openstack/python-keystoneclient
Code Issues Proposed changes

Config value for revocation list timeout

Browse Source 
Adds the config option 'revocation_cache_time'
default of 300 seconds, same as token timeout

Bug 1076083

DocImpact

Change-Id: Ifd41c816dd5431f140461d6a1588364d7ecf9a62
This commit is contained in:
Adam Young
2013-03-19 13:20:17 -04:00
committed by Dolph Mathews
parent b445c19dc6
commit 3a3e2540ff
2 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
keystoneclient/middleware/auth_token.py
View File

@@ -215,6 +215,7 @@ opts = [
default=os.path.expanduser('~/keystone-signing')), default=os.path.expanduser('~/keystone-signing')),
cfg.ListOpt('memcache_servers'), cfg.ListOpt('memcache_servers'),
cfg.IntOpt('token_cache_time', default=300), cfg.IntOpt('token_cache_time', default=300),
cfg.IntOpt('revocation_cache_time', default=1),
cfg.StrOpt('memcache_security_strategy', default=None), cfg.StrOpt('memcache_security_strategy', default=None),
cfg.StrOpt('memcache_secret_key', default=None, secret=True) cfg.StrOpt('memcache_secret_key', default=None, secret=True)
] ]
@@ -337,8 +338,8 @@ class AuthProtocol(object):
self.token_cache_time = int(self._conf_get('token_cache_time')) self.token_cache_time = int(self._conf_get('token_cache_time'))
self._token_revocation_list = None self._token_revocation_list = None
self._token_revocation_list_fetched_time = None self._token_revocation_list_fetched_time = None
cache_timeout = datetime.timedelta(seconds=0) self.token_revocation_list_cache_timeout = datetime.timedelta(
self.token_revocation_list_cache_timeout = cache_timeout seconds=self._conf_get('revocation_cache_time'))
http_connect_timeout_cfg = self._conf_get('http_connect_timeout') http_connect_timeout_cfg = self._conf_get('http_connect_timeout')
self.http_connect_timeout = (http_connect_timeout_cfg and self.http_connect_timeout = (http_connect_timeout_cfg and
int(http_connect_timeout_cfg)) int(http_connect_timeout_cfg))

16
tests/test_auth_token_middleware.py
View File

@@ -625,8 +625,6 @@ class BaseAuthTokenMiddlewareTest(testtools.TestCase):
self.middleware = auth_token.AuthProtocol(fake_app(expected_env), conf) self.middleware = auth_token.AuthProtocol(fake_app(expected_env), conf)
self.middleware._iso8601 = iso8601 self.middleware._iso8601 = iso8601
self.middleware.revoked_file_name = tempfile.mkstemp()[1] self.middleware.revoked_file_name = tempfile.mkstemp()[1]
cache_timeout = datetime.timedelta(days=1)
self.middleware.token_revocation_list_cache_timeout = cache_timeout
self.middleware.token_revocation_list = jsonutils.dumps( self.middleware.token_revocation_list = jsonutils.dumps(
{"revoked": [], "extra": "success"}) {"revoked": [], "extra": "success"})
@@ -748,7 +746,8 @@ class AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest):
def test_init_does_not_call_http(self): def test_init_does_not_call_http(self):
conf = { conf = {
'auth_host': 'keystone.example.com', 'auth_host': 'keystone.example.com',
'auth_port': 1234 'auth_port': 1234,
'revocation_cache_time': 1
} }
self.set_fake_http(RaisingHTTPConnection) self.set_fake_http(RaisingHTTPConnection)
self.set_middleware(conf=conf, fake_http=RaisingHTTPConnection) self.set_middleware(conf=conf, fake_http=RaisingHTTPConnection)
@@ -1165,6 +1164,17 @@ class AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest):
} }
self.assertRaises(Exception, self.set_middleware, conf) self.assertRaises(Exception, self.set_middleware, conf)
def test_config_revocation_cache_timeout(self):
conf = {
'auth_host': 'keystone.example.com',
'auth_port': 1234,
'auth_admin_prefix': '/testadmin',
'revocation_cache_time': 24
}
middleware = auth_token.AuthProtocol(self.fake_app, conf)
self.assertEquals(middleware.token_revocation_list_cache_timeout,
datetime.timedelta(seconds=24))
class v2AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest): class v2AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest):
""" v2 token specific tests. """ v2 token specific tests.