Carrying over token expiry time when token chaining

Fixes bug #998185 This commit causes the token expiry time to be maintained when one token is being created from another Change-Id: I7b61692a60d9227423b93c267864a5abe939ca33
openstack · Jun 14, 2012 · 29e74e7 · 29e74e7
1 parent 9a841f3
commit 29e74e7
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/keystone/service.py b/keystone/service.py
@@ -351,7 +351,8 @@ def authenticate(self, context, auth=None):
                     context, token_id, dict(id=token_id,
                                             user=user_ref,
                                             tenant=tenant_ref,
-                                            metadata=metadata_ref))
+                                            metadata=metadata_ref,
+                                            expires=old_token_ref['expires']))
 
         # TODO(termie): optimize this call at some point and put it into the
         #               the return for metadata

diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py
@@ -14,6 +14,7 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
+import time
 import uuid
 
 import nose.exc
@@ -326,6 +327,17 @@ def test_disable_user_invalidates_token(self):
                           self.get_client,
                           self.user_foo)
 
+    def test_token_expiry_maintained(self):
+        foo_client = self.get_client(self.user_foo)
+        orig_token = foo_client.service_catalog.catalog['token']
+
+        time.sleep(1.01)
+        reauthenticated_token = foo_client.tokens.authenticate(
+                                    token=foo_client.auth_token)
+
+        self.assertEquals(orig_token['expires'],
+                          reauthenticated_token.expires)
+
     def test_user_create_update_delete(self):
         from keystoneclient import exceptions as client_exceptions