Merge "Check Expiry"0.2.4

author: Jenkins <jenkins@review.openstack.org> 2013-05-28 16:51:00 +0000
committer: Gerrit Code Review <review@openstack.org> 2013-05-28 16:51:00 +0000
commit: 111e7304f5bc9e7a2c726084038b5f8692ec940a (patch)
tree: e482efecb9f1867b15772e1ce273b34675da9db5
parent: d202da568441341f4f6abce2894016164a0562e0 (diff)
parent: 8fe7a822d3fd9f435bb4a73a838b380659196cf7 (diff)
download: python-keystoneclient-111e7304f5bc9e7a2c726084038b5f8692ec940a.tar.gz
23 files changed, 199 insertions, 136 deletions
diff --git a/examples/pki/certs/cacert.pem b/examples/pki/certs/cacert.pem
index 1b5ff82..6eb1a87 100644
--- a/examples/pki/certs/cacert.pem
+++ b/examples/pki/certs/cacert.pem
@@ -1,18 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIIC0TCCAjqgAwIBAgIJAPahRNeykBzVMA0GCSqGSIb3DQEBBQUAMIGeMQowCAYD
+MIIC0TCCAjqgAwIBAgIJAJ+8kJVQMu5VMA0GCSqGSIb3DQEBBQUAMIGeMQowCAYD
 VQQFEwE1MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVN1bm55
 dmFsZTESMBAGA1UEChMJT3BlblN0YWNrMREwDwYDVQQLEwhLZXlzdG9uZTElMCMG
 CSqGSIb3DQEJARYWa2V5c3RvbmVAb3BlbnN0YWNrLm9yZzEUMBIGA1UEAxMLU2Vs
-ZiBTaWduZWQwIBcNMTMwMzI0MDkwNTIzWhgPMjA3MTA5MTYwOTA1MjNaMIGeMQow
+ZiBTaWduZWQwIBcNMTMwNTI4MTM0OTMxWhgPMjA3MTExMjAxMzQ5MzFaMIGeMQow
 CAYDVQQFEwE1MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVN1
 bm55dmFsZTESMBAGA1UEChMJT3BlblN0YWNrMREwDwYDVQQLEwhLZXlzdG9uZTEl
 MCMGCSqGSIb3DQEJARYWa2V5c3RvbmVAb3BlbnN0YWNrLm9yZzEUMBIGA1UEAxML
-U2VsZiBTaWduZWQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ9ua8GSnhyR
-r7J5Wvu+PTwU4Vo2KrazwwE/Fd32dcZtX6at0/Zr62dADsC0Ig6MTfVZCIrrf2HJ
-pTzWCXa4n0kZXRZaq/L/qIv3Yl51FAOl06nCCsC1g+IIG4OnnQW+YbLfB0MHsOV/
-TdFbC6Y5t4UzFh0i6WqF7Z9ADKsBBXYlAgMBAAGjEzARMA8GA1UdEwEB/wQFMAMB
-Af8wDQYJKoZIhvcNAQEFBQADgYEACDpeI6XYf9yt+7cmG1r3i0a+GTXcMjz1WHOW
-/KVYKjolMLaAygmcUls0uecI8XCUFYqM5L9M9cTl8iUOAkyYvUfpWAFaxhzEkLZ6
-HkNEd1BfrUJAG2C2vVgCbnok+ltjMnl2EM/e7YuV3bc1CSfs9UvAM54ArVYyNVKU
-dufa8EQ=
+U2VsZiBTaWduZWQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANP4aC8OC1gE
+7zIoMIndBoR+SFmiC+FQ7JTQBa4rLhT63Zkw8Mb9W+x51mnphsX9QjXT/Fh4e617
+UQDto2bF3FgVfxj8teMHA4UBLDjlJIJWak+ZAROYwL8cZHOtFcjv5BxR6PXhSywu
+fHZKNvqIv321L7TCuV6w05jrMegH7zQpAgMBAAGjEzARMA8GA1UdEwEB/wQFMAMB
+Af8wDQYJKoZIhvcNAQEFBQADgYEAhz2Q++D6bbLa/MamMK/k+MPiFEj46d/RsSDS
+4XIDK5xsn7sXO0UW830IwtyUIrMuFSGix5oKmPgyJGSVZHjLsVT+4bh8puMvE4ic
+QuWhLJmwDaTv11Q9FYIB3jEbvprx+PvqAydkHBdw8zCDwXmpo/Arc1Br7gKuR5WS
+gkRQZIw=
 -----END CERTIFICATE-----
diff --git a/examples/pki/certs/middleware.pem b/examples/pki/certs/middleware.pem
index d93d2e3..bacc361 100644
--- a/examples/pki/certs/middleware.pem
+++ b/examples/pki/certs/middleware.pem
@@ -3,31 +3,31 @@ MIICoTCCAgoCARAwDQYJKoZIhvcNAQEFBQAwgZ4xCjAIBgNVBAUTATUxCzAJBgNV
 BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQK
 EwlPcGVuU3RhY2sxETAPBgNVBAsTCEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZr
 ZXlzdG9uZUBvcGVuc3RhY2sub3JnMRQwEgYDVQQDEwtTZWxmIFNpZ25lZDAgFw0x
-MzAzMjQwOTA1MjNaGA8yMDcxMDkxNjA5MDUyM1owgZAxCzAJBgNVBAYTAlVTMQsw
+MzA1MjgxMzQ5MzFaGA8yMDcxMTEyMDEzNDkzMVowgZAxCzAJBgNVBAYTAlVTMQsw
 CQYDVQQIEwJDQTESMBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQKEwlPcGVuU3Rh
 Y2sxETAPBgNVBAsTCEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZrZXlzdG9uZUBv
 cGVuc3RhY2sub3JnMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEB
-BQADgY0AMIGJAoGBAKFS7ztV1Ur3H+J+UrQlkxtbE/yr8GzJ+JO5yqG7OWpACtxS
-m3EQ1+qTLtHSIrwCeON2K6zht+HDxht9ATw61c3qu6NQYpfW//VH7bXXTZnF5c+d
-j1awpfqejzSL6dQO5grRl1Z2JF4IR//ziCXqgzk/QdzVYjZiH0+JYaM56ukRAgMB
-AAEwDQYJKoZIhvcNAQEFBQADgYEAltmvie7cuAnYbsJlHSjK84mHrEOUgpwy+Z8s
-b+Pflr7NIM9menQhKJ8/S/Xap0nPcFRxsg11eqT/sHh1pROmWkBaFfx6l+8snZt6
-cF5WI/XylgSE0n+/xbUmcRpY8frAAlp2eWxCFtzs8DMWYhHP+kySYhkkYT114Uu7
-Oaj5ztQ=
+BQADgY0AMIGJAoGBAKu9aaVODW0VF29oQXs/mN/PO9cXS4YtmwhIgV6TrvRTsSjm
+jAHf8hy4C0bCGNQfIWkyICp2JYNnhBkE52VYPMwY1sOyNebN4jV9WcPGoMlobxy2
+VBTAroom975qRG5HhEbGD27NLqXbJmM6b4+0JdlJn5iWT/7HtbSUnz1p2oVRAgMB
+AAEwDQYJKoZIhvcNAQEFBQADgYEAV3fx8dy+iHQWmho5cN9nO+XZOYFCehfSf8JO
+pAAStYx9lt4IolZ68OOP0hVJZAj5mf1gU9wiMaoFVOSVyqOg4Ss0LLkyojaVO5Q2
+QQHQbWqUU5OY5IcKN2yArFSHDqyVjmNQjnyfiViomeSNkreIQnP61l6JGNMJEim5
+DYYH/rw=
 -----END CERTIFICATE-----
 -----BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKFS7ztV1Ur3H+J+
-UrQlkxtbE/yr8GzJ+JO5yqG7OWpACtxSm3EQ1+qTLtHSIrwCeON2K6zht+HDxht9
-ATw61c3qu6NQYpfW//VH7bXXTZnF5c+dj1awpfqejzSL6dQO5grRl1Z2JF4IR//z
-iCXqgzk/QdzVYjZiH0+JYaM56ukRAgMBAAECgYARVPiw1kLpH+3EBrBZ/GN2n+1g
-yxQ0i+px7JcRkyzS9nh0PUfH+PhJknCISFxE+LsGLQ76LvHzhnYFRAPa9bM8lZQx
-gAjroYx8vXSD5pcmDs+7SqxWCP/PI9IlT6F0dHanwXcLPjPCeBUZN/Z/ZyuOIpML
-DMDfbXHpbg9BF41qJQJBANPJ2VG6KrSqxzM1f7AHSpOp2UZqylMCe14TMSkWaHHX
-Bla8p+6D76Ixskh49L9yEpxFplgLP3fRcFfNpRCUSY8CQQDDADhxiQ+jsR69YJMe
-QYXYLpQfF2751x789NPfpytDEUOFZ8yyyLp3aNOAYoMrLXaMQTLTJgT5dA2D8QdU
-shNfAkEAwDzEnPFt2CX3wFy8NSy5HcWbKda/JY/oKSEki1YCoep6n3qIt/BcMI4J
-dM0N40SI7f4umlZDWt/pqFlKjfz7swJARYbjmR+ccunpIu63JdeI6G6bI4bQa8ZW
-5yxICvtowm36XCuJYcmOKps2phT53cBE/3cTrxNkPKkzVHLxATLJEwJBAL5sOt1g
-ChxUqvhBQtTgToX/WTDtGF3PEBNwU0YeOz4GweoqABxMzg08W/6rvsIFismNuWY5
-W6bZ8CxyKPcq/aE=
