[Openstack-devel] Upgrading python-oauthlib

[Thomas Goirand]

On 01/26/2014 05:10 AM, Simon Fondrie-Teitler wrote:
> Hi Thomas,
> 
> Thomas Goirand <zigo at debian.org> writes:
>> I am currently trying to upgrade python-oauthlib to upstream version
>> 0.6.1. However, according to my tests, this will break
>> python-requests-oauthlib, which you as well maintain.
>>
>> The thing is, the new oauthlib 0.6.1 is required for Keystone, which is
>> the auth system for OpenStack, for which I'm maintaining about 100
>> packages in Debian. I already have a patch working, but it fails under
>> 0.5.1 (because it seems the API changed...).
> 
> Thanks for bringing this to my attention. What exactly breaks in
> requests-oauthlib? I've not had a chance to test requests-oauthlib with
> oauthlib 0.6.1. I'm guessing it has something to do with this (from the
> ouathlib changelog)?
> 
> "All endpoint methods change contract to return 3 values instead of
> 4. The new signature is headers, body, status code where the initial
> redirect_uri has been relocated to its rightful place inside headers as
> Location."

Thanks for your reply.

I haven't checked, but that's what makes the incompatibility of Keystone
with oauthlib 0.5.x for me, and which makes me require 0.6 indeed.

> I'm also assuming that you tried with the most recent version of
> requests-oauthlib? I notice that there's a newer version out that I've
> yet to package. I'll work on getting that fixed.

Thanks!

> Are you proposing that this get fixed upstream, or in the Debian package
> only? If the former, that sounds reasonable, and I can talk with
> upstream. Do you have a proposal for a fix? 

Of course, it'd be best if the code could be fixed both upstream, and
then in Debian. I unfortunately have no fix for it, though if it's just
a mater of removing a parameter, it shouldn't be too hard to work out
for upstream, I guess.

Cheers,

Thomas