diff options
author | Jenkins <jenkins@review.openstack.org> | 2014-01-16 03:48:42 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2014-01-16 03:48:42 +0000 |
commit | e54a6a353c63edd389400e6f8181d165f8fe29ea (patch) | |
tree | 9d72783869a0b59787f99190fa9a393f85bedaa4 | |
parent | 01d26314d316d61443ee3a4c55f6d06bac477600 (diff) | |
parent | 7494f93dc3d295d5aa3564c614107d0332467a80 (diff) | |
download | keystone-e54a6a353c63edd389400e6f8181d165f8fe29ea.tar.gz |
Merge "reduce default token duration to one hour"
-rw-r--r-- | etc/keystone.conf.sample | 2 | ||||
-rw-r--r-- | keystone/common/config.py | 2 | ||||
-rw-r--r-- | keystone/tests/test_backend_memcache.py | 2 | ||||
-rw-r--r-- | keystone/tests/test_token_provider.py | 5 |
4 files changed, 7 insertions, 4 deletions
diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample index 2a525f59a..8396a9c9b 100644 --- a/etc/keystone.conf.sample +++ b/etc/keystone.conf.sample @@ -256,7 +256,7 @@ # provider = # Amount of time a token should remain valid (in seconds) -# expiration = 86400 +# expiration = 3600 # External auth mechanisms that should add bind information to token. # eg kerberos, x509 diff --git a/keystone/common/config.py b/keystone/common/config.py index 937943d40..25315bc73 100644 --- a/keystone/common/config.py +++ b/keystone/common/config.py @@ -69,7 +69,7 @@ FILE_OPTIONS = { 'token': [ cfg.ListOpt('bind', default=[]), cfg.StrOpt('enforce_token_bind', default='permissive'), - cfg.IntOpt('expiration', default=86400), + cfg.IntOpt('expiration', default=3600), cfg.StrOpt('provider', default=None), cfg.StrOpt('driver', default='keystone.token.backends.sql.Token'), diff --git a/keystone/tests/test_backend_memcache.py b/keystone/tests/test_backend_memcache.py index 5f92b83f4..56acc03bb 100644 --- a/keystone/tests/test_backend_memcache.py +++ b/keystone/tests/test_backend_memcache.py @@ -153,7 +153,7 @@ class MemcacheToken(tests.TestCase, test_backend.TokenTests): expired_token_id = uuid.uuid4().hex user_id = unicode(uuid.uuid4().hex) - expire_delta = datetime.timedelta(seconds=86400) + expire_delta = datetime.timedelta(seconds=CONF.token.expiration) valid_data = {'id': valid_token_id, 'a': 'b', 'user': {'id': user_id}} diff --git a/keystone/tests/test_token_provider.py b/keystone/tests/test_token_provider.py index 8b2c212e2..b25aa05a3 100644 --- a/keystone/tests/test_token_provider.py +++ b/keystone/tests/test_token_provider.py @@ -16,6 +16,7 @@ import datetime +from keystone import config from keystone import exception from keystone.openstack.common import timeutils from keystone import tests @@ -23,7 +24,9 @@ from keystone.tests import default_fixtures from keystone import token -FUTURE_DELTA = datetime.timedelta(seconds=86400) +CONF = config.CONF + +FUTURE_DELTA = datetime.timedelta(seconds=CONF.token.expiration) CURRENT_DATE = timeutils.utcnow() SAMPLE_V2_TOKEN = { |