:\u0027)"},{"line_number":919,"context_line":"        oauth2_endpoint \u003d f\u0027{base_https}/oauth_token\u0027"},{"line_number":920,"context_line":"        oauth2_token \u003d \u0027HW9bB6oYWJywz6mAN_KyIBXlof15Pk\u0027"}],"source_content_type":"text/x-python","patch_set":8,"id":"5f29a52f_48304d1c","line":917,"range":{"start_line":917,"start_character":45,"end_line":917,"end_character":61},"updated":"2022-04-28 12:49:38.000000000","message":"Could you please elaborate on what this is testing specifically and why is it required?","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"2cfaefa40b0636cd3d6c9e1a0a47ea4f94df12fd","unresolved":true,"context_lines":[{"line_number":914,"context_line":"        self.assertRequestHeaderEqual(\u0027X-Auth-Token\u0027, self.TEST_TOKEN)"},{"line_number":915,"context_line":"        self.assertEqual(200, resp.status_code)"},{"line_number":916,"context_line":""},{"line_number":917,"context_line":"    def test_oauth2_client_credential_method_base_header_none(self):"},{"line_number":918,"context_line":"        base_https \u003d self.TEST_URL.replace(\u0027http:\u0027, \u0027https:\u0027)"},{"line_number":919,"context_line":"        oauth2_endpoint \u003d f\u0027{base_https}/oauth_token\u0027"},{"line_number":920,"context_line":"        oauth2_token \u003d \u0027HW9bB6oYWJywz6mAN_KyIBXlof15Pk\u0027"}],"source_content_type":"text/x-python","patch_set":8,"id":"1dd4d734_8ad51605","line":917,"range":{"start_line":917,"start_character":45,"end_line":917,"end_character":61},"in_reply_to":"5f29a52f_48304d1c","updated":"2022-05-25 03:06:32.000000000","message":"Thank you for your comment.\nThere is usually no case where the header is none.\nThis code is used to test an abnormal system in a unit test.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"}],"tox.ini":[{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"aef78d13d240791ab540e3c19c8338d2e13c534e","unresolved":true,"context_lines":[{"line_number":10,"context_line":"         OS_STDOUT_NOCAPTURE\u003dFalse"},{"line_number":11,"context_line":"         OS_STDERR_NOCAPTURE\u003dFalse"},{"line_number":12,"context_line":"deps \u003d"},{"line_number":13,"context_line":"    -c{env:UPPER_CONSTRAINTS_FILE:http://opendev.org/openstack/requirements/raw/branch/master/upper-constraints.txt}"},{"line_number":14,"context_line":"    -r{toxinidir}/test-requirements.txt"},{"line_number":15,"context_line":"    -r{toxinidir}/requirements.txt"},{"line_number":16,"context_line":"commands \u003d stestr run {posargs}"}],"source_content_type":"text/x-properties","patch_set":8,"id":"9e301e20_9348c430","line":13,"range":{"start_line":13,"start_character":34,"end_line":13,"end_character":38},"updated":"2022-04-28 12:49:38.000000000","message":"Why was this changed? it seems unrelated to the patch. Comment applies to all 3 instances in this file.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"eff35f606db8c6ffe7ea67e246faf996eb2e9b0d","unresolved":true,"context_lines":[{"line_number":10,"context_line":"         OS_STDOUT_NOCAPTURE\u003dFalse"},{"line_number":11,"context_line":"         OS_STDERR_NOCAPTURE\u003dFalse"},{"line_number":12,"context_line":"deps \u003d"},{"line_number":13,"context_line":"    -c{env:UPPER_CONSTRAINTS_FILE:http://opendev.org/openstack/requirements/raw/branch/master/upper-constraints.txt}"},{"line_number":14,"context_line":"    -r{toxinidir}/test-requirements.txt"},{"line_number":15,"context_line":"    -r{toxinidir}/requirements.txt"},{"line_number":16,"context_line":"commands \u003d stestr run {posargs}"}],"source_content_type":"text/x-properties","patch_set":8,"id":"7f9074e7_11542722","line":13,"range":{"start_line":13,"start_character":34,"end_line":13,"end_character":38},"in_reply_to":"9e301e20_9348c430","updated":"2022-05-31 08:44:00.000000000","message":"The changes to tox.ini were incorrect and have been restored.","commit_id":"4ec93c202c7765193dcf58b3a02cc8d0008d1ca0"}]}