openstack/python-keystoneclient
Code Issues Proposed changes

Avoid returning stale token via auth_token property

Browse Source 
The auth_ref token should take precedence over the user provided
token, since any call to authenticate() will update the auth_ref,
rendering the auth_token_from_user stale.

Change-Id: Ibc86dca840f4b8dd23856735616ee48a7b397fcd
Closes-Bug: #1244675
This commit is contained in:
Steven Hardy
2013-10-25 15:40:57 +01:00
parent 876c2d6c2a
commit 1e856a860b
2 changed files with 31 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
keystoneclient/httpclient.py
View File

@@ -336,12 +336,12 @@ class HTTPClient(object):
@property @property
def auth_token(self): def auth_token(self):
if self.auth_token_from_user:
return self.auth_token_from_user
if self.auth_ref: if self.auth_ref:
if self.auth_ref.will_expire_soon(self.stale_duration): if self.auth_ref.will_expire_soon(self.stale_duration):
self.authenticate() self.authenticate()
return self.auth_ref.auth_token return self.auth_ref.auth_token
elif self.auth_token_from_user:
return self.auth_token_from_user
@auth_token.setter @auth_token.setter
def auth_token(self, value): def auth_token(self, value):

33
keystoneclient/tests/test_http.py
View File

@@ -23,18 +23,22 @@ from keystoneclient import httpclient
from keystoneclient.tests import utils from keystoneclient.tests import utils
RESPONSE_BODY = '{"hi": "there"}' RESPONSE_BODY = '{"hi": "there"}'
AUTHED_TOKEN = "token"
def get_client(): def get_client(token=None):
cl = httpclient.HTTPClient(username="username", password="password", if token:
tenant_id="tenant", auth_url="auth_test") cl = httpclient.HTTPClient(token=token, auth_url="auth_test")
else:
cl = httpclient.HTTPClient(username="username", password="password",
tenant_id="tenant", auth_url="auth_test")
return cl return cl
def get_authed_client(): def get_authed_client():
cl = get_client() cl = get_client()
cl.management_url = "http://127.0.0.1:5000" cl.management_url = "http://127.0.0.1:5000"
cl.auth_token = "token" cl.auth_token = AUTHED_TOKEN
return cl return cl
@@ -144,6 +148,27 @@ class ClientTest(utils.TestCase):
client.HTTPClient client.HTTPClient
def test_auth_token_none(self):
cl = get_client()
self.assertEqual(cl.auth_token, None)
def test_auth_token_authed(self):
cl = get_authed_client()
self.assertEqual(cl.auth_token, AUTHED_TOKEN)
def test_auth_token_reauth(self):
cl = get_client(token='initial')
self.assertEqual(cl.auth_token, 'initial')
class FakeAccessInfo(object):
auth_token = 'updated'
def will_expire_soon(self, stale_duration=None):
return False
cl.auth_ref = FakeAccessInfo()
self.assertEqual(cl.auth_token, 'updated')
class BasicRequestTests(utils.TestCase): class BasicRequestTests(utils.TestCase):