Merge "Use unscoped token for scoping to project"

openstack_auth/backend.py

@@ -144,11 +144,9 @@ def authenticate(self, auth_url=None, **kwargs):
         request = kwargs.get('request')
 
         if request:
-            # Check if token is automatically scoped to default_project
-            # grab the project from this token, to use as a default
-            # if no recent_project is found in the cookie
-            recent_project = request.COOKIES.get('recent_project',
-                                                 unscoped_auth_ref.project_id)
+            # Grab recent_project found in the cookie, try to scope
+            # to the last project used.
+            recent_project = request.COOKIES.get('recent_project')
 
         # if a most recent project was found, try using it first
         if recent_project:

openstack_auth/plugin/password.py

@@ -42,7 +42,8 @@ def get_plugin(self, auth_url=None, username=None, password=None,
             return v3_auth.Password(auth_url=auth_url,
                                     username=username,
                                     password=password,
-                                    user_domain_name=user_domain_name)
+                                    user_domain_name=user_domain_name,
+                                    unscoped=True)
 
         else:
             return v2_auth.Password(auth_url=auth_url,

openstack_auth/tests/tests.py

@@ -496,7 +496,8 @@ def _create_password_auth(self, username=None, password=None, url=None):
         return auth_v3.Password(auth_url=url,
                                 password=password,
                                 username=username,
-                                user_domain_name=DEFAULT_DOMAIN)
+                                user_domain_name=DEFAULT_DOMAIN,
+                                unscoped=True)
 
     def _create_token_auth(self, project_id, token=None, url=None):
         if not token: