When oslo_limit is configured with endpoint_id pointing to a different service's endpoint (e.g., Keystone endpoint ID when configuring Glance), it incorrectly derives the service_id from the endpoint's service catalog instead of using the service being configured. This causes quota limits to show as 0 or enforcement to fail.

Note: This bug can occur with any authentication type (password or v3applicationcredential), but is more commonly encountered with application credentials because endpoint_id is typically required for service discovery with application credentials.

Steps to Reproduce:
===================

With Application Credentials (Most Common Scenario):

1. Configure Glance to use application credentials for oslo_limit:
   [oslo_limit]
   auth_type = v3applicationcredential
   application_credential_id = <id>
   application_credential_secret = <secret>
   auth_url = http://controller/identity
   system_scope = unscoped
   endpoint_id = <keystone_endpoint_id> # Using Keystone endpoint ID

2. Set up unified limits for Glance service:
   openstack registered limit create --service glance --default-limit 100 image_count_total
   openstack limit create --project <project_id> --service glance --resource-limit 10 image_count_total

3. Try to create an image that should be within quota limits

With Password Authentication (Also Affected):

1. Configure Glance to use password authentication for oslo_limit:
   [oslo_limit]
   auth_type = password
   username = glance
   password = <password>
   auth_url = http://controller/identity
   endpoint_id = <keystone_endpoint_id> # Using Keystone endpoint ID for unified limits API

2. Set up unified limits for Glance service (same as above)

3. Try to create an image that should be within quota limits

Note: With password authentication, you might be able to avoid this bug by not setting endpoint_id and relying on service discovery. However, if you explicitly set endpoint_id to Keystone (to ensure queries go to the unified limits API), the bug will occur.

Expected Results:
================

• oslo_limit should query limits for the Glance service (service_id = b4ebcaf97c64432ba140d7c21432f64e)
• Quota enforcement should work correctly
• Limits should be visible and enforced

Actual Results:
===============

• oslo_limit queries limits for the Keystone service (service_id = 568ff6468313448ea60baf11d9d4772b)
• API call: GET /identity/v3/limits?service_id=568ff6468313448ea60baf11d9d4772b&...
• Returns empty limits (0) because no limits exist for Keystone service
• Quota enforcement fails or shows incorrect limits

Alternative scenario (when endpoint_id = Glance endpoint):

• Uses correct Glance service_id
• But queries via Glance endpoint which doesn't have unified limits API
• Result: 502 Bad Gateway

For testing purpose I have submitted a patch in devstack which configures v3applicationcredential for glance - https://review.opendev.org/c/openstack/devstack/+/971680