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKu9aaVODW0VF29o
+QXs/mN/PO9cXS4YtmwhIgV6TrvRTsSjmjAHf8hy4C0bCGNQfIWkyICp2JYNnhBkE
+52VYPMwY1sOyNebN4jV9WcPGoMlobxy2VBTAroom975qRG5HhEbGD27NLqXbJmM6
+b4+0JdlJn5iWT/7HtbSUnz1p2oVRAgMBAAECgYEAmehJgScNyTAZrHGWHUnFSu2B
+ByWNPVYplabEqWlYZQWLwse5uQRlCW+2S1cuwQqU+p09TlBLFhPywiku5hfJgvZx
+EzjAJHYFdrGreD5y9NKapuWfaSM/JZ2+3u1Cy+d/0MoLbAd6Bmc8YU2NH1VPCPGQ
+q2fKCweMrYaymmcD7wECQQDdUnFycODvaXWlYAaCVvOWllejNhA+uA1ljmhEAoEh
+ES12LdM7cDK9szq55WZ2UPNS/8huCMfPDtBRHy+twsSZAkEAxqYn1sK3WWX8bzu5
+Eu7cpcFvYTvoJYVChK7LjplpKACnRzcQztPi/aLS0UVtjyf7+zhZTNDexwhm0hWJ
+o58BeQJAXxMAaxH0fsRF5pHWmf0yTNkuso0R829rSdogDj8pK4ROjDrpR9pN4dHx
+g1P5bRAfRuNcPXCGLPuHH6IPAEzv2QJAe2PR8zBXuwwCVQV/3CbKn5sbmAYiGMxB
+mTEJ97WK//IH9dBafF5Y7LsqwBqkBvwLJOzHa1OCTZcGZxBBwoSN4QJAUy4DMkdb
+ENukagZ6ddkoQbJ7vDMuZfjl+R8B0YL10rLShhbcy4iLzs8ujqt4z1VznaAZBXaQ
+ctiy9/gBMhudwA==
 -----END PRIVATE KEY-----
diff --git a/examples/pki/certs/signing_cert.pem b/examples/pki/certs/signing_cert.pem
index 6e5054d..d326411 100644
--- a/examples/pki/certs/signing_cert.pem
+++ b/examples/pki/certs/signing_cert.pem
@@ -3,15 +3,15 @@ MIICoDCCAgkCAREwDQYJKoZIhvcNAQEFBQAwgZ4xCjAIBgNVBAUTATUxCzAJBgNV
 BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQK
 EwlPcGVuU3RhY2sxETAPBgNVBAsTCEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZr
 ZXlzdG9uZUBvcGVuc3RhY2sub3JnMRQwEgYDVQQDEwtTZWxmIFNpZ25lZDAgFw0x
-MzAzMjQwOTA1MjNaGA8yMDcxMDkxNjA5MDUyM1owgY8xCzAJBgNVBAYTAlVTMQsw
+MzA1MjgxMzQ5MzFaGA8yMDcxMTEyMDEzNDkzMVowgY8xCzAJBgNVBAYTAlVTMQsw
 CQYDVQQIEwJDQTESMBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQKEwlPcGVuU3Rh
 Y2sxETAPBgNVBAsTCEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZrZXlzdG9uZUBv
 cGVuc3RhY2sub3JnMREwDwYDVQQDEwhLZXlzdG9uZTCBnzANBgkqhkiG9w0BAQEF
-AAOBjQAwgYkCgYEAv1bjDJlncTxQYShlKHfWKn7w3e8NL21N8/89THHl8r+c3sXO
-LIkn66WRCiVrJw0k5zmQ004bLFr/609KQzixkJaryKAgh6Gkl5q4HWcUF1AIHi3t
-sjcRtWMC14hvLiDHRFla69LJiuQ7SeHygIY9Yrco09f9uPi8FUmS8t9ufXECAwEA
-ATANBgkqhkiG9w0BAQUFAAOBgQA3wpXMrW/gk2pJNLFtFBKo3nQ4hMWSaRBNW9s6
-WpTFgIX1WdkAxz8C2WQRf1VYYaMOGO5SJBV9MDi2hIb93CcH5r+3ExdV4McWzYLL
-zNpqPIp6JLehSrxNWUyHlBCVZyVBVOliTv57Woy8MczCbpeOhx/9DjDMvlISflXr
-6Y6Zug==
+AAOBjQAwgYkCgYEAxokm1kFNm2ixp0ajnouA2TMAhWZ2p+WOaG90oWgorYhNM3kc
+l4HO1uCl5BQLCpxzgh3qC9y6KORDas91VcY2eArB9D2vibVKauYg6iOoILSZp27q
+Gz6b2LdS1Aob4NeBrql0z6J5FtSP+EtgMNxb5xa5QerPo8fjeVtM0XXzCj8CAwEA
+ATANBgkqhkiG9w0BAQUFAAOBgQC6JNiZe0Sm+GMbezlvmbiJ5SkxaDePbVEeb4dc
+8NuJNT9s3nwqA2em+1CVy/Hb4L5ML0vfiyWOcTaUr/yYgjO9gVTSmCvuIzjwYCBt
+hJoqCxz/2al1/LT1tlg7g90+wSbEXy6AI4RQmWVI9UI5+DGMYQ4RPM02oCHy/lKO
+9LQv3g==
 -----END CERTIFICATE-----
diff --git a/examples/pki/certs/ssl_cert.pem b/examples/pki/certs/ssl_cert.pem
index d705cf6..08de9c6 100644
--- a/examples/pki/certs/ssl_cert.pem
+++ b/examples/pki/certs/ssl_cert.pem
@@ -3,15 +3,15 @@ MIICoTCCAgoCARAwDQYJKoZIhvcNAQEFBQAwgZ4xCjAIBgNVBAUTATUxCzAJBgNV
 BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQK
 EwlPcGVuU3RhY2sxETAPBgNVBAsTCEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZr
 ZXlzdG9uZUBvcGVuc3RhY2sub3JnMRQwEgYDVQQDEwtTZWxmIFNpZ25lZDAgFw0x
-MzAzMjQwOTA1MjNaGA8yMDcxMDkxNjA5MDUyM1owgZAxCzAJBgNVBAYTAlVTMQsw
+MzA1MjgxMzQ5MzFaGA8yMDcxMTEyMDEzNDkzMVowgZAxCzAJBgNVBAYTAlVTMQsw
 CQYDVQQIEwJDQTESMBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQKEwlPcGVuU3Rh
 Y2sxETAPBgNVBAsTCEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZrZXlzdG9uZUBv
 cGVuc3RhY2sub3JnMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEB
-BQADgY0AMIGJAoGBAKFS7ztV1Ur3H+J+UrQlkxtbE/yr8GzJ+JO5yqG7OWpACtxS
-m3EQ1+qTLtHSIrwCeON2K6zht+HDxht9ATw61c3qu6NQYpfW//VH7bXXTZnF5c+d
-j1awpfqejzSL6dQO5grRl1Z2JF4IR//ziCXqgzk/QdzVYjZiH0+JYaM56ukRAgMB
-AAEwDQYJKoZIhvcNAQEFBQADgYEAltmvie7cuAnYbsJlHSjK84mHrEOUgpwy+Z8s
-b+Pflr7NIM9menQhKJ8/S/Xap0nPcFRxsg11eqT/sHh1pROmWkBaFfx6l+8snZt6
-cF5WI/XylgSE0n+/xbUmcRpY8frAAlp2eWxCFtzs8DMWYhHP+kySYhkkYT114Uu7
-Oaj5ztQ=
+BQADgY0AMIGJAoGBAKu9aaVODW0VF29oQXs/mN/PO9cXS4YtmwhIgV6TrvRTsSjm
+jAHf8hy4C0bCGNQfIWkyICp2JYNnhBkE52VYPMwY1sOyNebN4jV9WcPGoMlobxy2
+VBTAroom975qRG5HhEbGD27NLqXbJmM6b4+0JdlJn5iWT/7HtbSUnz1p2oVRAgMB
+AAEwDQYJKoZIhvcNAQEFBQADgYEAV3fx8dy+iHQWmho5cN9nO+XZOYFCehfSf8JO
+pAAStYx9lt4IolZ68OOP0hVJZAj5mf1gU9wiMaoFVOSVyqOg4Ss0LLkyojaVO5Q2
+QQHQbWqUU5OY5IcKN2yArFSHDqyVjmNQjnyfiViomeSNkreIQnP61l6JGNMJEim5
+DYYH/rw=
 -----END CERTIFICATE-----
diff --git a/examples/pki/cms/auth_token_revoked.json b/examples/pki/cms/auth_token_revoked.json
index 92c6922..4b4d44e 100644
--- a/examples/pki/cms/auth_token_revoked.json
+++ b/examples/pki/cms/auth_token_revoked.json
@@ -1 +1 @@
-{"access": {"serviceCatalog": [{"endpoints": [{"adminURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "volume", "name": "volume"}, {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v2.0", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v2.0", "publicURL": "http://127.0.0.1:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],"token": {"expires": "2012-06-02T14:47:34Z", "id": "placeholder", "tenant": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1"}}, "user": {"username": "revoked_username1", "roles_links": ["role1","role2"], "id": "revoked_user_id1", "roles": [{"name": "role1"}, {"name": "role2"}], "name": "revoked_username1"}}}
