From 3a3e2540ff10a78ca9b4dde98671f6fd970e6568 Mon Sep 17 00:00:00 2001 From: Adam Young <ayoung@redhat.com> Date: Tue, 19 Mar 2013 13:20:17 -0400 Subject: [PATCH] Config value for revocation list timeout Adds the config option 'revocation_cache_time' default of 300 seconds, same as token timeout Bug 1076083 DocImpact Change-Id: Ifd41c816dd5431f140461d6a1588364d7ecf9a62 --- keystoneclient/middleware/auth_token.py | 5 +++-- tests/test_auth_token_middleware.py | 16 +++++++++++++--- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/keystoneclient/middleware/auth_token.py b/keystoneclient/middleware/auth_token.py index 98a427b..694089c 100644 --- a/keystoneclient/middleware/auth_token.py +++ b/keystoneclient/middleware/auth_token.py @@ -215,6 +215,7 @@ opts = [ default=os.path.expanduser('~/keystone-signing')), cfg.ListOpt('memcache_servers'), cfg.IntOpt('token_cache_time', default=300), + cfg.IntOpt('revocation_cache_time', default=1), cfg.StrOpt('memcache_security_strategy', default=None), cfg.StrOpt('memcache_secret_key', default=None, secret=True) ] @@ -337,8 +338,8 @@ class AuthProtocol(object): self.token_cache_time = int(self._conf_get('token_cache_time')) self._token_revocation_list = None self._token_revocation_list_fetched_time = None - cache_timeout = datetime.timedelta(seconds=0) - self.token_revocation_list_cache_timeout = cache_timeout + self.token_revocation_list_cache_timeout = datetime.timedelta( + seconds=self._conf_get('revocation_cache_time')) http_connect_timeout_cfg = self._conf_get('http_connect_timeout') self.http_connect_timeout = (http_connect_timeout_cfg and int(http_connect_timeout_cfg)) diff --git a/tests/test_auth_token_middleware.py b/tests/test_auth_token_middleware.py index 59f3d22..f2615d6 100644 --- a/tests/test_auth_token_middleware.py +++ b/tests/test_auth_token_middleware.py @@ -625,8 +625,6 @@ class BaseAuthTokenMiddlewareTest(testtools.TestCase): self.middleware = auth_token.AuthProtocol(fake_app(expected_env), conf) self.middleware._iso8601 = iso8601 self.middleware.revoked_file_name = tempfile.mkstemp()[1] - cache_timeout = datetime.timedelta(days=1) - self.middleware.token_revocation_list_cache_timeout = cache_timeout self.middleware.token_revocation_list = jsonutils.dumps( {"revoked": [], "extra": "success"}) @@ -748,7 +746,8 @@ class AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest): def test_init_does_not_call_http(self): conf = { 'auth_host': 'keystone.example.com', - 'auth_port': 1234 + 'auth_port': 1234, + 'revocation_cache_time': 1 } self.set_fake_http(RaisingHTTPConnection) self.set_middleware(conf=conf, fake_http=RaisingHTTPConnection) @@ -1165,6 +1164,17 @@ class AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest): } self.assertRaises(Exception, self.set_middleware, conf) + def test_config_revocation_cache_timeout(self): + conf = { + 'auth_host': 'keystone.example.com', + 'auth_port': 1234, + 'auth_admin_prefix': '/testadmin', + 'revocation_cache_time': 24 + } + middleware = auth_token.AuthProtocol(self.fake_app, conf) + self.assertEquals(middleware.token_revocation_list_cache_timeout, + datetime.timedelta(seconds=24)) + class v2AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest): """ v2 token specific tests.