)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"5f3fc3d6c81dc5326a9b9fae8a6dc0b7e21c694b","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"5438c55d_5a5580bc","updated":"2022-03-01 06:29:19.000000000","message":"Thank you for the patch.\n\nPlease kindly find my comments.","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"1162bcde761b368265de30cb82fbb1dc63af49d2","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"efd87c6a_53c393b8","in_reply_to":"5438c55d_5a5580bc","updated":"2022-03-02 05:42:25.000000000","message":"All comments have been fixed.","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"1162bcde761b368265de30cb82fbb1dc63af49d2","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"50cc08ee_85500cb4","updated":"2022-03-02 05:42:25.000000000","message":"All comments in Patchset3 have been fixed. Please check to confirm.","commit_id":"48b6a75566179607df5f38592569045c638e7a26"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"11687fbcf77833ec9fe984d2464ef333ea9964ba","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"0a818ac8_bd463d2d","updated":"2022-06-21 14:42:20.000000000","message":"Ah, had forgotten to publish my comments from some time ago. ","commit_id":"07464e066c61c315313c878d9977fb7cf23016da"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"48dc996ccdc9e20cc19c3d4bc5b2b0f692c95d46","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"2f799fe0_7b24b756","updated":"2022-03-09 02:02:39.000000000","message":"Thank you for re-work","commit_id":"07464e066c61c315313c878d9977fb7cf23016da"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"bbec42d6b687005479809bc4622160abc80df357","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":19,"id":"dcd6b256_32fda264","updated":"2022-08-26 14:30:44.000000000","message":"LGTM, thank you. ","commit_id":"f7ac6a1b24e584ab6264f66636a58011a4f3c7af"}],"keystonemiddleware/oauth2_token.py":[{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"5f3fc3d6c81dc5326a9b9fae8a6dc0b7e21c694b","unresolved":true,"context_lines":[{"line_number":26,"context_line":"_LOG \u003d logging.getLogger(__name__)"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"class Auth2Protocol(AuthProtocol):"},{"line_number":30,"context_line":"    \"\"\"Middleware that handles OAuth2.0 client credentials authentication.\"\"\""},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"    def __init__(self, app, conf):"}],"source_content_type":"text/x-python","patch_set":3,"id":"2c6d24b4_e84441c6","line":29,"updated":"2022-03-01 06:29:19.000000000","message":"``OAuth2Protcol`` or ``OAuth2AuthProtocol`` might be better.","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"1162bcde761b368265de30cb82fbb1dc63af49d2","unresolved":true,"context_lines":[{"line_number":26,"context_line":"_LOG \u003d logging.getLogger(__name__)"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"class Auth2Protocol(AuthProtocol):"},{"line_number":30,"context_line":"    \"\"\"Middleware that handles OAuth2.0 client credentials authentication.\"\"\""},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"    def __init__(self, app, conf):"}],"source_content_type":"text/x-python","patch_set":3,"id":"a2b2e846_7a33160a","line":29,"in_reply_to":"2c6d24b4_e84441c6","updated":"2022-03-02 05:42:25.000000000","message":"Has been changed to \"OAuth2Protcol\"","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"48dc996ccdc9e20cc19c3d4bc5b2b0f692c95d46","unresolved":false,"context_lines":[{"line_number":26,"context_line":"_LOG \u003d logging.getLogger(__name__)"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"class Auth2Protocol(AuthProtocol):"},{"line_number":30,"context_line":"    \"\"\"Middleware that handles OAuth2.0 client credentials authentication.\"\"\""},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"    def __init__(self, app, conf):"}],"source_content_type":"text/x-python","patch_set":3,"id":"48db4618_73b72fa7","line":29,"in_reply_to":"a2b2e846_7a33160a","updated":"2022-03-09 02:02:39.000000000","message":"Ack","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"5f3fc3d6c81dc5326a9b9fae8a6dc0b7e21c694b","unresolved":true,"context_lines":[{"line_number":55,"context_line":"                self._validate_token(user_auth_ref,"},{"line_number":56,"context_line":"                                     allow_expired\u003dFalse)"},{"line_number":57,"context_line":"                token \u003d token_data[\u0027token\u0027]"},{"line_number":58,"context_line":"                app_cred \u003d token.get(\u0027application_credential\u0027, None)"},{"line_number":59,"context_line":"                if app_cred:"},{"line_number":60,"context_line":"                    self.validate_allowed_request(request, token)"},{"line_number":61,"context_line":"                    self._confirm_token_bind(user_auth_ref, request)"}],"source_content_type":"text/x-python","patch_set":3,"id":"9c2e87f9_f4aa204b","line":58,"range":{"start_line":58,"start_character":0,"end_line":58,"end_character":68},"updated":"2022-03-01 06:29:19.000000000","message":"You can remove ``None`` from the second argument as it\u0027s a default value of the ``get`` method.