attempt to re-authenticate on possible token expiry re-uses expired token
Bug #1192656 reported by
Eoghan Glynn
This bug affects 7 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-novaclient |
Fix Released
|
Undecided
|
Eoghan Glynn |
Bug Description
The attempt to re-authenticate on possible token expiry actually re-uses the expired token, which is clearly bound to fail in the expired case.
As a result, unless the client explicitly handles the 401, a novaclient instance will stop working once the original token has expired (by default after 24 hours).
This issue may have been masked by the recently discovered & fixed vulnerability whereby signed tokens where not being properly checked for expiry:
https:/
Changed in python-novaclient: | |
assignee: | nobody → Eoghan Glynn (eglynn) |
status: | New → In Progress |
Changed in python-novaclient: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/33685
Review: https:/