+{"access": {"serviceCatalog": [{"endpoints": [{"adminURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "volume", "name": "volume"}, {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v2.0", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v2.0", "publicURL": "http://127.0.0.1:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],"token": {"expires": "2112-06-02T14:47:34Z", "id": "placeholder", "tenant": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1"}}, "user": {"username": "revoked_username1", "roles_links": ["role1","role2"], "id": "revoked_user_id1", "roles": [{"name": "role1"}, {"name": "role2"}], "name": "revoked_username1"}}}
diff --git a/examples/pki/cms/auth_token_revoked.pem b/examples/pki/cms/auth_token_revoked.pem
index 706a82d..4c43cb7 100644
--- a/examples/pki/cms/auth_token_revoked.pem
+++ b/examples/pki/cms/auth_token_revoked.pem
@@ -24,7 +24,7 @@ MC4wLjE6MzUzNTcvdjIuMCIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwgImludGVy
 bmFsVVJMIjogImh0dHA6Ly8xMjcuMC4wLjE6MzUzNTcvdjIuMCIsICJwdWJsaWNV
 UkwiOiAiaHR0cDovLzEyNy4wLjAuMTo1MDAwL3YyLjAifV0sICJlbmRwb2ludHNf
 bGlua3MiOiBbXSwgInR5cGUiOiAiaWRlbnRpdHkiLCAibmFtZSI6ICJrZXlzdG9u
-ZSJ9XSwidG9rZW4iOiB7ImV4cGlyZXMiOiAiMjAxMi0wNi0wMlQxNDo0NzozNFoi
+ZSJ9XSwidG9rZW4iOiB7ImV4cGlyZXMiOiAiMjExMi0wNi0wMlQxNDo0NzozNFoi
 LCAiaWQiOiAicGxhY2Vob2xkZXIiLCAidGVuYW50IjogeyJlbmFibGVkIjogdHJ1
 ZSwgImRlc2NyaXB0aW9uIjogbnVsbCwgIm5hbWUiOiAidGVuYW50X25hbWUxIiwg
 ImlkIjogInRlbmFudF9pZDEifX0sICJ1c2VyIjogeyJ1c2VybmFtZSI6ICJyZXZv
@@ -35,8 +35,8 @@ ZXJuYW1lMSJ9fX0NCjGCAUkwggFFAgEBMIGkMIGeMQowCAYDVQQFEwE1MQswCQYD
 VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVN1bm55dmFsZTESMBAGA1UE
 ChMJT3BlblN0YWNrMREwDwYDVQQLEwhLZXlzdG9uZTElMCMGCSqGSIb3DQEJARYW
 a2V5c3RvbmVAb3BlbnN0YWNrLm9yZzEUMBIGA1UEAxMLU2VsZiBTaWduZWQCAREw
-BwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEgYBVwrozZ7ZSZsTUg98slXCt52e/Y9IJ
-OOMdq28JxPs3HrNaMaZle7Q7XEGLolqLGT4k9bRNJNZwC+ldCqCApTW5c/JitZu5
-MLKLRiQpfEmkcYWe3JVciFjYV5UY9MCK6X9ltMhq9eNbmpEV+WwcLpiTIZq707oY
-L3PMMDvFW5qp2g==
+BwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEgYCwTWpPlI+O6Ur8ied6usi2LZKTw1zu
+SVEgnJHJeyTVBhakJrxf6LEaU6A2rUh49XZIX9C/RqkK+Nkjspubt9uyTn2a1dVe
+LYFd5EenjYP0p4avboi/dxJvzMVdKwsTxCRygHCsTWcXtrGpM5QZzzxnQCvuFO7x
+jdEfyBrYYveRew==
 -----END CMS-----
diff --git a/examples/pki/cms/auth_token_scoped.json b/examples/pki/cms/auth_token_scoped.json
index 16eb644..acf9e6a 100644
--- a/examples/pki/cms/auth_token_scoped.json
+++ b/examples/pki/cms/auth_token_scoped.json
@@ -1 +1 @@
-{"access": {"serviceCatalog": [{"endpoints": [{"adminURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "volume", "name": "volume"}, {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v2.0", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v2.0", "publicURL": "http://127.0.0.1:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],"token": {"expires": "2012-06-02T14:47:34Z", "id": "placeholder", "tenant": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1"}}, "user": {"username": "user_name1", "roles_links": ["role1","role2"], "id": "user_id1", "roles": [{"name": "role1"}, {"name": "role2"}], "name": "user_name1"}}}
+{"access": {"serviceCatalog": [{"endpoints": [{"adminURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "volume", "name": "volume"}, {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v2.0", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v2.0", "publicURL": "http://127.0.0.1:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],"token": {"expires": "2112-06-02T14:47:34Z", "id": "placeholder", "tenant": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1"}}, "user": {"username": "user_name1", "roles_links": ["role1","role2"], "id": "user_id1", "roles": [{"name": "role1"}, {"name": "role2"}], "name": "user_name1"}}}
diff --git a/examples/pki/cms/auth_token_scoped.pem b/examples/pki/cms/auth_token_scoped.pem
index 8fae319..2ba9325 100644
--- a/examples/pki/cms/auth_token_scoped.pem
+++ b/examples/pki/cms/auth_token_scoped.pem
@@ -24,7 +24,7 @@ MC4wLjE6MzUzNTcvdjIuMCIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwgImludGVy
 bmFsVVJMIjogImh0dHA6Ly8xMjcuMC4wLjE6MzUzNTcvdjIuMCIsICJwdWJsaWNV
 UkwiOiAiaHR0cDovLzEyNy4wLjAuMTo1MDAwL3YyLjAifV0sICJlbmRwb2ludHNf
 bGlua3MiOiBbXSwgInR5cGUiOiAiaWRlbnRpdHkiLCAibmFtZSI6ICJrZXlzdG9u
-ZSJ9XSwidG9rZW4iOiB7ImV4cGlyZXMiOiAiMjAxMi0wNi0wMlQxNDo0NzozNFoi
+ZSJ9XSwidG9rZW4iOiB7ImV4cGlyZXMiOiAiMjExMi0wNi0wMlQxNDo0NzozNFoi
 LCAiaWQiOiAicGxhY2Vob2xkZXIiLCAidGVuYW50IjogeyJlbmFibGVkIjogdHJ1
 ZSwgImRlc2NyaXB0aW9uIjogbnVsbCwgIm5hbWUiOiAidGVuYW50X25hbWUxIiwg
 ImlkIjogInRlbmFudF9pZDEifX0sICJ1c2VyIjogeyJ1c2VybmFtZSI6ICJ1c2Vy
@@ -35,7 +35,7 @@ AQEwgaQwgZ4xCjAIBgNVBAUTATUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTES
 MBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQKEwlPcGVuU3RhY2sxETAPBgNVBAsT
 CEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZrZXlzdG9uZUBvcGVuc3RhY2sub3Jn
