Disco verification:

 apt policy liblasso3
liblasso3:
  Installed: 2.6.0-2ubuntu0.1
  Candidate: 2.6.0-2ubuntu0.1
  Version table:
 *** 2.6.0-2ubuntu0.1 1000
        399 http://archive.ubuntu.com/ubuntu disco-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     2.6.0-2build1 400
        400 http://archive.ubuntu.com/ubuntu disco/main amd64 Packages

env | grep OS_
OS_IDENTITY_PROVIDER_URL=https://samltest.id/idp/profile/SAML2/SOAP/ECP
OS_AUTH_URL=https://keystone.maas:5000/v3
OS_PROTOCOL=saml2
OS_REGION_NAME=RegionOne
OS_PROJECT_NAME=scooper@samltest.id_project
OS_PROJECT_DOMAIN_NAME=samltestid
OS_IDENTITY_API_VERSION=3
OS_AUTH_TYPE=v3samlpassword
OS_IDENTITY_PROVIDER=samltestid
OS_INTERFACE=internal
OS_PASSWORD=bazinga
OS_USERNAME=<redacted>
OS_CACERT=/home/ubuntu/bundles/vault-ca.crt

openstack token issue -v --debug
START with options: token issue -v --debug
options: Namespace(access_key='', access_secret='***', access_token='***', access_token_endpoint='', access_token_type='', application_credential_id='', application_credential_name='', application_credential_secret='***', auth_type='v3samlpassword', auth_url='https://keystone.maas:5000/v3', cacert='/home/ubuntu/bundles/vault-ca.crt', cert='', client_id='', client_secret='***', cloud='', code='', consumer_key='', consumer_secret='***', debug=True, default_domain='default', default_domain_id='', default_domain_name='', deferred_help=False, discovery_endpoint='', domain_id='', domain_name='', endpoint='', identity_provider='samltestid', identity_provider_url='https://samltest.id/idp/profile/SAML2/SOAP/ECP', insecure=None, interface='internal', key='', log_file=None, openid_scope='', os_beta_command=False, os_compute_api_version='', os_identity_api_version='3', os_image_api_version='', os_key_manager_api_version='1', os_network_api_version='', os_object_api_version='', os_orchestration_api_version='1', os_project_id=None, os_project_name=None, os_volume_api_version='', passcode='', password='***', project_domain_id='', project_domain_name='samltestid', project_id='', project_name='scooper@samltest.id_project', protocol='saml2', redirect_uri='', region_name='RegionOne', remote_project_domain_id='', remote_project_domain_name='', remote_project_id='', remote_project_name='', service_provider='', service_provider_endpoint='', service_provider_entity_id='', system_scope='', timing=False, token='***', trust_id='', url='', user_domain_id='', user_domain_name='', user_id='', username='sheldon', verbose_level=3, verify=None)
Auth plugin v3samlpassword selected
auth_config_hook(): {'api_timeout': None, 'verify': True, 'cacert': '/home/ubuntu/bundles/vault-ca.crt', 'cert': None, 'key': None, 'baremetal_status_code_retries': '5', 'image_status_code_retries': '5', 'disable_vendor_agent': {}, 'interface': 'internal', 'floating_ip_source': 'neutron', 'image_api_use_tasks': False, 'image_format': 'qcow2', 'message': '', 'network_api_version': '2', 'object_store_api_version': '1', 'secgroup_source': 'neutron', 'status': 'active', 'auth': {'project_domain_name': 'samltestid', 'project_name': 'scooper@samltest.id_project'}, 'verbose_level': 3, 'deferred_help': False, 'debug': True, 'region_name': 'RegionOne', 'default_domain': 'default', 'timing': False, 'auth_url': 'https://keystone.maas:5000/v3', 'username': 'sheldon', 'password': '***', 'identity_provider': 'samltestid', 'protocol': 'saml2', 'identity_provider_url': 'https://samltest.id/idp/profile/SAML2/SOAP/ECP', 'beta_command': False, 'identity_api_version': '3', 'orchestration_api_version': '1', 'key_manager_api_version': '1', 'auth_type': 'v3samlpassword', 'networks': []}