\n\n```\n                app_cred \u003d token.get(\u0027application_credential\u0027)\n```","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"48dc996ccdc9e20cc19c3d4bc5b2b0f692c95d46","unresolved":false,"context_lines":[{"line_number":55,"context_line":"                self._validate_token(user_auth_ref,"},{"line_number":56,"context_line":"                                     allow_expired\u003dFalse)"},{"line_number":57,"context_line":"                token \u003d token_data[\u0027token\u0027]"},{"line_number":58,"context_line":"                app_cred \u003d token.get(\u0027application_credential\u0027, None)"},{"line_number":59,"context_line":"                if app_cred:"},{"line_number":60,"context_line":"                    self.validate_allowed_request(request, token)"},{"line_number":61,"context_line":"                    self._confirm_token_bind(user_auth_ref, request)"}],"source_content_type":"text/x-python","patch_set":3,"id":"6a000312_aa5fec69","line":58,"range":{"start_line":58,"start_character":0,"end_line":58,"end_character":68},"in_reply_to":"9816e926_9e3a2d29","updated":"2022-03-09 02:02:39.000000000","message":"Ack","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"1162bcde761b368265de30cb82fbb1dc63af49d2","unresolved":true,"context_lines":[{"line_number":55,"context_line":"                self._validate_token(user_auth_ref,"},{"line_number":56,"context_line":"                                     allow_expired\u003dFalse)"},{"line_number":57,"context_line":"                token \u003d token_data[\u0027token\u0027]"},{"line_number":58,"context_line":"                app_cred \u003d token.get(\u0027application_credential\u0027, None)"},{"line_number":59,"context_line":"                if app_cred:"},{"line_number":60,"context_line":"                    self.validate_allowed_request(request, token)"},{"line_number":61,"context_line":"                    self._confirm_token_bind(user_auth_ref, request)"}],"source_content_type":"text/x-python","patch_set":3,"id":"9816e926_9e3a2d29","line":58,"range":{"start_line":58,"start_character":0,"end_line":58,"end_character":68},"in_reply_to":"9c2e87f9_f4aa204b","updated":"2022-03-02 05:42:25.000000000","message":"Has removed \u0027None\u0027 from the second argument.","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"5f3fc3d6c81dc5326a9b9fae8a6dc0b7e21c694b","unresolved":true,"context_lines":[{"line_number":43,"context_line":""},{"line_number":44,"context_line":"        request.remove_auth_headers()"},{"line_number":45,"context_line":"        self._token_cache.initialize(request.environ)"},{"line_number":46,"context_line":"        access_token \u003d None"},{"line_number":47,"context_line":"        if (request.authorization and"},{"line_number":48,"context_line":"                request.authorization.authtype \u003d\u003d \u0027Bearer\u0027):"},{"line_number":49,"context_line":"            access_token \u003d request.authorization.params"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":"        if access_token:"},{"line_number":52,"context_line":"            try:"},{"line_number":53,"context_line":"                token_data, user_auth_ref \u003d self._do_fetch_token("},{"line_number":54,"context_line":"                    access_token, allow_expired\u003dFalse)"},{"line_number":55,"context_line":"                self._validate_token(user_auth_ref,"},{"line_number":56,"context_line":"                                     allow_expired\u003dFalse)"},{"line_number":57,"context_line":"                token \u003d token_data[\u0027token\u0027]"},{"line_number":58,"context_line":"                app_cred \u003d token.get(\u0027application_credential\u0027, None)"},{"line_number":59,"context_line":"                if app_cred:"},{"line_number":60,"context_line":"                    self.validate_allowed_request(request, token)"},{"line_number":61,"context_line":"                    self._confirm_token_bind(user_auth_ref, request)"},{"line_number":62,"context_line":"                    oauth2_access_token_valid \u003d True"},{"line_number":63,"context_line":"                    request.token_info \u003d token_data"},{"line_number":64,"context_line":"                    request.token_auth \u003d _user_plugin.UserAuthPlugin("},{"line_number":65,"context_line":"                        user_auth_ref, None)"},{"line_number":66,"context_line":"                else:"},{"line_number":67,"context_line":"                    _LOG.info(\u0027Invalid OAuth2.0 access token: The token is not\u0027"},{"line_number":68,"context_line":"                              \u0027 an application credential token.