From abbd91293de48090ac36ce3dbf27007e9d04b6a4 Mon Sep 17 00:00:00 2001
From: Radoslaw Zarzynski <rzarzynski@mirantis.com>
Date: Fri, 5 Feb 2016 16:07:17 +0100
Subject: [PATCH] rgw: S3 always must use token format of Keystone v2.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>
---
 src/rgw/rgw_rest_s3.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h
index 97dbaf4b1abde..2132da204f168 100644
--- a/src/rgw/rgw_rest_s3.h
+++ b/src/rgw/rgw_rest_s3.h
@@ -357,7 +357,10 @@ private:
 public:
   explicit RGW_Auth_S3_Keystone_ValidateToken(CephContext *_cct)
       : RGWHTTPClient(_cct),
-        response(KeystoneToken(KeystoneService::get_api_version())) {
+        /* This is really crazy but S3Extension in Keystone always
+         * returns token conforming to v2 - regardless whether you
+         * have requested v3 or not. */
+        response(KeystoneToken(KeystoneApiVersion::VER_2)) {
     get_str_list(cct->_conf->rgw_keystone_accepted_roles, roles_list);
   }
 
-- 
2.39.5