auth_token _cache_get checks token expired

When auth_token stores the token in the cache, it's stored with the expiration time; but when the token is retrieved from the cache, if the expiration time has passed the token is treated as if it wasn't cached. This creates extra work because now auth_token has to check the token expiration (either by decrypting the PKI token or online validation for UUID tokens). With this change, getting the token from the cache will fail if the expiration is past. Change-Id: Id0ec6b3c2e5af4a2d910f16da4e0312733fc2198
author: Brant Knudson <bknudson@us.ibm.com> 2014-05-30 10:02:51 -0500
committer: Brant Knudson <bknudson@us.ibm.com> 2014-06-16 17:48:49 -0500
commit: 1e265faf15032ab91b82a840c6f0a1c96c0b0cfb (patch)
tree: c2ac826910d228107a7a340042be92d99f6a3064 /keystoneclient/middleware
parent: f83115b4a6d17c0acc27e2635b3adaa9c3b39c16 (diff)
download: python-keystoneclient-1e265faf15032ab91b82a840c6f0a1c96c0b0cfb.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/keystoneclient/middleware/auth_token.py b/keystoneclient/middleware/auth_token.py
index d6fe3dd..593518b 100644
--- a/keystoneclient/middleware/auth_token.py
+++ b/keystoneclient/middleware/auth_token.py
@@ -1518,6 +1518,7 @@ class TokenCache(object):
             return data
         else:
             self.LOG.debug('Cached Token seems expired')
+            raise InvalidUserToken('Token authorization failed')
 
     def _cache_store(self, token_id, data):
         """Store value into memcache.
author	Brant Knudson <bknudson@us.ibm.com>	2014-05-30 10:02:51 -0500
committer	Brant Knudson <bknudson@us.ibm.com>	2014-06-16 17:48:49 -0500
commit	1e265faf15032ab91b82a840c6f0a1c96c0b0cfb (patch)
tree	c2ac826910d228107a7a340042be92d99f6a3064 /keystoneclient/middleware
parent	f83115b4a6d17c0acc27e2635b3adaa9c3b39c16 (diff)
download	python-keystoneclient-1e265faf15032ab91b82a840c6f0a1c96c0b0cfb.tar.gz