Add token-expiration to allow the time a token should remain valid (in seconds) to be set. Remove token-expiry which seems unused
This commit is contained in:
parent
d20221ff56
commit
ac8914c146
@ -62,10 +62,10 @@ options:
|
||||
default: 'Admin'
|
||||
type: string
|
||||
description: 'Admin role to be associated with admin and service users'
|
||||
token-expiry:
|
||||
default: "2017-02-05T00:00"
|
||||
type: string
|
||||
description: "Expiration date of generated admin tokens"
|
||||
token-expiration:
|
||||
default: 3600
|
||||
type: int
|
||||
description: "Amount of time a token should remain valid (in seconds)."
|
||||
service-tenant:
|
||||
default: "services"
|
||||
type: string
|
||||
|
@ -202,6 +202,7 @@ class KeystoneContext(context.OSContextGenerator):
|
||||
ctxt['debug'] = debug and bool_from_string(debug)
|
||||
verbose = config('verbose')
|
||||
ctxt['verbose'] = verbose and bool_from_string(verbose)
|
||||
ctxt['token_expiration'] = config('token-expiration')
|
||||
|
||||
ctxt['identity_backend'] = config('identity-backend')
|
||||
ctxt['assignment_backend'] = config('assignment-backend')
|
||||
|
@ -49,7 +49,8 @@ provider = keystone.token.providers.pki.Provider
|
||||
provider = keystone.token.providers.pkiz.Provider
|
||||
{% else -%}
|
||||
provider = keystone.token.providers.uuid.Provider
|
||||
{% endif %}
|
||||
{% endif -%}
|
||||
expiration = {{ token_expiration }}
|
||||
|
||||
{% include "parts/section-signing" %}
|
||||
|
||||
|
@ -46,6 +46,7 @@ driver = keystone.catalog.backends.sql.Catalog
|
||||
[token]
|
||||
driver = keystone.token.persistence.backends.sql.Token
|
||||
provider = keystone.token.providers.uuid.Provider
|
||||
expiration = {{ token_expiration }}
|
||||
|
||||
[cache]
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user