From 0fa062ea984bdcd5469361e4bd4b69a2f62e4915 Mon Sep 17 00:00:00 2001 From: Jamie Lennox Date: Thu, 7 Aug 2014 10:26:31 +1000 Subject: [PATCH] Handle invalidate in identity plugins correctly Returning a True from the invalidate() call means that something has changed within the plugin and the session should reissue the request and expect the plugin to authenticate itself. This means we should only return True if something actually changed, because re-issuing the request if there was no auth_ref will not change the outcome. Change-Id: I012dacc93b1fcaee31d31a49e95db5a38044f211 --- keystoneclient/auth/identity/base.py | 7 +++++-- keystoneclient/tests/auth/test_identity_common.py | 12 ++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/keystoneclient/auth/identity/base.py b/keystoneclient/auth/identity/base.py index ffdee4d1b..c2e5ffa1e 100644 --- a/keystoneclient/auth/identity/base.py +++ b/keystoneclient/auth/identity/base.py @@ -133,8 +133,11 @@ class BaseIdentityPlugin(base.BaseAuthPlugin): invalidate. This means that it makes sense to try again. If nothing happens returns False to indicate give up. """ - self.auth_ref = None - return True + if self.auth_ref: + self.auth_ref = None + return True + + return False def get_endpoint(self, session, service_type=None, interface=None, region_name=None, service_name=None, version=None, diff --git a/keystoneclient/tests/auth/test_identity_common.py b/keystoneclient/tests/auth/test_identity_common.py index 8c5499c18..d1b595fda 100644 --- a/keystoneclient/tests/auth/test_identity_common.py +++ b/keystoneclient/tests/auth/test_identity_common.py @@ -209,6 +209,18 @@ class CommonIdentityTests(object): s = session.Session(auth=a) self.assertIs(expired_auth_ref, a.get_access(s)) + def test_invalidate(self): + a = self.create_auth_plugin() + s = session.Session(auth=a) + + # trigger token fetching + s.get_token() + + self.assertTrue(a.auth_ref) + self.assertTrue(a.invalidate()) + self.assertIsNone(a.auth_ref) + self.assertFalse(a.invalidate()) + class V3(CommonIdentityTests, utils.TestCase):