 MRQwEgYDVQQDEwtTZWxmIFNpZ25lZAIBETAHBgUrDgMCGjANBgkqhkiG9w0BAQEF
-AASBgJVelOrkaUyy9nzse+lV6qI2OK+qDhpXBZrHUeiI62ddO4ibMZw9W2+8rbLf
-8RIbZ2eotF1BUvEomYQgz/NKmOpJUknhyP7w6BIhm1E2ZGUgU7r2mc/zf8Owkys0
-Urc/B/akAhWanh0lZcu1ti6OCc7hnuq5ox2QDNmrTBQIMoUn
+AASBgEPfxsK7jCPYJWQIWb5FncQfd0wAw6tUjo6lisJ3HRDx+hbfzMcWcxpUEOcp
+dQ05cTXAftLhtxSw5IP2TQp68zs/Y9fhwMSn4yFla5bvaqxQIgsdzpX6O8BnKfkD
+DYt2iOzbgrZawe3q8mOqxa+Vv65eDwBbsbIasqieMSjdmBiV
 -----END CMS-----
diff --git a/examples/pki/cms/auth_token_scoped_expired.json b/examples/pki/cms/auth_token_scoped_expired.json
new file mode 100644
index 0000000..d36d8cf
--- /dev/null
+++ b/examples/pki/cms/auth_token_scoped_expired.json
@@ -0,0 +1 @@
+{"access": {"serviceCatalog": [{"endpoints": [{"adminURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "volume", "name": "volume"}, {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v2.0", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v2.0", "publicURL": "http://127.0.0.1:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],"token": {"expires": "2010-06-02T14:47:34Z", "id": "placeholder", "tenant": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1"}}, "user": {"username": "user_name1", "roles_links": ["role1","role2"], "id": "user_id1", "roles": [{"name": "role1"}, {"name": "role2"}], "name": "user_name1"}}}
diff --git a/examples/pki/cms/auth_token_scoped_expired.pem b/examples/pki/cms/auth_token_scoped_expired.pem
new file mode 100644
index 0000000..0febbb4
--- /dev/null
+++ b/examples/pki/cms/auth_token_scoped_expired.pem
@@ -0,0 +1,41 @@
+-----BEGIN CMS-----
+MIIHQAYJKoZIhvcNAQcCoIIHMTCCBy0CAQExCTAHBgUrDgMCGjCCBc4GCSqGSIb3
+DQEHAaCCBb8EggW7eyJhY2Nlc3MiOiB7InNlcnZpY2VDYXRhbG9nIjogW3siZW5k
+cG9pbnRzIjogW3siYWRtaW5VUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo4Nzc2L3Yx
+LzY0YjZmM2ZiY2M1MzQzNWU4YTYwZmNmODliYjY2MTdhIiwgInJlZ2lvbiI6ICJy
+ZWdpb25PbmUiLCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo4Nzc2
+L3YxLzY0YjZmM2ZiY2M1MzQzNWU4YTYwZmNmODliYjY2MTdhIiwgInB1YmxpY1VS
+TCI6ICJodHRwOi8vMTI3LjAuMC4xOjg3NzYvdjEvNjRiNmYzZmJjYzUzNDM1ZThh
+NjBmY2Y4OWJiNjYxN2EifV0sICJlbmRwb2ludHNfbGlua3MiOiBbXSwgInR5cGUi
+OiAidm9sdW1lIiwgIm5hbWUiOiAidm9sdW1lIn0sIHsiZW5kcG9pbnRzIjogW3si
+YWRtaW5VUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo5MjkyL3YxIiwgInJlZ2lvbiI6
+ICJyZWdpb25PbmUiLCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo5
+MjkyL3YxIiwgInB1YmxpY1VSTCI6ICJodHRwOi8vMTI3LjAuMC4xOjkyOTIvdjEi
+fV0sICJlbmRwb2ludHNfbGlua3MiOiBbXSwgInR5cGUiOiAiaW1hZ2UiLCAibmFt
+ZSI6ICJnbGFuY2UifSwgeyJlbmRwb2ludHMiOiBbeyJhZG1pblVSTCI6ICJodHRw
+Oi8vMTI3LjAuMC4xOjg3NzQvdjEuMS82NGI2ZjNmYmNjNTM0MzVlOGE2MGZjZjg5
+YmI2NjE3YSIsICJyZWdpb24iOiAicmVnaW9uT25lIiwgImludGVybmFsVVJMIjog
+Imh0dHA6Ly8xMjcuMC4wLjE6ODc3NC92MS4xLzY0YjZmM2ZiY2M1MzQzNWU4YTYw
+ZmNmODliYjY2MTdhIiwgInB1YmxpY1VSTCI6ICJodHRwOi8vMTI3LjAuMC4xOjg3
+NzQvdjEuMS82NGI2ZjNmYmNjNTM0MzVlOGE2MGZjZjg5YmI2NjE3YSJ9XSwgImVu
+ZHBvaW50c19saW5rcyI6IFtdLCAidHlwZSI6ICJjb21wdXRlIiwgIm5hbWUiOiAi
+bm92YSJ9LCB7ImVuZHBvaW50cyI6IFt7ImFkbWluVVJMIjogImh0dHA6Ly8xMjcu
+MC4wLjE6MzUzNTcvdjIuMCIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwgImludGVy
+bmFsVVJMIjogImh0dHA6Ly8xMjcuMC4wLjE6MzUzNTcvdjIuMCIsICJwdWJsaWNV
+UkwiOiAiaHR0cDovLzEyNy4wLjAuMTo1MDAwL3YyLjAifV0sICJlbmRwb2ludHNf
+bGlua3MiOiBbXSwgInR5cGUiOiAiaWRlbnRpdHkiLCAibmFtZSI6ICJrZXlzdG9u
+ZSJ9XSwidG9rZW4iOiB7ImV4cGlyZXMiOiAiMjAxMC0wNi0wMlQxNDo0NzozNFoi
+LCAiaWQiOiAicGxhY2Vob2xkZXIiLCAidGVuYW50IjogeyJlbmFibGVkIjogdHJ1
+ZSwgImRlc2NyaXB0aW9uIjogbnVsbCwgIm5hbWUiOiAidGVuYW50X25hbWUxIiwg
+ImlkIjogInRlbmFudF9pZDEifX0sICJ1c2VyIjogeyJ1c2VybmFtZSI6ICJ1c2Vy
+X25hbWUxIiwgInJvbGVzX2xpbmtzIjogWyJyb2xlMSIsInJvbGUyIl0sICJpZCI6
+ICJ1c2VyX2lkMSIsICJyb2xlcyI6IFt7Im5hbWUiOiAicm9sZTEifSwgeyJuYW1l
+IjogInJvbGUyIn1dLCAibmFtZSI6ICJ1c2VyX25hbWUxIn19fQ0KMYIBSTCCAUUC
+AQEwgaQwgZ4xCjAIBgNVBAUTATUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTES
+MBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQKEwlPcGVuU3RhY2sxETAPBgNVBAsT
+CEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZrZXlzdG9uZUBvcGVuc3RhY2sub3Jn
+MRQwEgYDVQQDEwtTZWxmIFNpZ25lZAIBETAHBgUrDgMCGjANBgkqhkiG9w0BAQEF
+AASBgAo6fTuvdeQcLH4s/44uS0dtleGqe8LbMmIlZM5OVBTlylIAfqS52+V8o4b0
+7AvkuNEJHcexm+Jwbf9PLnIAnv+Ug6Um9ORid2PtV8DDpljTxaPZoU9693Zd26UN
+kGJIRcISq3KuaDjKM1cwVJKpviXNvIIOBQK2qXOa+t5TWrvo
+-----END CMS-----
diff --git a/examples/pki/cms/auth_token_unscoped.json b/examples/pki/cms/auth_token_unscoped.json
index b2340a7..102c12f 100644
--- a/examples/pki/cms/auth_token_unscoped.json
+++ b/examples/pki/cms/auth_token_unscoped.json
@@ -1 +1 @@
-{"access": {"token": {"expires": "2012-08-17T15:35:34Z", "id": "01e032c996ef4406b144335915a41e79"}, "serviceCatalog": {}, "user": {"username": "user_name1", "roles_links": [], "id": "c9c89e3be3ee453fbf00c7966f6d3fbd", "roles": [{'name': 'role1'},{'name': 'role2'},], "name": "user_name1"}}}
-\ No newline at end of file
+{"access": {"token": {"expires": "2112-08-17T15:35:34Z", "id": "01e032c996ef4406b144335915a41e79"}, "serviceCatalog": {}, "user": {"username": "user_name1", "roles_links": [], "id": "c9c89e3be3ee453fbf00c7966f6d3fbd", "roles": [{'name': 'role1'},{'name': 'role2'},], "name": "user_name1"}}}