defaults: {'api_timeout': None, 'verify': True, 'cacert': None, 'cert': None, 'key': None, 'auth_type': 'password', 'baremetal_status_code_retries': 5, 'image_status_code_retries': 5, 'disable_vendor_agent': {}, 'interface': 'public', 'floating_ip_source': 'neutron', 'image_api_use_tasks': False, 'image_format': 'qcow2', 'message': '', 'network_api_version': '2', 'object_store_api_version': '1', 'secgroup_source': 'neutron', 'status': 'active'}
cloud cfg: {'api_timeout': None, 'verify': True, 'cacert': '/home/ubuntu/bundles/vault-ca.crt', 'cert': None, 'key': None, 'baremetal_status_code_retries': '5', 'image_status_code_retries': '5', 'disable_vendor_agent': {}, 'interface': 'internal', 'floating_ip_source': 'neutron', 'image_api_use_tasks': False, 'image_format': 'qcow2', 'message': '', 'network_api_version': '2', 'object_store_api_version': '1', 'secgroup_source': 'neutron', 'status': 'active', 'auth': {'project_domain_name': 'samltestid', 'project_name': 'scooper@samltest.id_project'}, 'verbose_level': 3, 'deferred_help': False, 'debug': True, 'region_name': 'RegionOne', 'default_domain': 'default', 'timing': False, 'auth_url': 'https://keystone.maas:5000/v3', 'username': 'sheldon', 'password': '***', 'identity_provider': 'samltestid', 'protocol': 'saml2', 'identity_provider_url': 'https://samltest.id/idp/profile/SAML2/SOAP/ECP', 'beta_command': False, 'identity_api_version': '3', 'orchestration_api_version': '1', 'key_manager_api_version': '1', 'auth_type': 'v3samlpassword', 'networks': []}
compute API version 2.1, cmd group openstack.compute.v2
identity API version 3, cmd group openstack.identity.v3
image API version 2, cmd group openstack.image.v2
network API version 2, cmd group openstack.network.v2
object_store API version 1, cmd group openstack.object_store.v1
volume API version 2, cmd group openstack.volume.v2
neutronclient API version 2, cmd group openstack.neutronclient.v2
orchestration API version 1, cmd group openstack.orchestration.v1
key_manager API version 1, cmd group openstack.key_manager.v1
Auth plugin v3samlpassword selected
auth_config_hook(): {'api_timeout': None, 'verify': True, 'cacert': '/home/ubuntu/bundles/vault-ca.crt', 'cert': None, 'key': None, 'baremetal_status_code_retries': '5', 'image_status_code_retries': '5', 'disable_vendor_agent': {}, 'interface': 'internal', 'floating_ip_source': 'neutron', 'image_api_use_tasks': False, 'image_format': 'qcow2', 'message': '', 'network_api_version': '2', 'object_store_api_version': '1', 'secgroup_source': 'neutron', 'status': 'active', 'auth': {'project_domain_name': 'samltestid', 'project_name': 'scooper@samltest.id_project'}, 'verbose_level': 3, 'deferred_help': False, 'debug': True, 'region_name': 'RegionOne', 'default_domain': 'default', 'timing': False, 'auth_url': 'https://keystone.maas:5000/v3', 'username': 'sheldon', 'password': '***', 'identity_provider': 'samltestid', 'protocol': 'saml2', 'identity_provider_url': 'https://samltest.id/idp/profile/SAML2/SOAP/ECP', 'beta_command': False, 'identity_api_version': '3', 'orchestration_api_version': '1', 'key_manager_api_version': '1', 'auth_type': 'v3samlpassword', 'networks': []}