\u0027)"},{"line_number":69,"context_line":"                    oauth2_access_token_valid \u003d False"},{"line_number":70,"context_line":"            except exceptions.KeystoneMiddlewareException as err:"},{"line_number":71,"context_line":"                _LOG.info(\u0027Invalid OAuth2.0 access token: %s\u0027 % str(err))"},{"line_number":72,"context_line":"                oauth2_access_token_valid \u003d False"},{"line_number":73,"context_line":"        else:"},{"line_number":74,"context_line":"            oauth2_access_token_valid \u003d False"},{"line_number":75,"context_line":"        if oauth2_access_token_valid \\"},{"line_number":76,"context_line":"                and \"keystone.token_info\" in request.environ \\"},{"line_number":77,"context_line":"                and \"token\" in request.environ[\"keystone.token_info\"]:"}],"source_content_type":"text/x-python","patch_set":3,"id":"6485246b_e8f6fb6f","line":74,"range":{"start_line":46,"start_character":0,"end_line":74,"end_character":45},"updated":"2022-03-01 06:29:19.000000000","message":"Please consider to make this part a function.\n\nSomething like this.\n\n```\n    def _is_valid_access_token(self, request):\n        access_token \u003d None\n        if (request.authorization and\n                request.authorization.authtype \u003d\u003d \u0027Bearer\u0027):\n            access_token \u003d request.authorization.params\n\n        if access_token:\n            try:\n                token_data, user_auth_ref \u003d self._do_fetch_token(\n                    access_token, allow_expired\u003dFalse)\n                self._validate_token(user_auth_ref,\n                                     allow_expired\u003dFalse)\n                token \u003d token_data[\u0027token\u0027]\n                app_cred \u003d token.get(\u0027application_credential\u0027, None)\n                if app_cred:\n                    self.validate_allowed_request(request, token)\n                    self._confirm_token_bind(user_auth_ref, request)\n                    request.token_info \u003d token_data\n                    request.token_auth \u003d _user_plugin.UserAuthPlugin(\n                        user_auth_ref, None)\n                    return True\n                else:\n                    _LOG.info(\u0027Invalid OAuth2.0 access token: The token is not\u0027\n                              \u0027 an application credential token.\u0027)\n            except exceptions.KeystoneMiddlewareException as err:\n                _LOG.info(\u0027Invalid OAuth2.0 access token: %s\u0027 % str(err))\n        return False\n```","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"1162bcde761b368265de30cb82fbb1dc63af49d2","unresolved":true,"context_lines":[{"line_number":43,"context_line":""},{"line_number":44,"context_line":"        request.remove_auth_headers()"},{"line_number":45,"context_line":"        self._token_cache.initialize(request.environ)"},{"line_number":46,"context_line":"        access_token \u003d None"},{"line_number":47,"context_line":"        if (request.authorization and"},{"line_number":48,"context_line":"                request.authorization.authtype \u003d\u003d \u0027Bearer\u0027):"},{"line_number":49,"context_line":"            access_token \u003d request.authorization.params"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":"        if access_token:"},{"line_number":52,"context_line":"            try:"},{"line_number":53,"context_line":"                token_data, user_auth_ref \u003d self._do_fetch_token("},{"line_number":54,"context_line":"                    access_token, allow_expired\u003dFalse)"},{"line_number":55,"context_line":"                self._validate_token(user_auth_ref,"},{"line_number":56,"context_line":"                                     allow_expired\u003dFalse)"},{"line_number":57,"context_line":"                token \u003d token_data[\u0027token\u0027]"},{"line_number":58,"context_line":"                app_cred \u003d token.get(\u0027application_credential\u0027, None)"},{"line_number":59,"context_line":"                if app_cred:"},{"line_number":60,"context_line":"                    self.validate_allowed_request(request, token)"},{"line_number":61,"context_line":"                    self._confirm_token_bind(user_auth_ref, request)"},{"line_number":62,"context_line":"                    oauth2_access_token_valid \u003d True"},{"line_number":63,"context_line":"                    request.token_info \u003d token_data"},{"line_number":64,"context_line":"                    request.token_auth \u003d _user_plugin.UserAuthPlugin("},{"line_number":65,"context_line":"                        user_auth_ref, None)"},{"line_number":66,"context_line":"                else:"},{"line_number":67,"context_line":"                    _LOG.info(\u0027Invalid OAuth2.0 access token: The token is not\u0027"},{"line_number":68,"context_line":"                              \u0027 an application credential token.