+\ No newline at end of file
diff --git a/examples/pki/cms/auth_token_unscoped.pem b/examples/pki/cms/auth_token_unscoped.pem
index 610e36f..b7cb4ec 100644
--- a/examples/pki/cms/auth_token_unscoped.pem
+++ b/examples/pki/cms/auth_token_unscoped.pem
@@ -1,6 +1,6 @@
 -----BEGIN CMS-----
 MIICpwYJKoZIhvcNAQcCoIICmDCCApQCAQExCTAHBgUrDgMCGjCCATUGCSqGSIb3
-DQEHAaCCASYEggEieyJhY2Nlc3MiOiB7InRva2VuIjogeyJleHBpcmVzIjogIjIw
+DQEHAaCCASYEggEieyJhY2Nlc3MiOiB7InRva2VuIjogeyJleHBpcmVzIjogIjIx
 MTItMDgtMTdUMTU6MzU6MzRaIiwgImlkIjogIjAxZTAzMmM5OTZlZjQ0MDZiMTQ0
 MzM1OTE1YTQxZTc5In0sICJzZXJ2aWNlQ2F0YWxvZyI6IHt9LCAidXNlciI6IHsi
 dXNlcm5hbWUiOiAidXNlcl9uYW1lMSIsICJyb2xlc19saW5rcyI6IFtdLCAiaWQi
@@ -10,8 +10,8 @@ dXNlcl9uYW1lMSJ9fX0xggFJMIIBRQIBATCBpDCBnjEKMAgGA1UEBRMBNTELMAkG
 A1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlTdW5ueXZhbGUxEjAQBgNV
 BAoTCU9wZW5TdGFjazERMA8GA1UECxMIS2V5c3RvbmUxJTAjBgkqhkiG9w0BCQEW
 FmtleXN0b25lQG9wZW5zdGFjay5vcmcxFDASBgNVBAMTC1NlbGYgU2lnbmVkAgER
-MAcGBSsOAwIaMA0GCSqGSIb3DQEBAQUABIGAEEEcj968A9f+WHIq0UBA42TlPhtg
-AOae7hfzkknymvt6ILizFyScp0766rJfRTO+wp/lsE0CKOXU6Ihy5MhZnggo/VGV
-szmitBeyDUF1hJrFi3jL62k/D6ChTxGpvu2YMRRvDyuaWO5ttS/7aqza1bv7Pry1
-BpbVtRi57LuDINk=
+MAcGBSsOAwIaMA0GCSqGSIb3DQEBAQUABIGAmkWkhTZKeMWedDlqHJ1CjJ10gk+8
+0f+M34c2elgKlmztTdvbAt/mnJlPuHYMXz10NK8sT4TJrOGEVXBp6Vx+FAiasu5S
+qunDGJtPEo42OW+C7H6KVx176mnb3bpBgyR0JHenTiRRn6qVkXp4R0tlHWdz/HV5
+HDyyxhNp785xygI=
 -----END CMS-----
diff --git a/examples/pki/cms/auth_v3_token_revoked.json b/examples/pki/cms/auth_v3_token_revoked.json
index ce675ce..9aecd1a 100644
--- a/examples/pki/cms/auth_v3_token_revoked.json
+++ b/examples/pki/cms/auth_v3_token_revoked.json
@@ -3,7 +3,7 @@
                  {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"},
                  {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"},
                  {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v3", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v3", "publicURL": "http://127.0.0.1:5000/v3"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],
-     "expires_at": "2012-06-02T14:47:34Z",
+     "expires_at": "2112-06-02T14:47:34Z",
      "project": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1", "domain": {"id": "domain_id1", "name": "domain_name1"}},
      "user": {"name": "revoked_username1", "id": "revoked_user_id1", "domain": {"id": "domain_id1", "name": "domain_name1"}},
      "roles": [{"name": "role1"}, {"name": "role2"}]
diff --git a/examples/pki/cms/auth_v3_token_revoked.pem b/examples/pki/cms/auth_v3_token_revoked.pem
index 630f664..e7bf936 100644
--- a/examples/pki/cms/auth_v3_token_revoked.pem
+++ b/examples/pki/cms/auth_v3_token_revoked.pem
@@ -25,7 +25,7 @@ MjcuMC4wLjE6MzUzNTcvdjMiLCAicmVnaW9uIjogIlJlZ2lvbk9uZSIsICJpbnRl
 cm5hbFVSTCI6ICJodHRwOi8vMTI3LjAuMC4xOjM1MzU3L3YzIiwgInB1YmxpY1VS
 TCI6ICJodHRwOi8vMTI3LjAuMC4xOjUwMDAvdjMifV0sICJlbmRwb2ludHNfbGlu
 a3MiOiBbXSwgInR5cGUiOiAiaWRlbnRpdHkiLCAibmFtZSI6ICJrZXlzdG9uZSJ9
-XSwNCiAgICAgImV4cGlyZXNfYXQiOiAiMjAxMi0wNi0wMlQxNDo0NzozNFoiLA0K
+XSwNCiAgICAgImV4cGlyZXNfYXQiOiAiMjExMi0wNi0wMlQxNDo0NzozNFoiLA0K
 ICAgICAicHJvamVjdCI6IHsiZW5hYmxlZCI6IHRydWUsICJkZXNjcmlwdGlvbiI6
 IG51bGwsICJuYW1lIjogInRlbmFudF9uYW1lMSIsICJpZCI6ICJ0ZW5hbnRfaWQx
 IiwgImRvbWFpbiI6IHsiaWQiOiAiZG9tYWluX2lkMSIsICJuYW1lIjogImRvbWFp
@@ -37,8 +37,8 @@ DQogICAgfQ0KfQ0KMYIBSTCCAUUCAQEwgaQwgZ4xCjAIBgNVBAUTATUxCzAJBgNV
 BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQK
 EwlPcGVuU3RhY2sxETAPBgNVBAsTCEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZr
 ZXlzdG9uZUBvcGVuc3RhY2sub3JnMRQwEgYDVQQDEwtTZWxmIFNpZ25lZAIBETAH
-BgUrDgMCGjANBgkqhkiG9w0BAQEFAASBgHI+folnKZbYybTnDo5X3b43LzqXzDMy
-H1HrXW/MIiNVw58JLtcRYp6C2A8TeoAduvt/IkI7YgQ+EDfbYOQ0HSbmnNEyc8nQ
-jAsyD+plz+42eYfTGR+dhZWFmXPxEKE5RB/FQLEqZoJxOICxKzYezSGhreAh9mu/
-Xq/GOSYVo7Rz
+BgUrDgMCGjANBgkqhkiG9w0BAQEFAASBgDcPIVP0gTYC5z+gnEqzof1QvciIUY4q
+lGNQ+G/7wdajcrCb5Cy3NWrAN/Cgnsz06ilhTIHs2LfbgROG8C4MMLHvIccQ81Uo
+kPnEFtSnBwNvhHhzMwCdA0crwpf+0KzpW/8LBtFrrka3fwUJYngq6tARWZVt5UGn
+PolkJuSwsztW
 -----END CMS-----
diff --git a/examples/pki/cms/auth_v3_token_scoped.json b/examples/pki/cms/auth_v3_token_scoped.json
index c2071f6..b49d7e1 100644
--- a/examples/pki/cms/auth_v3_token_scoped.json
+++ b/examples/pki/cms/auth_v3_token_scoped.json
@@ -3,7 +3,7 @@
 			     {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"},
 			     {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"},
 			     {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v3", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v3", "publicURL": "http://127.0.0.1:5000/v3"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],
-	 "expires_at": "2012-06-02T14:47:34Z",
+	 "expires_at": "2112-06-02T14:47:34Z",
 	 "project": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1", "domain": {"id": "domain_id1", "name": "domain_name1"}},
 	 "user": {"name": "user_name1", "id": "user_id1", "domain": {"id": "domain_id1", "name": "domain_name1"}},