Auth plugin v3samlpassword selected
auth_config_hook(): {'api_timeout': None, 'verify': True, 'cacert': '/home/ubuntu/bundles/vault-ca.crt', 'cert': None, 'key': None, 'baremetal_status_code_retries': '5', 'image_status_code_retries': '5', 'disable_vendor_agent': {}, 'interface': 'internal', 'floating_ip_source': 'neutron', 'image_api_use_tasks': False, 'image_format': 'qcow2', 'message': '', 'network_api_version': '2', 'object_store_api_version': '1', 'secgroup_source': 'neutron', 'status': 'active', 'auth': {'project_domain_name': 'samltestid', 'project_name': 'scooper@samltest.id_project'}, 'verbose_level': 3, 'deferred_help': False, 'debug': True, 'region_name': 'RegionOne', 'default_domain': 'default', 'timing': False, 'auth_url': 'https://keystone.maas:5000/v3', 'username': 'sheldon', 'password': '***', 'identity_provider': 'samltestid', 'protocol': 'saml2', 'identity_provider_url': 'https://samltest.id/idp/profile/SAML2/SOAP/ECP', 'beta_command': False, 'identity_api_version': '3', 'orchestration_api_version': '1', 'key_manager_api_version': '1', 'auth_type': 'v3samlpassword', 'networks': []}
command: token issue -> openstackclient.identity.v3.token.IssueToken (auth=True)
Auth plugin v3samlpassword selected
auth_config_hook(): {'api_timeout': None, 'verify': True, 'cacert': '/home/ubuntu/bundles/vault-ca.crt', 'cert': None, 'key': None, 'baremetal_status_code_retries': '5', 'image_status_code_retries': '5', 'disable_vendor_agent': {}, 'interface': 'internal', 'floating_ip_source': 'neutron', 'image_api_use_tasks': False, 'image_format': 'qcow2', 'message': '', 'network_api_version': '2', 'object_store_api_version': '1', 'secgroup_source': 'neutron', 'status': 'active', 'auth': {'project_domain_name': 'samltestid', 'project_name': 'scooper@samltest.id_project'}, 'additional_user_agent': [('osc-lib', '1.12.1')], 'verbose_level': 3, 'deferred_help': False, 'debug': True, 'region_name': 'RegionOne', 'default_domain': 'default', 'timing': False, 'auth_url': 'https://keystone.maas:5000/v3', 'username': 'sheldon', 'password': '***', 'identity_provider': 'samltestid', 'protocol': 'saml2', 'identity_provider_url': 'https://samltest.id/idp/profile/SAML2/SOAP/ECP', 'beta_command': False, 'identity_api_version': '3', 'orchestration_api_version': '1', 'key_manager_api_version': '1', 'auth_type': 'v3samlpassword', 'networks': []}
Using auth plugin: v3samlpassword
Using parameters {'auth_url': 'https://keystone.maas:5000/v3', 'project_name': 'scooper@samltest.id_project', 'project_domain_name': 'samltestid', 'identity_provider': 'samltestid', 'protocol': 'saml2', 'identity_provider_url': 'https://samltest.id/idp/profile/SAML2/SOAP/ECP', 'username': 'sheldon', 'password': '***'}
Get auth_ref
REQ: curl -g -i --cacert "/home/ubuntu/bundles/vault-ca.crt" -X GET https://keystone.maas:5000/v3/OS-FEDERATION/identity_providers/samltestid/protocols/saml2/auth -H "User-Agent: openstacksdk/0.26.0 keystoneauth1/3.13.1 python-requests/2.18.4 CPython/3.6.8"
Starting new HTTPS connection (1): keystone.maas
https://keystone.maas:5000 "GET /v3/OS-FEDERATION/identity_providers/samltestid/protocols/saml2/auth HTTP/1.1" 200 3144
Starting new HTTPS connection (1): samltest.id
https://samltest.id:443 "POST /idp/profile/SAML2/SOAP/ECP HTTP/1.1" 200 None
https://keystone.maas:5000 "POST /v3/OS-FEDERATION/identity_providers/samltestid/protocols/saml2/auth/mellon/paosResponse HTTP/1.1" 303 382
