From 41cc1b94354025351733d80b20cb8f6226819b41 Mon Sep 17 00:00:00 2001
From: Amelia Cordwell <ameliacordwell@catalyst.net.nz>
Date: Tue, 5 Dec 2017 16:35:33 +1300
Subject: [PATCH] Selectively disable token caching

* Token caching can cause errors when a user is removed from a
  project when they have a still valid token for it.
* Default was to cache for 5 minutes
* This adds a setting in the conf file that will set the cache
  time.
* -1 Disables the cache

Change-Id: I70b05f6a09b195dd87452689eb6e211d812fc8c8
Closes-Bug:1736304
---
 adjutant/settings.py      | 2 ++
 adjutant/test_settings.py | 3 +++
 adjutant/wsgi.py          | 1 +
 conf/conf.yaml            | 3 +++
 4 files changed, 9 insertions(+)

diff --git a/adjutant/settings.py b/adjutant/settings.py
index 26aa627..ca2e49a 100644
--- a/adjutant/settings.py
+++ b/adjutant/settings.py
@@ -165,6 +165,8 @@ PLUGIN_SETTINGS = CONFIG.get('PLUGIN_SETTINGS', {})
 
 ROLES_MAPPING = CONFIG['ROLES_MAPPING']
 
+TOKEN_CACHE_TIME = CONFIG.get('TOKEN_CACHE_TIME', 60)
+
 PROJECT_QUOTA_SIZES = CONFIG.get('PROJECT_QUOTA_SIZES')
 
 QUOTA_SIZES_ASC = CONFIG.get('QUOTA_SIZES_ASC', [])
diff --git a/adjutant/test_settings.py b/adjutant/test_settings.py
index 5d2c9b2..61f014f 100644
--- a/adjutant/test_settings.py
+++ b/adjutant/test_settings.py
@@ -386,6 +386,8 @@ QUOTA_SIZES_ASC = ['small', 'medium', 'large']
 
 SHOW_ACTION_ENDPOINTS = True
 
+TOKEN_CACHE_TIME = 60
+
 conf_dict = {
     "DEBUG": True,
     "SECRET_KEY": SECRET_KEY,
@@ -405,4 +407,5 @@ conf_dict = {
     "PROJECT_QUOTA_SIZES": PROJECT_QUOTA_SIZES,
     "SHOW_ACTION_ENDPOINTS": SHOW_ACTION_ENDPOINTS,
     "QUOTA_SIZES_ASC": QUOTA_SIZES_ASC,
+    "TOKEN_CACHE_TIME": TOKEN_CACHE_TIME,
 }
diff --git a/adjutant/wsgi.py b/adjutant/wsgi.py
index 1c8921e..7f04394 100644
--- a/adjutant/wsgi.py
+++ b/adjutant/wsgi.py
@@ -45,5 +45,6 @@ conf = {
     "auth_url": settings.KEYSTONE['auth_url'],
     'delay_auth_decision': True,
     'include_service_catalog': False,
+    'token_cache_time': settings.TOKEN_CACHE_TIME,
 }
 application = AuthProtocol(application, conf)
diff --git a/conf/conf.yaml b/conf/conf.yaml
index 6b96cbf..4125b44 100644
--- a/conf/conf.yaml
+++ b/conf/conf.yaml
@@ -410,6 +410,9 @@ PROJECT_QUOTA_SIZES:
             router: 10
             port: 500
 
+# Time in seconds to cache token from Keystone
+TOKEN_CACHE_TIME: 600
+
 # Ordered list of quota sizes from smallest to biggest
 QUOTA_SIZES_ASC:
     - small