Add token-expiration to allow the time a token should remain valid (in seconds) to be set. Remove token-expiry which seems unused

This commit is contained in:
Liam Young 2015-04-01 07:55:04 +01:00
parent d20221ff56
commit ac8914c146
4 changed files with 8 additions and 5 deletions

View File

@ -62,10 +62,10 @@ options:
default: 'Admin'
type: string
description: 'Admin role to be associated with admin and service users'
token-expiry:
default: "2017-02-05T00:00"
type: string
description: "Expiration date of generated admin tokens"
token-expiration:
default: 3600
type: int
description: "Amount of time a token should remain valid (in seconds)."
service-tenant:
default: "services"
type: string

View File

@ -202,6 +202,7 @@ class KeystoneContext(context.OSContextGenerator):
ctxt['debug'] = debug and bool_from_string(debug)
verbose = config('verbose')
ctxt['verbose'] = verbose and bool_from_string(verbose)
ctxt['token_expiration'] = config('token-expiration')
ctxt['identity_backend'] = config('identity-backend')
ctxt['assignment_backend'] = config('assignment-backend')

View File

@ -49,7 +49,8 @@ provider = keystone.token.providers.pki.Provider
provider = keystone.token.providers.pkiz.Provider
{% else -%}
provider = keystone.token.providers.uuid.Provider
{% endif %}
{% endif -%}
expiration = {{ token_expiration }}
{% include "parts/section-signing" %}

View File

@ -46,6 +46,7 @@ driver = keystone.catalog.backends.sql.Catalog
[token]
driver = keystone.token.persistence.backends.sql.Token
provider = keystone.token.providers.uuid.Provider
expiration = {{ token_expiration }}
[cache]