Starting new HTTPS connection (2): keystone.maas
https://keystone.maas:5000 "GET /v3/OS-FEDERATION/identity_providers/samltestid/protocols/saml2/auth HTTP/1.1" 201 403
RESP: [201] Cache-Control: private, max-age=0, must-revalidate, private, max-age=0, must-revalidate Connection: Keep-Alive Content-Length: 403 Content-Type: application/json Date: Fri, 19 Jul 2019 06:07:00 GMT Keep-Alive: timeout=5, max=100 Server: Apache/2.4.29 (Ubuntu) Vary: X-Auth-Token X-Distribution: Ubuntu X-Subject-Token: {SHA256}53213975819219cea5f7ec8e6cd9a4633d9089cef363fefabcb69e12df7b5842 x-openstack-request-id: req-79f04296-5ab4-4253-8fcb-8e4f9824aafe
RESP BODY: {"token": {"methods": ["saml2"], "user": {"domain": {"id": "Federated", "name": "Federated"}, "id": "59f289a633f347c8998108cbfda2d91f", "name": "<email address hidden>", "OS-FEDERATION": {"groups": [], "identity_provider": {"id": "samltestid"}, "protocol": {"id": "saml2"}}}, "audit_ids": ["m2uUmXaOTbeYmYU1B5G4kA"], "expires_at": "2019-07-19T07:07:08.000000Z", "issued_at": "2019-07-19T06:07:08.000000Z"}}
GET call to https://keystone.maas:5000/v3/OS-FEDERATION/identity_providers/samltestid/protocols/saml2/auth used request id req-79f04296-5ab4-4253-8fcb-8e4f9824aafe
Making authentication request to https://keystone.maas:5000/v3/auth/tokens
https://keystone.maas:5000 "POST /v3/auth/tokens HTTP/1.1" 201 7824
{"token": {"methods": ["token", "saml2"], "user": {"domain": {"id": "Federated", "name": "Federated"}, "id": "59f289a633f347c8998108cbfda2d91f", "name": "<email address hidden>", "OS-FEDERATION": {"groups": [], "identity_provider": {"id": "samltestid"}, "protocol": {"id": "saml2"}}}, "audit_ids": ["JIYZkBggSAauxkf7lLe6Xg"], "expires_at": "2019-07-19T07:07:11.000000Z", "issued_at": "2019-07-19T06:07:11.000000Z", "project": {"domain": {"id": "b95a181bc2c24090beed0bd8ae359fc8", "name": "samltestid"}, "id": "9d218caa80da487cb5149fb3f957dc8a", "name": "scooper@samltest.id_project"}, "is_domain": false, "roles": [{"id": "e4ab04a7c6ec4c91a826b2a3ba333407", "name": "Member", "domain_id": null}], "is_admin_project": false, "catalog": [{"endpoints": [{"id": "05e2c8e5c6e1447c8068d8e1d8c01b30", "interface": "admin", "region_id": "RegionOne", "url": "http://radosgw.maas:80/swift", "region": "RegionOne"}, {"id": "403998887b724dd397c3a231dfe77e8f", "interface": "public", "region_id": "RegionOne", "url": "http://radosgw.maas:80/swift/v1/simplestreams/data/", "region": "RegionOne"}, {"id": "5b5e1adcd0c44255990ee221b0a9832e", "interface": "internal", "region_id": "RegionOne", "url": "http://radosgw.maas:80/swift/v1/simplestreams/data/", "region": "RegionOne"}], "id": "29b75796463c46abacf836fc56be419e", "type": "product-streams", "name": "image-stream"}, {"endpoints": [{"id": "75901d10838d47c2b2a9f807857efd75", "interface": "internal", "region_id": "RegionOne", "url": "https://keystone.maas:5000/v3", "region": "RegionOne"}, {"id": "c1f4fc1d0f23461a9414e1ee4e786757", "interface": "admin", "region_id": "RegionOne", "url": "https://keystone.maas:35357/v3", "region": "RegionOne"}, {"id": "e13b64ff816c41cf8e01d4133c427eae", "interface": "public", "region_id": "RegionOne", "url": "https://keystone.maas:5000/v3", "region": "RegionOne"}], "id": "2f6eab7a36cf405195cc53bb692d4f77", "type": "identity", "name": "keystone"}, {"endpoints": [{"id": "1912d2bb31f5496