 	 "roles": [{"name": "role1"}, {"name": "role2"}]
diff --git a/examples/pki/cms/auth_v3_token_scoped.pem b/examples/pki/cms/auth_v3_token_scoped.pem
index f90490e..ee98813 100644
--- a/examples/pki/cms/auth_v3_token_scoped.pem
+++ b/examples/pki/cms/auth_v3_token_scoped.pem
@@ -24,7 +24,7 @@ ZG1pblVSTCI6ICJodHRwOi8vMTI3LjAuMC4xOjM1MzU3L3YzIiwgInJlZ2lvbiI6
 ICJSZWdpb25PbmUiLCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovLzEyNy4wLjAuMToz
 NTM1Ny92MyIsICJwdWJsaWNVUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo1MDAwL3Yz
 In1dLCAiZW5kcG9pbnRzX2xpbmtzIjogW10sICJ0eXBlIjogImlkZW50aXR5Iiwg
-Im5hbWUiOiAia2V5c3RvbmUifV0sDQoJICJleHBpcmVzX2F0IjogIjIwMTItMDYt
+Im5hbWUiOiAia2V5c3RvbmUifV0sDQoJICJleHBpcmVzX2F0IjogIjIxMTItMDYt
 MDJUMTQ6NDc6MzRaIiwNCgkgInByb2plY3QiOiB7ImVuYWJsZWQiOiB0cnVlLCAi
 ZGVzY3JpcHRpb24iOiBudWxsLCAibmFtZSI6ICJ0ZW5hbnRfbmFtZTEiLCAiaWQi
 OiAidGVuYW50X2lkMSIsICJkb21haW4iOiB7ImlkIjogImRvbWFpbl9pZDEiLCAi
@@ -36,7 +36,7 @@ DQoxggFJMIIBRQIBATCBpDCBnjEKMAgGA1UEBRMBNTELMAkGA1UEBhMCVVMxCzAJ
 BgNVBAgTAkNBMRIwEAYDVQQHEwlTdW5ueXZhbGUxEjAQBgNVBAoTCU9wZW5TdGFj
 azERMA8GA1UECxMIS2V5c3RvbmUxJTAjBgkqhkiG9w0BCQEWFmtleXN0b25lQG9w
 ZW5zdGFjay5vcmcxFDASBgNVBAMTC1NlbGYgU2lnbmVkAgERMAcGBSsOAwIaMA0G
-CSqGSIb3DQEBAQUABIGAE2Xc5jwDUveWjgn/RItwzqsi4PZw+8dgJELGE/+qVrcE
-gJ5iXsR9Lx4yy932ETXFZ1fb+WTX6ytBkvUDMUI4xebZlrF3MIY2RZBzRT+JO0q0
-GsqX9JFtxSKpZcizWMz9HXTNPR44eCmC5ywPTr+igj+xJ2eDgz/ekp1hrnJBu2c=
+CSqGSIb3DQEBAQUABIGAxb2GSHoV7yzFDoW6sJwRK49xgMO3bpcU6s+yxUh4auLR
+MQ8Wso1xzDPnG2Xp886u0Wvw9dUC2s1qTD1aXKDdaHY0FUXC3pWUypR+6Ky5M7WP
+YJvDJfD0fdPX44SHwXo9Zy+DcU4zcRCucC4/5zn5w30qd1t1mwvd8GNdxvUqmZ8=
 -----END CMS-----
diff --git a/examples/pki/cms/revocation_list.pem b/examples/pki/cms/revocation_list.pem
index 8fcfa7e..1832fad 100644
--- a/examples/pki/cms/revocation_list.pem
+++ b/examples/pki/cms/revocation_list.pem
@@ -6,7 +6,7 @@ MYIBSTCCAUUCAQEwgaQwgZ4xCjAIBgNVBAUTATUxCzAJBgNVBAYTAlVTMQswCQYD
 VQQIEwJDQTESMBAGA1UEBxMJU3Vubnl2YWxlMRIwEAYDVQQKEwlPcGVuU3RhY2sx
 ETAPBgNVBAsTCEtleXN0b25lMSUwIwYJKoZIhvcNAQkBFhZrZXlzdG9uZUBvcGVu
 c3RhY2sub3JnMRQwEgYDVQQDEwtTZWxmIFNpZ25lZAIBETAHBgUrDgMCGjANBgkq
-hkiG9w0BAQEFAASBgJMkLgRgYefScR8x1/htXmSqvqMDo6LmjKE+FePLK0USPPw7
-kpAS8U8zuxR2l7nd/Dy6YrwuNrtKiifF1RiPgtmvZ93GJw3lDWPVKK0G+xK9lNqI
-cNlWHSJo++jU2ZTk7TuC8OjhxPlsC7KTXXrIE4E6dsV6IeRE1BTEUD4bvI/l
+hkiG9w0BAQEFAASBgBOGqBdORuXd+3VITnCKoOrgJqiqbvtW7TvRmBQfQ7wyYb1/
+zdvWswYlR770fnfTK82c9xwTRYzCpwS9sJk4byYG2dG1WYqNqS7Qs8EYhz2nsPf/
+6uMy19t+YnoLwFm8DNPr5najc6AGgBxryQPmQ/TcHqFGmjABwUgdDfLs7InZ
 -----END CMS-----
diff --git a/examples/pki/gen_pki.sh b/examples/pki/gen_pki.sh
index 5cea13e..1e4fd2a 100755
--- a/examples/pki/gen_pki.sh
+++ b/examples/pki/gen_pki.sh
@@ -203,7 +203,7 @@ function check_openssl {
 }
 
 function gen_sample_cms {
-  for json_file in "${CMS_DIR}/auth_token_revoked.json" "${CMS_DIR}/auth_token_unscoped.json" "${CMS_DIR}/auth_token_scoped.json" "${CMS_DIR}/revocation_list.json" "${CMS_DIR}/auth_v3_token_scoped.json" "${CMS_DIR}/auth_v3_token_revoked.json"
+  for json_file in "${CMS_DIR}/auth_token_revoked.json" "${CMS_DIR}/auth_token_unscoped.json" "${CMS_DIR}/auth_token_scoped.json" "${CMS_DIR}/auth_token_scoped_expired.json" "${CMS_DIR}/revocation_list.json" "${CMS_DIR}/auth_v3_token_scoped.json" "${CMS_DIR}/auth_v3_token_revoked.json"
   do
     openssl cms -sign -in $json_file -nosmimecap -signer $CERTS_DIR/signing_cert.pem -inkey $PRIVATE_DIR/signing_key.pem -outform PEM -nodetach -nocerts -noattr -out ${json_file/.json/.pem}
   done
diff --git a/examples/pki/private/cakey.pem b/examples/pki/private/cakey.pem
index fd38aee..d7523ce 100644
--- a/examples/pki/private/cakey.pem
+++ b/examples/pki/private/cakey.pem
@@ -1,16 +1,16 @@
 -----BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJ9ua8GSnhyRr7J5
-Wvu+PTwU4Vo2KrazwwE/Fd32dcZtX6at0/Zr62dADsC0Ig6MTfVZCIrrf2HJpTzW
-CXa4n0kZXRZaq/L/qIv3Yl51FAOl06nCCsC1g+IIG4OnnQW+YbLfB0MHsOV/TdFb
-C6Y5t4UzFh0i6WqF7Z9ADKsBBXYlAgMBAAECgYEAmuWUSdCiT014L2VacUXGhq4e
-uB/yZenG51oca7e9e5jeGrm+Oydk4b7J1o3snMfSIjJra1UcQKzCHpYxQahkD/+/
-XXz7+1jMHyZwaiGcrzqBltcCgfp1ogiT/hjidBzIgyOAv+CN5NpRBvLMGgEZpE8G
-BX3hxvTEaEvt6B6qqg0CQQDMH4LHEhMWrR5r0w3Cd6Xnx6AdQLhXvsjsxU/vQayn
-rm2jb7Gnk9P9v/1rylDHESdkPewSc5Vxde8rk1ldDe9DAkEAx/M2KXDW9AVKXwap
-qP6RjejopxqHK5lgcDr56cybUGib+dYndQFVQmhpYPz1C+b9sbn1iVpXLKpsO2JG
-6EjqdwJBAKQWdJ+otPWWpwzQdZAtdI21GM5LN6U5tfU3zEEuDyggfPxUDoECwfiK
-/KJI2dScwoi/imVuyuSRhHkIE19Nk1cCQG9wX+ls2ICcSjz4C6sCZsE+5BvuLxPf
-od4rIIpr3MxN4VC3SLpvicM/SiwiD7kYfqCFUhHBZgCg4z2dooNn0DUCQHUV8DsM
-ZoWx2D6sqaI9KExwzfLR/9AbDpqyDa/js8LSMqo5OakA47buqKiWaBlBfSb/qccz
-NsmQV0JeyF6cJB0=
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANP4aC8OC1gE7zIo
+MIndBoR+SFmiC+FQ7JTQBa4rLhT63Zkw8Mb9W+x51mnphsX9QjXT/Fh4e617UQDt
+o2bF3FgVfxj8teMHA4UBLDjlJIJWak+ZAROYwL8cZHOtFcjv5BxR6PXhSywufHZK
+NvqIv321L7TCuV6w05jrMegH7zQpAgMBAAECgYBv/WEF41So90ps5IDohacI3zNY
+b9349+lWoiUuJNAe83+ajRnY+EjVwnU+1cuH1Uti5xH+qAEn4ewlImhfRxAnX17X
+kW45wMoI8V5xZW7NyeaWtsv57Ssq5CIGbhVamp0HKCwaz3DhFhctudD8bKrapF0l
+VK8AQYquzCuqC2lBAQJBAOyAZatJOssW4UmaaHUiSUKxIpgpAKXHLzpWUvuREG39