\u0027)"},{"line_number":69,"context_line":"                    oauth2_access_token_valid \u003d False"},{"line_number":70,"context_line":"            except exceptions.KeystoneMiddlewareException as err:"},{"line_number":71,"context_line":"                _LOG.info(\u0027Invalid OAuth2.0 access token: %s\u0027 % str(err))"},{"line_number":72,"context_line":"                oauth2_access_token_valid \u003d False"},{"line_number":73,"context_line":"        else:"},{"line_number":74,"context_line":"            oauth2_access_token_valid \u003d False"},{"line_number":75,"context_line":"        if oauth2_access_token_valid \\"},{"line_number":76,"context_line":"                and \"keystone.token_info\" in request.environ \\"},{"line_number":77,"context_line":"                and \"token\" in request.environ[\"keystone.token_info\"]:"}],"source_content_type":"text/x-python","patch_set":3,"id":"89b1b119_4b68c548","line":74,"range":{"start_line":46,"start_character":0,"end_line":74,"end_character":45},"in_reply_to":"6485246b_e8f6fb6f","updated":"2022-03-02 05:42:25.000000000","message":"The private method has been added.","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"48dc996ccdc9e20cc19c3d4bc5b2b0f692c95d46","unresolved":false,"context_lines":[{"line_number":43,"context_line":""},{"line_number":44,"context_line":"        request.remove_auth_headers()"},{"line_number":45,"context_line":"        self._token_cache.initialize(request.environ)"},{"line_number":46,"context_line":"        access_token \u003d None"},{"line_number":47,"context_line":"        if (request.authorization and"},{"line_number":48,"context_line":"                request.authorization.authtype \u003d\u003d \u0027Bearer\u0027):"},{"line_number":49,"context_line":"            access_token \u003d request.authorization.params"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":"        if access_token:"},{"line_number":52,"context_line":"            try:"},{"line_number":53,"context_line":"                token_data, user_auth_ref \u003d self._do_fetch_token("},{"line_number":54,"context_line":"                    access_token, allow_expired\u003dFalse)"},{"line_number":55,"context_line":"                self._validate_token(user_auth_ref,"},{"line_number":56,"context_line":"                                     allow_expired\u003dFalse)"},{"line_number":57,"context_line":"                token \u003d token_data[\u0027token\u0027]"},{"line_number":58,"context_line":"                app_cred \u003d token.get(\u0027application_credential\u0027, None)"},{"line_number":59,"context_line":"                if app_cred:"},{"line_number":60,"context_line":"                    self.validate_allowed_request(request, token)"},{"line_number":61,"context_line":"                    self._confirm_token_bind(user_auth_ref, request)"},{"line_number":62,"context_line":"                    oauth2_access_token_valid \u003d True"},{"line_number":63,"context_line":"                    request.token_info \u003d token_data"},{"line_number":64,"context_line":"                    request.token_auth \u003d _user_plugin.UserAuthPlugin("},{"line_number":65,"context_line":"                        user_auth_ref, None)"},{"line_number":66,"context_line":"                else:"},{"line_number":67,"context_line":"                    _LOG.info(\u0027Invalid OAuth2.0 access token: The token is not\u0027"},{"line_number":68,"context_line":"                              \u0027 an application credential token.\u0027)"},{"line_number":69,"context_line":"                    oauth2_access_token_valid \u003d False"},{"line_number":70,"context_line":"            except exceptions.KeystoneMiddlewareException as err:"},{"line_number":71,"context_line":"                _LOG.info(\u0027Invalid OAuth2.0 access token: %s\u0027 % str(err))"},{"line_number":72,"context_line":"                oauth2_access_token_valid \u003d False"},{"line_number":73,"context_line":"        else:"},{"line_number":74,"context_line":"            oauth2_access_token_valid \u003d False"},{"line_number":75,"context_line":"        if oauth2_access_token_valid \\"},{"line_number":76,"context_line":"                and \"keystone.token_info\" in request.environ \\"},{"line_number":77,"context_line":"                and \"token\" in