c90a3e19a545799b5", "interface": "admin", "region_id": "RegionOne", "url": "https://10.232.1.211:8004/v1/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}, {"id": "750fc1a621334e2a9ad558efae662fc2", "interface": "public", "region_id": "RegionOne", "url": "https://10.232.1.211:8004/v1/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}, {"id": "fc92e355df594f2b8ff3680cabfa55d8", "interface": "internal", "region_id": "RegionOne", "url": "https://10.232.1.211:8004/v1/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}], "id": "5e4b5e1b5be14b89bcd584830edf9144", "type": "orchestration", "name": "heat"}, {"endpoints": [{"id": "1f7c9bb7a8a840e28e79781e11fbfbc5", "interface": "public", "region_id": "RegionOne", "url": "https://designate.maas:9001", "region": "RegionOne"}, {"id": "ec9da628e01d410b9adea2ae78f8a7ed", "interface": "internal", "region_id": "RegionOne", "url": "https://designate.maas:9001", "region": "RegionOne"}, {"id": "ed7b78611550435bacd939f8a983604b", "interface": "admin", "region_id": "RegionOne", "url": "https://designate.maas:9001", "region": "RegionOne"}], "id": "704d8c7d02eb47c683e8bcd1c2f3b8a0", "type": "dns", "name": "designate"}, {"endpoints": [{"id": "7bb706716c7c45f19717211dc0de3df9", "interface": "admin", "region_id": "RegionOne", "url": "https://nova.maas:8774/v2.1", "region": "RegionOne"}, {"id": "898f40c1e86340da8af9dc99f3d5a42b", "interface": "public", "region_id": "RegionOne", "url": "https://nova.maas:8774/v2.1", "region": "RegionOne"}, {"id": "d7e1f42309de4e9680d22af11636e8f5", "interface": "internal", "region_id": "RegionOne", "url": "https://nova.maas:8774/v2.1", "region": "RegionOne"}], "id": "834879dda26149cfbd3de556afb3b67b", "type": "compute", "name": "nova"}, {"endpoints": [{"id": "23be8750e0b346b1a031e9d27a4c1270", "interface": "internal", "region_id": "RegionOne", "url": "https://10.232.1.211:8000/v1", "region": "RegionOne"}, {"id": "d1311ad325e54d32a0143926387066e9", "interface": "public", "region_id": "RegionOne", "url": "https://10.232.1.211:8000/v1", "region": "RegionOne"}, {"id": "e6c71fa290874ba093c4ceea4ef89347", "interface": "admin", "region_id": "RegionOne", "url": "https://10.232.1.211:8000/v1", "region": "RegionOne"}], "id": "88c75b090042412bae051f2810922d8d", "type": "cloudformation", "name": "heat-cfn"}, {"endpoints": [{"id": "3a049f7297dd490c869a750d88c414b6", "interface": "public", "region_id": "RegionOne", "url": "https://cinder.maas:8776/v2/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}, {"id": "72be0508859f42db85b7ab788d9e4aee", "interface": "internal", "region_id": "RegionOne", "url": "https://cinder.maas:8776/v2/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}, {"id": "9a4175e8d573497e83d716f177e91b7e", "interface": "admin", "region_id": "RegionOne", "url": "https://cinder.maas:8776/v2/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}], "id": "88f602a8ff4640bfad069fc91e4bc1f5", "type": "volumev2", "name": "cinderv2"}, {"endpoints": [{"id": "09c51466dde54ad7b3ba6f44e378f3b3", "interface": "internal", "region_id": "RegionOne", "url": "https://glance.maas:9292", "region": "RegionOne"}, {"id": "27a8573f0032462abd1643650ec5ac1e", "interface": "public", "region_id": "RegionOne", "url": "https://glance.maas:9292", "region": "RegionOne"}, {"id": "a1387098bf3246d9af2f291c523e17c6", "interface": "admin", "region_id": "RegionOne", "url": "https://glance