Merge pull request #15124 from imtayadeway/api/token-manager-token-ttl

Make TokenManager#token_ttl callable (evaluated at call time) (cherry picked from commit e35b6c2) https://bugzilla.redhat.com/show_bug.cgi?id=1459987
ManageIQ · Jun 8, 2017 · e201995 · e201995
1 parent 5f807cc
commit e201995
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 10 deletions.
diff --git a/lib/services/api/user_token_service.rb b/lib/services/api/user_token_service.rb
@@ -15,7 +15,7 @@ def token_mgr(type)
       when 'api', 'ui' # The default API token and UI token share the same TokenStore
         @token_mgr['api'] ||= new_token_mgr(base_config[:module], base_config[:name], api_config)
       when 'ws'
-        @token_mgr['ws'] ||= TokenManager.new('ws', :token_ttl => ::Settings.session.timeout)
+        @token_mgr['ws'] ||= TokenManager.new('ws', :token_ttl => -> { ::Settings.session.timeout })
       end
     end
 
@@ -55,7 +55,7 @@ def new_token_mgr(mod, name, api_config)
       token_ttl = api_config[:token_ttl]
 
       options                = {}
-      options[:token_ttl]    = token_ttl.to_i_with_method if token_ttl
+      options[:token_ttl]    = -> { token_ttl.to_i_with_method } if token_ttl
 
       log_init(mod, name, options) if @svc_options[:log_init]
       TokenManager.new(mod, options)

diff --git a/lib/token_manager.rb b/lib/token_manager.rb
@@ -9,29 +9,29 @@ class TokenManager
 
   def initialize(namespace = DEFAULT_NS, options = {})
     @namespace = namespace
-    @options = {:token_ttl => 10.minutes}.merge(options)
+    @options = {:token_ttl => -> { 10.minutes }}.merge(options)
   end
 
   def gen_token(token_options = {})
     token = SecureRandom.hex(16)
-    token_ttl = token_options.delete(:token_ttl_override) || @options[:token_ttl]
-    token_data = {:token_ttl => token_ttl, :expires_on => Time.now.utc + token_ttl}
+    ttl = token_options.delete(:token_ttl_override) || token_ttl
+    token_data = {:token_ttl => ttl, :expires_on => Time.now.utc + ttl}
 
     token_store.write(token,
                       token_data.merge!(prune_token_options(token_options)),
-                      :expires_in => @options[:token_ttl])
+                      :expires_in => token_ttl)
     token
   end
 
   def reset_token(token)
     token_data = token_store.read(token)
     return {} if token_data.nil?
 
-    token_ttl = token_data[:token_ttl]
-    token_data[:expires_on] = Time.now.utc + token_ttl
+    ttl = token_data[:token_ttl]
+    token_data[:expires_on] = Time.now.utc + ttl
     token_store.write(token,
                       token_data,
-                      :expires_in => token_ttl)
+                      :expires_in => ttl)
   end
 
   def token_get_info(token, what = nil)
@@ -48,10 +48,14 @@ def invalidate_token(token)
     token_store.delete(token)
   end
 
+  def token_ttl
+    @options[:token_ttl].call
+  end
+
   private
 
   def token_store
-    TokenStore.acquire(@namespace, @options[:token_ttl])
+    TokenStore.acquire(@namespace, token_ttl)
   end
 
   def prune_token_options(token_options = {})

diff --git a/spec/lib/token_manager_spec.rb b/spec/lib/token_manager_spec.rb
@@ -0,0 +1,24 @@
+RSpec.describe TokenManager do
+  describe "#token_ttl" do
+    it "returns the ttl" do
+      token_manager = described_class.new(described_class::DEFAULT_NS, :token_ttl => -> { 60 })
+
+      expect(token_manager.token_ttl).to eq(60)
+    end
+
+    it "defaults to 10 minutes" do
+      token_manager = described_class.new
+
+      expect(token_manager.token_ttl).to eq(600)
+    end
+
+    it "evaluates at call time" do
+      stub_settings(:session => {:timeout => 60})
+      token_manager = described_class.new(described_class::DEFAULT_NS, :token_ttl => -> { Settings.session.timeout })
+
+      stub_settings(:session => {:timeout => 120})
+
+      expect(token_manager.token_ttl).to eq(120)
+    end
+  end
+end