From 878695ce067c99e5a8e595aedbeb659692efbea7 Mon Sep 17 00:00:00 2001 From: Chmouel Boudjnah Date: Thu, 14 Feb 2013 14:43:54 +0100 Subject: [PATCH] Allow configure auth_token http connect timeout. - Fixes bug 939613. Change-Id: Ic8cfc36e02212eeb987e509893369c0a47d9209a --- doc/source/middlewarearchitecture.rst | 2 ++ keystoneclient/middleware/auth_token.py | 10 ++++++++-- tests/test_auth_token_middleware.py | 2 +- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/doc/source/middlewarearchitecture.rst b/doc/source/middlewarearchitecture.rst index 59a6db025..407a5d273 100644 --- a/doc/source/middlewarearchitecture.rst +++ b/doc/source/middlewarearchitecture.rst @@ -184,6 +184,8 @@ Configuration Options * ``delay_auth_decision``: (optional, default `0`) (off). If on, the middleware will not reject invalid auth requests, but will delegate that decision to downstream WSGI components. +* ``http_connect_timeout``: (optional, default `python default` allow increase + the timeout when validating token by http). * ``auth_port``: (optional, default `35357`) the port used to validate tokens * ``auth_protocol``: (optional, default `https`) * ``auth_uri``: (optional, defaults to `auth_protocol`://`auth_host`:`auth_port`) diff --git a/keystoneclient/middleware/auth_token.py b/keystoneclient/middleware/auth_token.py index 06e263899..893738b9a 100644 --- a/keystoneclient/middleware/auth_token.py +++ b/keystoneclient/middleware/auth_token.py @@ -161,6 +161,7 @@ opts = [ cfg.StrOpt('auth_protocol', default='https'), cfg.StrOpt('auth_uri', default=None), cfg.BoolOpt('delay_auth_decision', default=False), + cfg.BoolOpt('http_connect_timeout', default=None), cfg.StrOpt('admin_token', secret=True), cfg.StrOpt('admin_user'), cfg.StrOpt('admin_password', secret=True), @@ -287,6 +288,9 @@ class AuthProtocol(object): self._token_revocation_list_fetched_time = None cache_timeout = datetime.timedelta(seconds=0) self.token_revocation_list_cache_timeout = cache_timeout + http_connect_timeout_cfg = self._conf_get('http_connect_timeout') + self.http_connect_timeout = (http_connect_timeout_cfg and + int(http_connect_timeout_cfg)) def _assert_valid_memcache_protection_config(self): if self._memcache_security_strategy: @@ -439,12 +443,14 @@ class AuthProtocol(object): def _get_http_connection(self): if self.auth_protocol == 'http': - return self.http_client_class(self.auth_host, self.auth_port) + return self.http_client_class(self.auth_host, self.auth_port, + timeout=self.http_connect_timeout) else: return self.http_client_class(self.auth_host, self.auth_port, self.key_file, - self.cert_file) + self.cert_file, + timeout=self.http_connect_timeout) def _http_request(self, method, path): """HTTP request helper used to make unspecified content type requests. diff --git a/tests/test_auth_token_middleware.py b/tests/test_auth_token_middleware.py index acc36b948..3a227d064 100644 --- a/tests/test_auth_token_middleware.py +++ b/tests/test_auth_token_middleware.py @@ -289,7 +289,7 @@ class FakeHTTPConnection(object): last_requested_url = '' - def __init__(self, *args): + def __init__(self, *args, **kwargs): self.send_valid_revocation_list = True def request(self, method, path, **kwargs):