diff options
| author | Julien Danjou <julien@danjou.info> | 2013-01-30 18:07:29 +0100 |
|---|---|---|
| committer | Julien Danjou <julien@danjou.info> | 2013-02-01 10:27:52 +0100 |
| commit | 01735608644a8b71d98f7798ccd6549e4db5de48 (patch) | |
| tree | 3d2d865a7e3a8c9cca437954f124e0e14bff4536 /keystoneclient/client.py | |
| parent | 92bf8a7af9b742e4b96689cccea1186b38ca41bf (diff) | |
| download | python-keystoneclient-01735608644a8b71d98f7798ccd6549e4db5de48.tar.gz | |
Implements token expiration handling
This implements handling of token expiration. Once the token is expired,
this will request automatically for a new one.
A special case is introduced if the user specified a token when the client
is initialized: this is the auth_token_from_user. In this case, we can't
know the expiration date, so we just assume it will never expire and don't
handle it ourself.
Change-Id: I3771ff5d669da015d4aa259de422c5d81aed3eb4
Signed-off-by: Julien Danjou <julien@danjou.info>
Diffstat (limited to 'keystoneclient/client.py')
| -rw-r--r-- | keystoneclient/client.py | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/keystoneclient/client.py b/keystoneclient/client.py index 77e8b3c..fe4fb76 100644 --- a/keystoneclient/client.py +++ b/keystoneclient/client.py @@ -71,7 +71,6 @@ class HTTPClient(object): self.tenant_id = None self.tenant_name = None self.auth_url = None - self.auth_token = None self.management_url = None if timeout is not None: self.timeout = float(timeout) @@ -86,7 +85,6 @@ class HTTPClient(object): self.tenant_name = self.auth_ref.tenant_name self.auth_url = self.auth_ref.auth_url[0] self.management_url = self.auth_ref.management_url[0] - self.auth_token = self.auth_ref.auth_token # allow override of the auth_ref defaults from explicit # values provided to the client if username: @@ -98,7 +96,9 @@ class HTTPClient(object): if auth_url: self.auth_url = auth_url.rstrip('/') if token: - self.auth_token = token + self.auth_token_from_user = token + else: + self.auth_token_from_user = None if endpoint: self.management_url = endpoint.rstrip('/') self.password = password @@ -129,6 +129,23 @@ class HTTPClient(object): self.stale_duration = stale_duration or access.STALE_TOKEN_DURATION self.stale_duration = int(self.stale_duration) + @property + def auth_token(self): + if self.auth_token_from_user: + return self.auth_token_from_user + if self.auth_ref: + if self.auth_ref.will_expire_soon(self.stale_duration): + self.authenticate() + return self.auth_ref.auth_token + + @auth_token.setter + def auth_token(self, value): + self.auth_token_from_user = value + + @auth_token.deleter + def auth_token(selef): + del self.auth_token_from_user + def authenticate(self, username=None, password=None, tenant_name=None, tenant_id=None, auth_url=None, token=None): """ Authenticate user. @@ -168,7 +185,12 @@ class HTTPClient(object): password = password or self.password tenant_name = tenant_name or self.tenant_name tenant_id = tenant_id or self.tenant_id - token = token or self.auth_token + + if not token: + token = self.auth_token_from_user + if (not token and self.auth_ref + and not self.auth_ref.will_expire_soon(self.stale_duration)): + token = self.auth_ref.auth_token (keyring_key, auth_ref) = self.get_auth_ref_from_keyring(auth_url, username, @@ -227,7 +249,7 @@ class HTTPClient(object): keyring_key) if auth_ref: auth_ref = pickle.loads(auth_ref) - if auth_ref.will_expire_soon(self.stale_duration): + if self.auth_ref.will_expire_soon(self.stale_duration): # token has expired, don't use it auth_ref = None except Exception as e: |