openstack/python-keystoneclient
Code Issues Proposed changes

Merge "Allow configure auth_token http connect timeout."

Browse Source
This commit is contained in:
Jenkins
2013-02-16 14:42:48 +00:00
committed by Gerrit Code Review
parent 8e395e0fac 878695ce06
commit 76ac1f972b
3 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
doc/source/middlewarearchitecture.rst
View File

@@ -184,6 +184,8 @@ Configuration Options
* ``delay_auth_decision``: (optional, default `0`) (off). If on, the middleware * ``delay_auth_decision``: (optional, default `0`) (off). If on, the middleware
will not reject invalid auth requests, but will delegate that decision to will not reject invalid auth requests, but will delegate that decision to
downstream WSGI components. downstream WSGI components.
* ``http_connect_timeout``: (optional, default `python default` allow increase
the timeout when validating token by http).
* ``auth_port``: (optional, default `35357`) the port used to validate tokens * ``auth_port``: (optional, default `35357`) the port used to validate tokens
* ``auth_protocol``: (optional, default `https`) * ``auth_protocol``: (optional, default `https`)
* ``auth_uri``: (optional, defaults to `auth_protocol`://`auth_host`:`auth_port`) * ``auth_uri``: (optional, defaults to `auth_protocol`://`auth_host`:`auth_port`)

10
keystoneclient/middleware/auth_token.py
View File

@@ -161,6 +161,7 @@ opts = [
cfg.StrOpt('auth_protocol', default='https'), cfg.StrOpt('auth_protocol', default='https'),
cfg.StrOpt('auth_uri', default=None), cfg.StrOpt('auth_uri', default=None),
cfg.BoolOpt('delay_auth_decision', default=False), cfg.BoolOpt('delay_auth_decision', default=False),
cfg.BoolOpt('http_connect_timeout', default=None),
cfg.StrOpt('admin_token', secret=True), cfg.StrOpt('admin_token', secret=True),
cfg.StrOpt('admin_user'), cfg.StrOpt('admin_user'),
cfg.StrOpt('admin_password', secret=True), cfg.StrOpt('admin_password', secret=True),
@@ -287,6 +288,9 @@ class AuthProtocol(object):
self._token_revocation_list_fetched_time = None self._token_revocation_list_fetched_time = None
cache_timeout = datetime.timedelta(seconds=0) cache_timeout = datetime.timedelta(seconds=0)
self.token_revocation_list_cache_timeout = cache_timeout self.token_revocation_list_cache_timeout = cache_timeout
http_connect_timeout_cfg = self._conf_get('http_connect_timeout')
self.http_connect_timeout = (http_connect_timeout_cfg and
int(http_connect_timeout_cfg))
def _assert_valid_memcache_protection_config(self): def _assert_valid_memcache_protection_config(self):
if self._memcache_security_strategy: if self._memcache_security_strategy:
@@ -439,12 +443,14 @@ class AuthProtocol(object):
def _get_http_connection(self): def _get_http_connection(self):
if self.auth_protocol == 'http': if self.auth_protocol == 'http':
return self.http_client_class(self.auth_host, self.auth_port) return self.http_client_class(self.auth_host, self.auth_port,
timeout=self.http_connect_timeout)
else: else:
return self.http_client_class(self.auth_host, return self.http_client_class(self.auth_host,
self.auth_port, self.auth_port,
self.key_file, self.key_file,
self.cert_file) self.cert_file,
timeout=self.http_connect_timeout)
def _http_request(self, method, path): def _http_request(self, method, path):
"""HTTP request helper used to make unspecified content type requests. """HTTP request helper used to make unspecified content type requests.

2
tests/test_auth_token_middleware.py
View File

@@ -290,7 +290,7 @@ class FakeHTTPConnection(object):
last_requested_url = '' last_requested_url = ''
def __init__(self, *args): def __init__(self, *args, **kwargs):
self.send_valid_revocation_list = True self.send_valid_revocation_list = True
def request(self, method, path, **kwargs): def request(self, method, path, **kwargs):