bug-1040361: use keyring to store tokens

User can optionally turn off keyring by specifying the --no-cache option.
It can also be disabled with environment variable OS-NO-CACHE.

Change-Id: I8935260bf7fd6befa14798da9b4d02c81e65c417

1 files changed, 32 insertions, 0 deletions

diff --git a/keystoneclient/access.py b/keystoneclient/access.py
index 6d0e9fa..3947b6f 100644
--- a/keystoneclient/access.py
+++ b/keystoneclient/access.py
@@ -15,6 +15,15 @@
 # limitations under the License.
 
 
+import datetime
+
+from keystoneclient.openstack.common import timeutils
+
+
+# gap, in seconds, to determine whether the given token is about to expire
+STALE_TOKEN_DURATION = '30'
+
+
 class AccessInfo(dict):
     """An object for encapsulating a raw authentication token from keystone
     and helper methods for extracting useful values from that token."""
@@ -22,6 +31,29 @@ class AccessInfo(dict):
     def __init__(self, *args, **kwargs):
         dict.__init__(self, *args, **kwargs)
 
+    def will_expire_soon(self, stale_duration=None):
+        """ Determines if expiration is about to occur.
+
+        :return: boolean : true if expiration is within the given duration
+
+        """
+        stale_duration = stale_duration or TALE_TOKEN_DURATION
+        norm_expires = timeutils.normalize_time(self.expires)
+        # (gyee) should we move auth_token.will_expire_soon() to timeutils
+        # instead of duplicating code here?
+        soon = (timeutils.utcnow() + datetime.timedelta(
+                seconds=stale_duration))
+        return norm_expires < soon
+
+    @property
+    def expires(self):
+        """ Returns the token expiration (as datetime object)
+
+        :returns: datetime
+
+        """
+        return timeutils.parse_isotime(self['token']['expires'])
+
     @property
     def auth_token(self):
         """ Returns the token_id associated with the auth request, to be used