Would it make sense to provide a test fixture in the middleware library for projects who want or need to test with token management?
Doug On Fri, May 30, 2014 at 12:49 PM, Brant Knudson <b...@acm.org> wrote: > > The auth_token middleware changed recently[1] to check if tokens retrieved > from the cache are expired based on the expiration time in the token. The > unit tests for Blazar, Ceilometer, and Ironic are all using a copy-pasted > fake memcache implementation that's supposed to simulate what auth_token > stores in the cache, but the tokens that it had stored weren't valid. Tokens > have an expiration time in them and these ones didn't. I don't think that > it's safe for test code to make assumptions about how the auth_token > middleware is going to store data in its cache. The format of the cached > data isn't part of the public interface. It's changed before, when > expiration times changed from *nix timestamps to iso 8601 formatted dates. > > After looking at this, I proposed a couple of changes to the auth_token > middleware. One is to have auth_token use the expiration time it has cached > and fail the auth request if the token is expired according to the cache. It > doesn't have to check the token's expiration time because it was stored as > part of the cache data. The other is to make cached token handling more > efficient by not checking the token expiration time if the token was cached. > > [1] > http://git.openstack.org/cgit/openstack/python-keystoneclient/commit/keystoneclient/middleware/auth_token.py?id=8574256f9342faeba2ce64080ab5190023524e0a > [2] https://review.openstack.org/#/c/96786/ > > - Brant > > > > On Fri, May 30, 2014 at 7:11 AM, Sylvain Bauza <sba...@redhat.com> wrote: >> >> Le 30/05/2014 14:07, Dina Belova a écrit : >> >> I did not look close to this concrete issue, but in the ceilometer there >> is almost the same thing: https://bugs.launchpad.net/ceilometer/+bug/1324885 >> and fixes were already provided. >> >> Will this help Blazar? >> >> >> Got the Ironic patch as well : >> >> https://review.openstack.org/#/c/96576/1/ironic/tests/api/utils.py >> >> Will provide a patch against Blazar. >> >> Btw, I'll close the bug. >> >> >> -- Dina >> >> >> On Fri, May 30, 2014 at 4:00 PM, Sylvain Bauza <sba...@redhat.com> wrote: >>> >>> Hi Keystone developers, >>> >>> I just opened a bug [1] because Ironic and Blazar (ex. Climate) patches >>> are failing due to a new release in Keystone client which seems to >>> regress on midleware auth. >>> >>> Do you have any ideas on if it's quick to fix, or shall I provide a >>> patch to openstack/global-requirements.txt to only accept keystoneclient >>> < 0.9.0 ? >>> >>> Thanks, >>> -Sylvain >>> >>> >>> _______________________________________________ >>> OpenStack-dev mailing list >>> OpenStack-dev@lists.openstack.org >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> >> >> >> -- >> >> Best regards, >> >> Dina Belova >> >> Software Engineer >> >> Mirantis Inc. >> >> >> >> _______________________________________________ >> OpenStack-dev mailing list >> OpenStack-dev@lists.openstack.org >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> > > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev