Increase minimum token life required

MIN_TOKEN_LIFE_SECONDS is the number of seconds that the token provided
must be valid for to be used when making authentication requests. 1
second has always been a dumb number and was not based on any existing

Because a user token may be reused by a service to make requests on
behalf of a user if the token is valid when sent it may not be valid for
the life of the request.

2 minutes is also an arbitrary value, but it should allow plenty of time
for service requests to complete before being rejected.

Closes-Bug: #1441910
Change-Id: I395a0770e72d1ec7904e656ca382a5270f793a8b
Jamie Lennox 2015-04-02 10:15:29 +11:00
parent 746131c0ea
commit af6f1924eb
1 changed files with 3 additions and 2 deletions

View File

@ -34,8 +34,9 @@ def get_options():
class BaseIdentityPlugin(base.BaseAuthPlugin):
# we count a token as valid if it is valid for at least this many seconds
# we count a token as valid (not needing refreshing) if it is valid for at
# least this many seconds before the token expiry time
def __init__(self,