openstack
/
keystone
Code Issues Proposed changes
keystone/keystone
History
Brant Knudson 6cbf835542 Fix revocation event handling with MySQL 
When MySQL is used to store revocation events, events are returned
from the database with the timestamps truncated to the second. This
causes a revocation event for a token (which has the issued_at
timestamp to the microsecond) to not match the revocation event and
therefore the token is not considered to be revoked.

The fix is to have the revocation events and token timestamps both
always be truncated to the second. This will cause all tokens for a
user that are issued within a second to be revoked when any of those
tokens are revoked, which shouldn't be a problem.

Conflicts:

	keystone/tests/test_v3_os_revoke.py

Change-Id: Ibd82b4ce910206dfd504c396614ae2ebed025e9b
Closes-Bug: #1347961
(cherry picked from commit 7aee6304f6)
 		2014-08-05 13:19:01 -05:00
..
assignment HEAD responses should return same status as GET 2014-07-08 22:38:20 -07:00
auth HEAD responses should return same status as GET 2014-07-08 22:38:20 -07:00
catalog Remove legacy_endpoint_id and enabled from service catalog 2014-04-04 12:53:45 -05:00
common Merge "Correct the region table to be InnoDB and UTF8" into stable/icehouse 2014-08-01 16:21:28 +00:00
contrib Fix revocation event handling with MySQL 2014-08-05 13:19:01 -05:00
credential Uses explicit imports for _ 2014-03-18 01:23:21 -07:00
identity HEAD responses should return same status as GET 2014-07-08 22:38:20 -07:00
locale Fix Jenkins translation jobs 2014-04-01 09:31:11 -05:00
middleware Change the default version discovery URLs 2014-03-25 10:15:15 +10:00
openstack Sync from oslo db.sqlalchemy.migration 2014-04-02 14:35:02 -07:00
policy Uses explicit imports for _ 2014-03-18 01:23:21 -07:00
tests Fix revocation event handling with MySQL 2014-08-05 13:19:01 -05:00
token Fix revoking a scoped token from an unscoped token 2014-08-05 11:23:01 -05:00
trust HEAD responses should return same status as GET 2014-07-08 22:38:20 -07:00
__init__.py Revert "Disable eventlet monkey-patching of DNS" 2013-05-10 10:24:48 -04:00
clean.py Make sure domains are enabled by default 2014-06-18 19:33:35 -07:00
cli.py Token Revocation Extension 2014-03-04 13:42:28 -05:00
config.py Merge "Remove vim header" 2014-02-13 03:43:19 +00:00
controllers.py revert deprecation of v2 API 2014-03-25 20:54:54 -05:00
exception.py Do not expose internal data on UnexpectedError 2014-03-18 17:16:20 -07:00
notifications.py Uses generator expressions instead of filter 2014-03-20 00:31:42 +00:00
routers.py Remove vim header 2014-02-08 23:54:04 +08:00
service.py Don't automatically enable revocation events. 2014-03-15 15:46:46 -07:00