+pI9sZSv6WDA3Ab8/60CPI0Ovy6KhgikncaWOBunBjwkCQQDlckEDM+VZQYa7RzzZ
+cEQltX1BxMduSlXqbsGxis7SPaOOrapnb1RtDbeM2FwvMmB3qtq3eQMzjLa25dXQ
+CqQhAkEAiUf2vDij0iOT3n+sxuGCGR5tcFnMsG4wsfJN9Q09tjsXfNF04NROwJ4N
+e5CE5FKyK6Yt1FdgELd+tpT82k+q0QJAGhUk4tJRbhYO1NdCSY2Dka3R8VoHObhl
+j+LLTf1ziV7Mavm+90cml8cJaI9n202kvbXEazrsbD3Av4XdCmtLQQJBANXVSnQy
+omf86+CtUs7bb3S4PieCk0vKO2KQqfaYb2QuaTfULqUHvc9u8iIqEtzdn2uI3ET9
+kQLZ4IgnoBb0JVo=
 -----END PRIVATE KEY-----
diff --git a/examples/pki/private/signing_key.pem b/examples/pki/private/signing_key.pem
index dedde22..a20acc4 100644
--- a/examples/pki/private/signing_key.pem
+++ b/examples/pki/private/signing_key.pem
@@ -1,16 +1,16 @@
 -----BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAL9W4wyZZ3E8UGEo
-ZSh31ip+8N3vDS9tTfP/PUxx5fK/nN7FziyJJ+ulkQolaycNJOc5kNNOGyxa/+tP
-SkM4sZCWq8igIIehpJeauB1nFBdQCB4t7bI3EbVjAteIby4gx0RZWuvSyYrkO0nh
-8oCGPWK3KNPX/bj4vBVJkvLfbn1xAgMBAAECgYEAiUigE7QlghuSWIORQR3qbgcy
-bypLvZGhcsXZh3XZVPiiZzxpl465M9xRWoRKg3Rs2/JztQi/em24XW9Ai0asLyHL
-u/kZ45A6fbX51QsY989eS0zwsKV/YzY4V2Nvv+MkzfR/sSdtnOu5C0pPf+wuyazZ
-6Ky2/GpIcEA8yTl1q3kCQQDozmQdIdWG/9viBxdoW8wXlb2zA47MaV9WphLwC1rV
-J/00X0SgM94it1BhltxCTrIQ72WF7vBtvDw51N1Rf1wnAkEA0mbnrmAiKwfJVyeV
-PUN0fz5N6JKsUSVEY6Wt+ySDJqmro27uiHgZhmQb+lwLE5VfTZrdLx5LGa2Mr4w0
-8degpwJBAN1AKQ02toPSbdpl+u0HMPPJL7wNyYyjKCRlOOJBKFYj5xP65nGKWbaM
-mSvl//ZUbA6ENewPpRflKSedEaj+bUkCQDfdXNye59OXEK2Uc/q9Q1xZtaPv9dLh
-20O+BPDu4+fLGyic1rbjdJuLTyZtc/9yJMjdOqc9GuGpg/ZEevZPs3cCQDa2AbNj
-uF+KX2u9+38hcN4APnGAk7Z452WbwoXBY7X4SsA4xYqjPIw3QEOqn2zT4A6dt0IX
-11zRtas1zYePTXg=
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMaJJtZBTZtosadG
+o56LgNkzAIVmdqfljmhvdKFoKK2ITTN5HJeBztbgpeQUCwqcc4Id6gvcuijkQ2rP
+dVXGNngKwfQ9r4m1SmrmIOojqCC0madu6hs+m9i3UtQKG+DXga6pdM+ieRbUj/hL
+YDDcW+cWuUHqz6PH43lbTNF18wo/AgMBAAECgYEAp+1QPT+FLiNSyONV9/+VX6Hl
+GfC+AmuHlcxYQUIBzi4Q5q3VQk1Yr6Xai11srXABv5gf5CKyD25rm8eYPpHmdQsj
+33vjb9yQ/1Ts8NR1YJ5Gxs5iawPATzm5yjim5sPJJrjJy9hl8uEEqRca/14CSva5
+X4VrVy7RVmimmaumOwECQQDrLZ8SDut+qrhFhWZKAupXTpM5AlJBUkCPyqVnPgKg
+cEVAktXryknAr535bK0C16CX3dpUzfS7ksYOxNrLuUi/AkEA2B0E2O4NZW82PdBf
+D1JUUv9dBlilrGAVxNrmFkiqk3NcdeiB21yFrQ33VcBocgBoY2oKdOBXoTQFOJXJ
+9bEegQJANmXUEIJA+IiWnQYRNfdcqxsytJIT4qYa5uexwKK4StINQrV0I9kjnB1D
+BimcDzc/H0GiudD11dlKVKo2Db9q0wJAIxKykrIvomKmHuoOQ2JNJRskcb85Q/xk
+DAqqhLtOU5fJTalqSbt+RlOZ7GTJjpbaWif/gnBWSGc04bYNjL4uAQJAE1ZswXw5
+N813tirpa+bnfxcffDDRk4mk0jfHtCjhASelzzvFXh4f00TW+odn4cp4NLd3QQ2p
+59a2PmibzgJsTw==
 -----END PRIVATE KEY-----
diff --git a/examples/pki/private/ssl_key.pem b/examples/pki/private/ssl_key.pem
index ab8dca4..4877ae3 100644
--- a/examples/pki/private/ssl_key.pem
+++ b/examples/pki/private/ssl_key.pem
@@ -1,16 +1,16 @@
 -----BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKFS7ztV1Ur3H+J+
-UrQlkxtbE/yr8GzJ+JO5yqG7OWpACtxSm3EQ1+qTLtHSIrwCeON2K6zht+HDxht9
-ATw61c3qu6NQYpfW//VH7bXXTZnF5c+dj1awpfqejzSL6dQO5grRl1Z2JF4IR//z
-iCXqgzk/QdzVYjZiH0+JYaM56ukRAgMBAAECgYARVPiw1kLpH+3EBrBZ/GN2n+1g
-yxQ0i+px7JcRkyzS9nh0PUfH+PhJknCISFxE+LsGLQ76LvHzhnYFRAPa9bM8lZQx
-gAjroYx8vXSD5pcmDs+7SqxWCP/PI9IlT6F0dHanwXcLPjPCeBUZN/Z/ZyuOIpML
-DMDfbXHpbg9BF41qJQJBANPJ2VG6KrSqxzM1f7AHSpOp2UZqylMCe14TMSkWaHHX
-Bla8p+6D76Ixskh49L9yEpxFplgLP3fRcFfNpRCUSY8CQQDDADhxiQ+jsR69YJMe
-QYXYLpQfF2751x789NPfpytDEUOFZ8yyyLp3aNOAYoMrLXaMQTLTJgT5dA2D8QdU
-shNfAkEAwDzEnPFt2CX3wFy8NSy5HcWbKda/JY/oKSEki1YCoep6n3qIt/BcMI4J
-dM0N40SI7f4umlZDWt/pqFlKjfz7swJARYbjmR+ccunpIu63JdeI6G6bI4bQa8ZW
-5yxICvtowm36XCuJYcmOKps2phT53cBE/3cTrxNkPKkzVHLxATLJEwJBAL5sOt1g
-ChxUqvhBQtTgToX/WTDtGF3PEBNwU0YeOz4GweoqABxMzg08W/6rvsIFismNuWY5
-W6bZ8CxyKPcq/aE=
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKu9aaVODW0VF29o
+QXs/mN/PO9cXS4YtmwhIgV6TrvRTsSjmjAHf8hy4C0bCGNQfIWkyICp2JYNnhBkE
+52VYPMwY1sOyNebN4jV9WcPGoMlobxy2VBTAroom975qRG5HhEbGD27NLqXbJmM6
+b4+0JdlJn5iWT/7HtbSUnz1p2oVRAgMBAAECgYEAmehJgScNyTAZrHGWHUnFSu2B
+ByWNPVYplabEqWlYZQWLwse5uQRlCW+2S1cuwQqU+p09TlBLFhPywiku5hfJgvZx
+EzjAJHYFdrGreD5y9NKapuWfaSM/JZ2+3u1Cy+d/0MoLbAd6Bmc8YU2NH1VPCPGQ
+q2fKCweMrYaymmcD7wECQQDdUnFycODvaXWlYAaCVvOWllejNhA+uA1ljmhEAoEh
+ES12LdM7cDK9szq55WZ2UPNS/8huCMfPDtBRHy+twsSZAkEAxqYn1sK3WWX8bzu5
+Eu7cpcFvYTvoJYVChK7LjplpKACnRzcQztPi/aLS0UVtjyf7+zhZTNDexwhm0hWJ
+o58BeQJAXxMAaxH0fsRF5pHWmf0yTNkuso0R829rSdogDj8pK4ROjDrpR9pN4dHx
+g1P5bRAfRuNcPXCGLPuHH6IPAEzv2QJAe2PR8zBXuwwCVQV/3CbKn5sbmAYiGMxB
+mTEJ97WK//IH9dBafF5Y7LsqwBqkBvwLJOzHa1OCTZcGZxBBwoSN4QJAUy4DMkdb
+ENukagZ6ddkoQbJ7vDMuZfjl+R8B0YL10rLShhbcy4iLzs8ujqt4z1VznaAZBXaQ
+ctiy9/gBMhudwA==
 -----END PRIVATE KEY-----
diff --git a/keystoneclient/middleware/auth_token.py b/keystoneclient/middleware/auth_token.py
index befa79e..6907397 100644
--- a/keystoneclient/middleware/auth_token.py
+++ b/keystoneclient/middleware/auth_token.py
@@ -697,7 +697,8 @@ class AuthProtocol(object):
                 data = json.loads(verified)
             else:
                 data = self.verify_uuid_token(user_token, retry)
-            self._cache_put(token_id, data)
+            expires = self._confirm_token_not_expired(data)
+            self._cache_put(token_id, data, expires)
             return data
         except Exception as e:
