Merge "Invalidate token cache after token delete"

keystone/token/persistence/core.py

@@ -36,7 +36,7 @@ REVOCATION_MEMOIZE = cache.get_memoization_decorator(group='token',
 
 
 @dependency.requires('assignment_api', 'identity_api', 'resource_api',
-                     'token_provider_api', 'trust_api')
+                     'trust_api')
 class PersistenceManager(manager.Manager):
     """Default pivot point for the Token Persistence backend.
 
@@ -165,13 +165,7 @@ class PersistenceManager(manager.Manager):
         # NOTE(morganfainberg): invalidate takes the exact same arguments as
         # the normal method, this means we need to pass "self" in (which gets
         # stripped off).
-
-        # FIXME(morganfainberg): Does this cache actually need to be
-        # invalidated? We maintain a cached revocation list, which should be
-        # consulted before accepting a token as valid.  For now we will
-        # do the explicit individual token invalidation.
         self._get_token.invalidate(self, token_id)
-        self.token_provider_api.invalidate_individual_token_cache(token_id)
 
 
 @dependency.requires('token_provider_api')

keystone/token/provider.py

@@ -270,6 +270,12 @@ class Manager(manager.Manager):
         if CONF.token.revoke_by_id and self._needs_persistence:
             self._persistence.delete_token(token_id=token_id)
 
+        # FIXME(morganfainberg): Does this cache actually need to be
+        # invalidated? We maintain a cached revocation list, which should be
+        # consulted before accepting a token as valid.  For now we will
+        # do the explicit individual token invalidation.
+        self.invalidate_individual_token_cache(token_id)
+
     def list_revoked_tokens(self):
         return self._persistence.list_revoked_tokens()