Skip to content

Commit 46d54c7

Browse files
ShiChangkuoShiChangkuo
committed
add validation for domain name in AKSK authentication
1 parent 3e00e5c commit 46d54c7

File tree

1 file changed

+17
-15
lines changed

1 file changed

+17
-15
lines changed

openstack/client.go

Lines changed: 17 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -337,21 +337,19 @@ func v3AKSKAuth(client *golangsdk.ProviderClient, endpoint string, options golan
337337
}
338338

339339
if options.DomainID == "" && options.Domain != "" {
340-
id, err := getDomainID(options.Domain, v3Client)
340+
id, err := getDomainID(v3Client, options.Domain)
341341
if err != nil {
342-
options.DomainID = ""
343-
} else {
344-
options.DomainID = id
342+
return err
345343
}
344+
options.DomainID = id
346345
}
347346

348347
if options.BssDomainID == "" && options.BssDomain != "" {
349-
id, err := getDomainID(options.BssDomain, v3Client)
348+
id, err := getDomainID(v3Client, options.BssDomain)
350349
if err != nil {
351-
options.BssDomainID = ""
352-
} else {
353-
options.BssDomainID = id
350+
return err
354351
}
352+
options.BssDomainID = id
355353
}
356354

357355
client.ProjectID = options.ProjectId
@@ -438,16 +436,14 @@ func authWithAgencyByAKSK(client *golangsdk.ProviderClient, endpoint string, opt
438436
return nil
439437
}
440438

441-
func getDomainID(name string, client *golangsdk.ServiceClient) (string, error) {
439+
func getDomainID(client *golangsdk.ServiceClient, name string) (string, error) {
442440
old := client.Endpoint
443441
defer func() { client.Endpoint = old }()
444442

445443
client.Endpoint = old + "auth/"
446444

447-
opts := domains.ListOpts{
448-
Name: name,
449-
}
450-
allPages, err := domains.List(client, &opts).AllPages()
445+
// the List request does not support query options
446+
allPages, err := domains.List(client, nil).AllPages()
451447
if err != nil {
452448
return "", fmt.Errorf("List domains failed, err=%s", err)
453449
}
@@ -461,14 +457,20 @@ func getDomainID(name string, client *golangsdk.ServiceClient) (string, error) {
461457
switch count {
462458
case 0:
463459
err := &golangsdk.ErrResourceNotFound{}
464-
err.ResourceType = "iam"
460+
err.ResourceType = "IAM domain ID"
465461
err.Name = name
466462
return "", err
467463
case 1:
464+
if name != "" && name != all[0].Name {
465+
err := &golangsdk.ErrResourceNotFound{}
466+
err.ResourceType = "IAM domain ID"
467+
err.Name = name
468+
return "", err
469+
}
468470
return all[0].ID, nil
469471
default:
470472
err := &golangsdk.ErrMultipleResourcesFound{}
471-
err.ResourceType = "iam"
473+
err.ResourceType = "IAM domain ID"
472474
err.Name = name
473475
err.Count = count
474476
return "", err

0 commit comments

Comments
 (0)