             self.LOG.debug('Token validation failure.', exc_info=True)
@@ -931,23 +932,31 @@ class AuthProtocol(object):
                             data_to_store,
                             timeout=self.token_cache_time)
 
-    def _cache_put(self, token, data):
+    def _confirm_token_not_expired(self, data):
+        if not data:
+            raise InvalidUserToken('Token authorization failed')
+        if self._token_is_v2(data):
+            timestamp = data['access']['token']['expires']
+        elif self._token_is_v3(data):
+            timestamp = data['token']['expires_at']
+        else:
+            raise InvalidUserToken('Token authorization failed')
+        expires = timeutils.parse_isotime(timestamp).strftime('%s')
+        if time.time() >= float(expires):
+            self.LOG.debug('Token expired a %s', timestamp)
+            raise InvalidUserToken('Token authorization failed')
+        return expires
+
+    def _cache_put(self, token, data, expires):
         """ Put token data into the cache.
 
         Stores the parsed expire date in cache allowing
         quick check of token freshness on retrieval.
+
         """
-        if self._cache and data:
-            if self._token_is_v2(data):
-                timestamp = data['access']['token']['expires']
-            elif self._token_is_v3(data):
-                timestamp = data['token']['expires_at']
-            else:
-                self.LOG.error('invalid token format')
-                return
-            expires = timeutils.parse_isotime(timestamp).strftime('%s')
-            self.LOG.debug('Storing %s token in memcache', token)
-            self._cache_store(token, data, expires)
+        if self._cache:
+                self.LOG.debug('Storing %s token in memcache', token)
+                self._cache_store(token, data, expires)
 
     def _cache_store_invalid(self, token):
         """Store invalid token in cache."""
diff --git a/tests/test_auth_token_middleware.py b/tests/test_auth_token_middleware.py
index ae81293..83ea709 100644
--- a/tests/test_auth_token_middleware.py
+++ b/tests/test_auth_token_middleware.py
@@ -255,6 +255,9 @@ with open(os.path.join(signing_path, 'auth_v3_token_scoped.pem')) as f:
     SIGNED_v3_TOKEN_SCOPED = cms.cms_to_token(f.read())
 with open(os.path.join(signing_path, 'auth_token_revoked.pem')) as f:
     REVOKED_TOKEN = cms.cms_to_token(f.read())
+with open(os.path.join(signing_path,
+          'auth_token_scoped_expired.pem')) as f:
+    SIGNED_TOKEN_SCOPED_EXPIRED = cms.cms_to_token(f.read())
 REVOKED_TOKEN_HASH = utils.hash_signed_token(REVOKED_TOKEN)
 with open(os.path.join(signing_path, 'auth_v3_token_revoked.pem')) as f:
     REVOKED_v3_TOKEN = cms.cms_to_token(f.read())
@@ -464,7 +467,7 @@ class BaseFakeHTTPConnection(object):
         body = jsonutils.dumps({
             'access': {
                 'token': {'id': 'admin_token2',
-                          'expires': '2012-10-03T16:58:01Z'}
+                          'expires': '2022-10-03T16:58:01Z'}
             },
         })
         return status, body
@@ -621,6 +624,7 @@ class BaseAuthTokenMiddlewareTest(testtools.TestCase):
                 'uuid_token_default': UUID_TOKEN_DEFAULT,
                 'uuid_token_unscoped': UUID_TOKEN_UNSCOPED,
                 'signed_token_scoped': SIGNED_TOKEN_SCOPED,
+                'signed_token_scoped_expired': SIGNED_TOKEN_SCOPED_EXPIRED,
                 'revoked_token': REVOKED_TOKEN,
                 'revoked_token_hash': REVOKED_TOKEN_HASH
             }
@@ -1020,6 +1024,13 @@ class AuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest):
         self.middleware(req.environ, self.start_fake_response)
         self.assertNotEqual(self._get_cached_token(token), None)
 
+    def test_expired(self):
+        req = webob.Request.blank('/')
+        token = self.token_dict['signed_token_scoped_expired']
+        req.headers['X-Auth-Token'] = token
+        self.middleware(req.environ, self.start_fake_response)
+        self.assertEqual(self.response_status, 401)
+
     def test_memcache_set_invalid(self):
         req = webob.Request.blank('/')
         token = 'invalid-token'
@@ -1358,6 +1369,7 @@ class v3AuthTokenMiddlewareTest(AuthTokenMiddlewareTest):
             'uuid_token_default': v3_UUID_TOKEN_DEFAULT,
             'uuid_token_unscoped': v3_UUID_TOKEN_UNSCOPED,
             'signed_token_scoped': SIGNED_v3_TOKEN_SCOPED,
+            'signed_token_scoped_expired': SIGNED_TOKEN_SCOPED_EXPIRED,
             'revoked_token': REVOKED_v3_TOKEN,
             'revoked_token_hash': REVOKED_v3_TOKEN_HASH
         }
author	Jenkins <jenkins@review.openstack.org>	2013-05-28 16:51:00 +0000
committer	Gerrit Code Review <review@openstack.org>	2013-05-28 16:51:00 +0000
commit	111e7304f5bc9e7a2c726084038b5f8692ec940a (patch)
tree	e482efecb9f1867b15772e1ce273b34675da9db5
parent	d202da568441341f4f6abce2894016164a0562e0 (diff)
parent	8fe7a822d3fd9f435bb4a73a838b380659196cf7 (diff)
download	python-keystoneclient-111e7304f5bc9e7a2c726084038b5f8692ec940a.tar.gz