request.environ[\"keystone.token_info\"]:"}],"source_content_type":"text/x-python","patch_set":3,"id":"5e72da5d_cc92266b","line":74,"range":{"start_line":46,"start_character":0,"end_line":74,"end_character":45},"in_reply_to":"89b1b119_4b68c548","updated":"2022-03-09 02:02:39.000000000","message":"Ack","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"5f3fc3d6c81dc5326a9b9fae8a6dc0b7e21c694b","unresolved":true,"context_lines":[{"line_number":72,"context_line":"                oauth2_access_token_valid \u003d False"},{"line_number":73,"context_line":"        else:"},{"line_number":74,"context_line":"            oauth2_access_token_valid \u003d False"},{"line_number":75,"context_line":"        if oauth2_access_token_valid \\"},{"line_number":76,"context_line":"                and \"keystone.token_info\" in request.environ \\"},{"line_number":77,"context_line":"                and \"token\" in request.environ[\"keystone.token_info\"]:"},{"line_number":78,"context_line":"            request.set_user_headers(request.token_auth.user)"},{"line_number":79,"context_line":"            request.set_service_catalog_headers(request.token_auth.user)"},{"line_number":80,"context_line":"            request.token_auth._auth \u003d self._auth"},{"line_number":81,"context_line":"            request.token_auth._session \u003d self._session"},{"line_number":82,"context_line":"        else:"},{"line_number":83,"context_line":"            _LOG.info(\u0027Rejecting request\u0027)"},{"line_number":84,"context_line":"            message \u003d _(\u0027The request you have made requires authentication.\u0027)"},{"line_number":85,"context_line":"            body \u003d {\u0027error\u0027: {"},{"line_number":86,"context_line":"                \u0027code\u0027: 401,"},{"line_number":87,"context_line":"                \u0027title\u0027: \u0027Unauthorized\u0027,"},{"line_number":88,"context_line":"                \u0027message\u0027: message,"},{"line_number":89,"context_line":"            }}"},{"line_number":90,"context_line":"            raise webob.exc.HTTPUnauthorized("},{"line_number":91,"context_line":"                body\u003djsonutils.dumps(body),"},{"line_number":92,"context_line":"                headers\u003dself._reject_auth_headers,"},{"line_number":93,"context_line":"                charset\u003d\u0027UTF-8\u0027,"},{"line_number":94,"context_line":"                content_type\u003d\u0027application/json\u0027)"},{"line_number":95,"context_line":""},{"line_number":96,"context_line":""}],"source_content_type":"text/x-python","patch_set":3,"id":"43da8949_4d48a7ed","line":93,"range":{"start_line":75,"start_character":0,"end_line":93,"end_character":32},"updated":"2022-03-01 06:29:19.000000000","message":"If the contents of the above comment work.\nThis part can be\n```\n        if (\"keystone.token_info\" not in request.environ\n                or \"token\" not in request.environ[\"keystone.token_info\"]\n                or not self._is_valid_access_token(request)):\n            _LOG.info(\u0027Rejecting request\u0027)\n            message \u003d _(\u0027The request you have made requires authentication.\u0027)\n            body \u003d {\u0027error\u0027: {\n                \u0027code\u0027: 401,\n                \u0027title\u0027: \u0027Unauthorized\u0027,\n                \u0027message\u0027: message,\n            }}\n            raise webob.exc.HTTPUnauthorized(\n                body\u003djsonutils.dumps(body),\n                headers\u003dself._reject_auth_headers,\n                charset\u003d\u0027UTF-8\u0027,\n                content_type\u003d\u0027application/json\u0027)\n\n        request.set_user_headers(request.token_auth.user)\n        request.set_service_catalog_headers(request.token_auth.user)\n        request.token_auth._auth \u003d self._auth\n        request.token_auth._session \u003d self._session\n```\n\nEven if the above suggestions don\u0027t work, I think these parts can be more simple.","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33492,"name":"Yi Feng","email":"fengyi@fujitsu.com","username":"YiFeng"},"change_message_id":"1162bcde761b368265de30cb82fbb1dc63af49d2","unresolved":true,"context_lines":[{"line_number":72,"context_line":"                oauth2_access_token_valid \u003d False"},{"line_number":73,"context_line":"        else:"},{"line_number":74,"context_line":"            oauth2_access_token_valid \u003d False"},{"line_number":75,"context_line":"        if oauth2_access_token_valid \\"},{"line_number":76,"context_line":"                and \"keystone.token_info\" in request.environ \\"},{"line_number":77,"context_line":"                and \"token\" in request.environ[\"keystone.token_info\"]:"},{"line_number":78,"context_line":"            request.set_user_headers(request.token_auth.user)"},{"line_number":79,"context_line":"            request.set_service_catalog_headers(request.token_auth.user)"},{"line_number":80,"context_line":"            request.token_auth._auth \u003d self._auth"},{"line_number":81,"context_line":"            request.token_auth._session \u003d self._session"},{"line_number":82,"context_line":"        else:"},{"line_number":83,"context_line":"            _LOG.info(\u0027Rejecting request\u0027)"},{"line_number":84,"context_line":"            message \u003d _(\u0027The request you have made requires authentication.