.maas:9292", "region": "RegionOne"}], "id": "916c1cafbedc4f31a20e6a5a0775f5eb", "type": "image", "name": "glance"}, {"endpoints": [{"id": "216f32b0bef0447baca80680947a5ded", "interface": "public", "region_id": "RegionOne", "url": "https://neutron.maas:9696", "region": "RegionOne"}, {"id": "217c22196e6744d287063f0244469e29", "interface": "internal", "region_id": "RegionOne", "url": "https://neutron.maas:9696", "region": "RegionOne"}, {"id": "c8eae74ea9f04887863969b6c8efc8c5", "interface": "admin", "region_id": "RegionOne", "url": "https://neutron.maas:9696", "region": "RegionOne"}], "id": "bef8f20594414c7b8d68848dfe3a491a", "type": "network", "name": "neutron"}, {"endpoints": [{"id": "2225e1d18421409297abd0a4ca1615cb", "interface": "internal", "region_id": "RegionOne", "url": "https://nova.maas:8778", "region": "RegionOne"}, {"id": "3fca156ebafd49edad06a5a8eb994f94", "interface": "public", "region_id": "RegionOne", "url": "https://nova.maas:8778", "region": "RegionOne"}, {"id": "f9b008edc49644038a229cc6937065e8", "interface": "admin", "region_id": "RegionOne", "url": "https://nova.maas:8778", "region": "RegionOne"}], "id": "cf3e56ab8cc04ceca02df098afb0015c", "type": "placement", "name": "placement"}, {"endpoints": [{"id": "20b187d3d9b84777ac1bb2fc35b54a68", "interface": "admin", "region_id": "RegionOne", "url": "https://radosgw.maas:80/swift", "region": "RegionOne"}, {"id": "3098dad00da74a18b1b3f9f1306ba9a1", "interface": "internal", "region_id": "RegionOne", "url": "https://radosgw.maas:80/swift/v1", "region": "RegionOne"}, {"id": "45f850604f514f1c9f64cddca122e1f5", "interface": "public", "region_id": "RegionOne", "url": "https://radosgw.maas:80/swift/v1", "region": "RegionOne"}], "id": "f060d93a4d554c8f83f2161d84f91f0f", "type": "object-store", "name": "swift"}, {"endpoints": [{"id": "35b8afb2dd6345bd8cc54c88d7a07d39", "interface": "admin", "region_id": "RegionOne", "url": "https://cinder.maas:8776/v3/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}, {"id": "fc2751efe0424db9b2de99123e0af0d0", "interface": "internal", "region_id": "RegionOne", "url": "https://cinder.maas:8776/v3/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}, {"id": "fea01b80f0c64140b8fb7d1f920c52ae", "interface": "public", "region_id": "RegionOne", "url": "https://cinder.maas:8776/v3/9d218caa80da487cb5149fb3f957dc8a", "region": "RegionOne"}], "id": "fc51e3bf8c4d4e02821a65b6a8b816b0", "type": "volumev3", "name": "cinderv3"}]}}
run(Namespace(columns=[], fit_width=False, formatter='table', max_width=0, noindent=False, prefix='', print_empty=False, variables=[]))
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2019-07-19T07:07:11+0000                                                                                                                                                                |
| id         | gAAAAABdMV4PvClEuZ2PPcVayi6WXK9yJwa97QsLUtFVlY61FzJbvzckCB1WEd-Osz2dlSN5372TT4O4ngzqoNA27xODwlXWDIK4TraBBGS7runCjFq_9IfgzW93sItOO_txwqeDqjSQoPWdfC7OCbnwpv12dFpTsyXwPVivw_-_3sFiA83zZDA |
| project_id | 9d218caa80da487cb5149fb3f957dc8a                                                                                                                                                        |
| user_id    | 59f289a633f347c8998108cbfda2d91f                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
clean_up IssueToken: 
END return value: 0