keystoneauth

MIN_TOKEN_LIFE_SECONDS can't be changed

Bug #1605144 reported by wangxiyuan
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
keystoneauth
Triaged
Wishlist
Unassigned
python-keystoneclient
Invalid
Undecided
Unassigned

Bug Description

The MIN_TOKEN_LIFE_SECONDS is used to check that if the token will expire soon. It's used for reauthenticating. But it's hard coded and the value is 120 seconds forever. The long time request will get 401 error if it runs longer than 120 seconds. For example: A token will expire after 130 seconds and keystoneclient think that it doesn't to reauthenticate, but if the request cost more than 130 seconds, it will raise 401 error.

So it's better to make MIN_TOKEN_LIFE_SECONDS variable. Then other projects can set a sutibale value to satisfy themselves.

Revision history for this message
Steve Martinelli (stevemar) wrote :

This affects keystoneauth, we've moved all the auth plugins there: https://github.com/openstack/keystoneauth/blob/118c9629e57f353aa49ba29c4b27e0e240788463/keystoneauth1/identity/base.py#L36

Thought I'm not sure what we can do about this, typically we don't take configuration variables for keystoneauth.

Changed in python-keystoneclient:
status: New → Invalid
Revision history for this message
Morgan Fainberg (mdrnstm) wrote :

Keystoneauth does not take configuration variables directly. We could allow session to have the value specified on instantiation therefore the consumer could override the 120s value. Session also has some direct re-auth logic in it for the case of a 401.

Morgan Fainberg (mdrnstm)
Changed in keystoneauth:
status: New → Triaged
importance: Undecided → Wishlist
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.