\u0027)"},{"line_number":85,"context_line":"            body \u003d {\u0027error\u0027: {"},{"line_number":86,"context_line":"                \u0027code\u0027: 401,"},{"line_number":87,"context_line":"                \u0027title\u0027: \u0027Unauthorized\u0027,"},{"line_number":88,"context_line":"                \u0027message\u0027: message,"},{"line_number":89,"context_line":"            }}"},{"line_number":90,"context_line":"            raise webob.exc.HTTPUnauthorized("},{"line_number":91,"context_line":"                body\u003djsonutils.dumps(body),"},{"line_number":92,"context_line":"                headers\u003dself._reject_auth_headers,"},{"line_number":93,"context_line":"                charset\u003d\u0027UTF-8\u0027,"},{"line_number":94,"context_line":"                content_type\u003d\u0027application/json\u0027)"},{"line_number":95,"context_line":""},{"line_number":96,"context_line":""}],"source_content_type":"text/x-python","patch_set":3,"id":"8c102a98_aa95ca79","line":93,"range":{"start_line":75,"start_character":0,"end_line":93,"end_character":32},"in_reply_to":"43da8949_4d48a7ed","updated":"2022-03-02 05:42:25.000000000","message":"Has modified.The order of conditional statements has been adjusted.\nif (not self._is_valid_access_token(request)\n        or \"keystone.token_info\" not in request.environ\n        or \"token\" not in request.environ[\"keystone.token_info\"]):","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":33455,"name":"Hiromu Asahina","email":"hiromu.a5a@gmail.com","username":"h_asahina"},"change_message_id":"48dc996ccdc9e20cc19c3d4bc5b2b0f692c95d46","unresolved":false,"context_lines":[{"line_number":72,"context_line":"                oauth2_access_token_valid \u003d False"},{"line_number":73,"context_line":"        else:"},{"line_number":74,"context_line":"            oauth2_access_token_valid \u003d False"},{"line_number":75,"context_line":"        if oauth2_access_token_valid \\"},{"line_number":76,"context_line":"                and \"keystone.token_info\" in request.environ \\"},{"line_number":77,"context_line":"                and \"token\" in request.environ[\"keystone.token_info\"]:"},{"line_number":78,"context_line":"            request.set_user_headers(request.token_auth.user)"},{"line_number":79,"context_line":"            request.set_service_catalog_headers(request.token_auth.user)"},{"line_number":80,"context_line":"            request.token_auth._auth \u003d self._auth"},{"line_number":81,"context_line":"            request.token_auth._session \u003d self._session"},{"line_number":82,"context_line":"        else:"},{"line_number":83,"context_line":"            _LOG.info(\u0027Rejecting request\u0027)"},{"line_number":84,"context_line":"            message \u003d _(\u0027The request you have made requires authentication.\u0027)"},{"line_number":85,"context_line":"            body \u003d {\u0027error\u0027: {"},{"line_number":86,"context_line":"                \u0027code\u0027: 401,"},{"line_number":87,"context_line":"                \u0027title\u0027: \u0027Unauthorized\u0027,"},{"line_number":88,"context_line":"                \u0027message\u0027: message,"},{"line_number":89,"context_line":"            }}"},{"line_number":90,"context_line":"            raise webob.exc.HTTPUnauthorized("},{"line_number":91,"context_line":"                body\u003djsonutils.dumps(body),"},{"line_number":92,"context_line":"                headers\u003dself._reject_auth_headers,"},{"line_number":93,"context_line":"                charset\u003d\u0027UTF-8\u0027,"},{"line_number":94,"context_line":"                content_type\u003d\u0027application/json\u0027)"},{"line_number":95,"context_line":""},{"line_number":96,"context_line":""}],"source_content_type":"text/x-python","patch_set":3,"id":"1cc7f35e_8899f0ca","line":93,"range":{"start_line":75,"start_character":0,"end_line":93,"end_character":32},"in_reply_to":"8c102a98_aa95ca79","updated":"2022-03-09 02:02:39.000000000","message":"Ack","commit_id":"0b2f31948dffb1a4563f64ce86e4b9a6edc2b539"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"11687fbcf77833ec9fe984d2464ef333ea9964ba","unresolved":true,"context_lines":[{"line_number":26,"context_line":"_LOG \u003d logging.getLogger(__name__)"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"class OAuth2Protcol(AuthProtocol):"},{"line_number":30,"context_line":"    \"\"\"Middleware that handles OAuth2.0 client credentials authentication.