From f2ae306497456e185007cc8cb4b58991a84a98ad Mon Sep 17 00:00:00 2001
From: Dolph Mathews <dolph.mathews@gmail.com>
Date: Thu, 15 Nov 2012 16:44:55 -0600
Subject: [PATCH] Backport token expiration tests for bug 1079216

Change-Id: I600a6266576ac03f31ba71ca77f988079dc50dd2
---
 tests/test_service.py | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)
 create mode 100644 tests/test_service.py

diff --git a/tests/test_service.py b/tests/test_service.py
new file mode 100644
index 0000000..470651f
--- /dev/null
+++ b/tests/test_service.py
@@ -0,0 +1,73 @@
+# Copyright 2012 OpenStack LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import time
+
+import default_fixtures
+
+from keystone import config
+from keystone import service
+from keystone import test
+from keystone.identity.backends import kvs as kvs_identity
+
+
+CONF = config.CONF
+
+
+class TokenExpirationTest(test.TestCase):
+    def setUp(self):
+        super(TokenExpirationTest, self).setUp()
+        self.identity_api = kvs_identity.Identity()
+        self.load_fixtures(default_fixtures)
+        self.api = service.TokenController()
+
+    def test_maintain_uuid_token_expiration(self):
+        """Token expiration should be maintained after re-auth & validation."""
+        r = self.api.authenticate(
+            {},
+            auth={
+                'passwordCredentials': {
+                    'username': self.user_foo['name'],
+                    'password': self.user_foo['password']
+                }
+            })
+        unscoped_token_id = r['access']['token']['id']
+        original_expiration = r['access']['token']['expires']
+
+        time.sleep(0.5)
+
+        r = self.api.validate_token(
+            dict(is_admin=True, query_string={}),
+            token_id=unscoped_token_id)
+        self.assertEqual(original_expiration, r['access']['token']['expires'])
+
+        time.sleep(0.5)
+
+        r = self.api.authenticate(
+            {},
+            auth={
+                'token': {
+                    'id': unscoped_token_id,
+                },
+                'tenantId': self.tenant_bar['id'],
+            })
+        scoped_token_id = r['access']['token']['id']
+        self.assertEqual(original_expiration, r['access']['token']['expires'])
+
+        time.sleep(0.5)
+
+        r = self.api.validate_token(
+            dict(is_admin=True, query_string={}),
+            token_id=scoped_token_id)
+        self.assertEqual(original_expiration, r['access']['token']['expires'])
-- 
1.8.0