diff --git a/keystone/tests/unit/token/test_backends.py b/keystone/tests/unit/token/test_backends.py index 93b3ae99e..671f48616 100644 --- a/keystone/tests/unit/token/test_backends.py +++ b/keystone/tests/unit/token/test_backends.py @@ -23,7 +23,6 @@ from six.moves import range import keystone.conf from keystone import exception from keystone.tests import unit -from keystone.tests.unit import utils as test_utils from keystone.token import provider @@ -234,21 +233,6 @@ class TokenTests(object): self.token_provider_api._persistence.delete_token, uuid.uuid4().hex) - def test_expired_token(self): - token_id = uuid.uuid4().hex - expire_time = timeutils.utcnow() - datetime.timedelta(minutes=1) - data = {'id_hash': token_id, 'id': token_id, 'a': 'b', - 'expires': expire_time, - 'trust_id': None, - 'user': {'id': 'testuserid'}} - data_ref = self.token_provider_api._persistence.create_token(token_id, - data) - data_ref.pop('user_id') - self.assertDictEqual(data, data_ref) - self.assertRaises(exception.TokenNotFound, - self.token_provider_api._persistence.get_token, - token_id) - def test_null_expires_token(self): token_id = uuid.uuid4().hex data = {'id': token_id, 'id_hash': token_id, 'a': 'b', 'expires': None, @@ -432,32 +416,6 @@ class TokenTests(object): token_id, data = self.create_token_sample_data(user_id=user_id) self.token_provider_api._persistence.get_token(token_id) - def test_token_expire_timezone(self): - - @test_utils.timezone - def _create_token(expire_time): - token_id = uuid.uuid4().hex - user_id = six.text_type(uuid.uuid4().hex) - return self.create_token_sample_data(token_id=token_id, - user_id=user_id, - expires=expire_time) - - for d in ['+0', '-11', '-8', '-5', '+5', '+8', '+14']: - test_utils.TZ = 'UTC' + d - expire_time = timeutils.utcnow() + datetime.timedelta(minutes=1) - token_id, data_in = _create_token(expire_time) - data_get = self.token_provider_api._persistence.get_token(token_id) - - self.assertEqual(data_in['id'], data_get['id'], - 'TZ=%s' % test_utils.TZ) - - expire_time_expired = ( - timeutils.utcnow() + datetime.timedelta(minutes=-1)) - token_id, data_in = _create_token(expire_time_expired) - self.assertRaises(exception.TokenNotFound, - self.token_provider_api._persistence.get_token, - data_in['id']) - class TokenCacheInvalidation(object): def _create_test_data(self): diff --git a/keystone/token/persistence/core.py b/keystone/token/persistence/core.py index 5f91cd818..fb2063577 100644 --- a/keystone/token/persistence/core.py +++ b/keystone/token/persistence/core.py @@ -18,7 +18,6 @@ import abc import copy from oslo_log import log -from oslo_utils import timeutils import six from keystone.common import cache @@ -52,22 +51,8 @@ class PersistenceManager(manager.Manager): def __init__(self): super(PersistenceManager, self).__init__(CONF.token.driver) - def _assert_valid(self, token_id, token_ref): - """Raise TokenNotFound if the token is expired.""" - current_time = timeutils.normalize_time(timeutils.utcnow()) - expires = token_ref.get('expires') - if not expires or current_time > timeutils.normalize_time(expires): - raise exception.TokenNotFound(token_id=token_id) - def get_token(self, token_id): - unique_id = utils.generate_unique_id(token_id) - token_ref = self._get_token(unique_id) - # NOTE(morganfainberg): Lift expired checking to the manager, there is - # no reason to make the drivers implement this check. With caching, - # self._get_token could return an expired token. Make sure we behave - # as expected and raise TokenNotFound on those instances. - self._assert_valid(token_id, token_ref) - return token_ref + return self._get_token(utils.generate_unique_id(token_id)) @MEMOIZE def _get_token(self, token_id):