\"\"\""},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"    def __init__(self, app, conf):"}],"source_content_type":"text/x-python","patch_set":7,"id":"7481ec50_38c015a1","line":29,"range":{"start_line":29,"start_character":6,"end_line":29,"end_character":19},"updated":"2022-06-21 14:42:20.000000000","message":"nitpick: typo","commit_id":"07464e066c61c315313c878d9977fb7cf23016da"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"3f208bbeb935b0d50e77825cac836dab70d85445","unresolved":true,"context_lines":[{"line_number":26,"context_line":"_LOG \u003d logging.getLogger(__name__)"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"class OAuth2Protcol(AuthProtocol):"},{"line_number":30,"context_line":"    \"\"\"Middleware that handles OAuth2.0 client credentials authentication.\"\"\""},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"    def __init__(self, app, conf):"}],"source_content_type":"text/x-python","patch_set":7,"id":"adfe4570_d9eb1ec1","line":29,"range":{"start_line":29,"start_character":6,"end_line":29,"end_character":19},"in_reply_to":"7481ec50_38c015a1","updated":"2022-07-22 04:08:39.000000000","message":"I fixed it according to the comment.\n(Patchset 8)","commit_id":"07464e066c61c315313c878d9977fb7cf23016da"},{"author":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"change_message_id":"e47dbf207caa0c11df4fe0dd9825c219be3a34d8","unresolved":false,"context_lines":[{"line_number":26,"context_line":"_LOG \u003d logging.getLogger(__name__)"},{"line_number":27,"context_line":""},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"class OAuth2Protcol(AuthProtocol):"},{"line_number":30,"context_line":"    \"\"\"Middleware that handles OAuth2.0 client credentials authentication.\"\"\""},{"line_number":31,"context_line":""},{"line_number":32,"context_line":"    def __init__(self, app, conf):"}],"source_content_type":"text/x-python","patch_set":7,"id":"ff924481_e0602d29","line":29,"range":{"start_line":29,"start_character":6,"end_line":29,"end_character":19},"in_reply_to":"adfe4570_d9eb1ec1","updated":"2022-08-26 15:15:18.000000000","message":"Done","commit_id":"07464e066c61c315313c878d9977fb7cf23016da"},{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"11687fbcf77833ec9fe984d2464ef333ea9964ba","unresolved":true,"context_lines":[{"line_number":61,"context_line":"                    request.token_auth \u003d _user_plugin.UserAuthPlugin("},{"line_number":62,"context_line":"                        user_auth_ref, None)"},{"line_number":63,"context_line":"                    return True"},{"line_number":64,"context_line":"                else:"},{"line_number":65,"context_line":"                    _LOG.info(\u0027Invalid OAuth2.0 access token: The token is not\u0027"},{"line_number":66,"context_line":"                              \u0027 an application credential token.\u0027)"},{"line_number":67,"context_line":"            except exceptions.KeystoneMiddlewareException as err:"},{"line_number":68,"context_line":"                _LOG.info(\u0027Invalid OAuth2.0 access token: %s\u0027 % str(err))"},{"line_number":69,"context_line":"        return False"}],"source_content_type":"text/x-python","patch_set":7,"id":"e299f54e_3ae290c1","line":66,"range":{"start_line":64,"start_character":16,"end_line":66,"end_character":66},"updated":"2022-06-21 14:42:20.000000000","message":"This check enforces that tokens that can be provided via \u0027Authorization: Bearer\u0027 only be tokens obtained through an application credential. I don\u0027t feel strongly (pro or against) that this check should be here, but if we removed it, then tokens obtained via other methods could also be passed in a OAuth 2.0 compliant manner via the Authorization header. This decouples the authentication bit to obtain the token with the how the token is sent over to the services and verified. There is nothing particularly different between these tokens.","commit_id":"07464e066c61c315313c878d9977fb7cf23016da"},{"author":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"change_message_id":"e47dbf207caa0c11df4fe0dd9825c219be3a34d8","unresolved":false,"context_lines":[{"line_number":61,"context_line":"                    request.token_auth \u003d _user_plugin.UserAuthPlugin("},{"line_number":62,"context_line":"                        user_auth_ref, None)"},{"line_number":63,"context_line":"                    return True"},{"line_number":64,"context_line":"                else:"},{"line_number":65,"context_line":"                    _LOG.info(\u0027Invalid OAuth2.0 access token: The token is not\u0027"},{"line_number":66,"context_line":"                              \u0027 an application credential token.\u0027)"},{"line_number":67,"context_line":"            except exceptions.KeystoneMiddlewareException as err:"},{"line_number":68,"context_line":"                _LOG.info(\u0027Invalid OAuth2.0 access token: %s\u0027 % str(err))"},{"line_number":69,"context_line":"        return False"}],"source_content_type":"text/x-python","patch_set":7,"id":"02748d8a_e62d6b39","line":66,"range":{"start_line":64,"start_character":16,"end_line":66,"end_character":66},"in_reply_to":"6354a90a_e12af691","updated":"2022-08-26 15:15:18.000000000","message":"Done","commit_id":"07464e066c61c315313c878d9977fb7cf23016da"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"3f208bbeb935b0d50e77825cac836dab70d85445","unresolved":true,"context_lines":[{"line_number":61,"context_line":"                    request.token_auth \u003d _user_plugin.UserAuthPlugin("},{"line_number":62,"context_line":"                        user_auth_ref, None)"},{"line_number":63,"context_line":"                    return True"},{"line_number":64,"context_line":"                else:"},{"line_number":65,"context_line":"                    _LOG.info(\u0027Invalid OAuth2.0 access token: The token is not\u0027"},{"line_number":66,"context_line":"                              \u0027 an application credential token.\u0027)"},{"line_number":67,"context_line":"            except exceptions.KeystoneMiddlewareException as err:"},{"line_number":68,"context_line":"                _LOG.info(\u0027Invalid OAuth2.0 access token: %s\u0027 % str(err))"},{"line_number":69,"context_line":"        return False"}],"source_content_type":"text/x-python","patch_set":7,"id":"6354a90a_e12af691","line":66,"range":{"start_line":64,"start_character":16,"end_line":66,"end_character":66},"in_reply_to":"e299f54e_3ae290c1","updated":"2022-07-22 04:08:39.000000000","message":"I fixed it according to the comment.\n(Patchset 8)","commit_id":"07464e066c61c315313c878d9977fb7cf23016da"}],"releasenotes/notes/bp-oauth2-client-credentials-ext-19a40c655ee43f57.yaml":[{"author":{"_account_id":16465,"name":"Kristi Nikolla","email":"knikolla@bu.edu","username":"knikolla"},"change_message_id":"2a38a4639de487b2214386523f295dd0c333c767","unresolved":true,"context_lines":[{"line_number":5,"context_line":"    The oauth2_token filter has been added for accepting or denying incoming"},{"line_number":6,"context_line":"    requests containing OAuth2.0 client credentials access tokens that are"},{"line_number":7,"context_line":"    obtained from keystone identity server by users through their application"},{"line_number":8,"context_line":"    credentials."}],"source_content_type":"text/x-yaml","patch_set":17,"id":"1a852476_1edc9f64","line":8,"updated":"2022-08-09 14:28:38.000000000","message":"this can be simplified to just say \"tokens passed via the Authorization headers as bearer tokens\"","commit_id":"3e57ea77980531fe98027b80cbf7b0a0d672d8c3"},{"author":{"_account_id":33920,"name":"Yusuke Niimi","email":"niimi.yusuke@fujitsu.com","username":"yniimi"},"change_message_id":"6a7e35596a0eca0d702c79b68637939112e9047a","unresolved":true,"context_lines":[{"line_number":5,"context_line":"    The oauth2_token filter has been added for accepting or denying incoming"},{"line_number":6,"context_line":"    requests containing OAuth2.0 client credentials access tokens that are"},{"line_number":7,"context_line":"    obtained from keystone identity server by users through their application"},{"line_number":8,"context_line":"    credentials."}],"source_content_type":"text/x-yaml","patch_set":17,"id":"aba39667_2316958a","line":8,"in_reply_to":"1a852476_1edc9f64","updated":"2022-08-24 08:47:41.000000000","message":"Thank you for your comment.\nAs you commented, it has been revised to be a simple description.\n(Patchset 18)","commit_id":"3e57ea77980531fe98027b80cbf7b0a0d672d8c3"},{"author":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"change_message_id":"e47dbf207caa0c11df4fe0dd9825c219be3a34d8","unresolved":false,"context_lines":[{"line_number":5,"context_line":"    The oauth2_token filter has been added for accepting or denying incoming"},{"line_number":6,"context_line":"    requests containing OAuth2.0 client credentials access tokens that are"},{"line_number":7,"context_line":"    obtained from keystone identity server by users through their application"},{"line_number":8,"context_line":"    credentials."}],"source_content_type":"text/x-yaml","patch_set":17,"id":"d6a55919_29433817","line":8,"in_reply_to":"aba39667_2316958a","updated":"2022-08-26 15:15:18.000000000","message":"Done","commit_id":"3e57ea77980531fe98027b80cbf7b0a0d672d8c3"}]}