Open mchouque opened 2 years ago
Hello,
https://github.com/Isilon/isilon_sdk_python/blob/a76bec4087528b16679c54f4c9e1200a590b47bd/isi_sdk_9_1_0/isi_sdk_9_1_0/api_client.py#L559-L560
The issue is when you query the session endpoint, what it returns is:
{"services":["platform"],"timeout_absolute":14400,"timeout_inactive":900,"username":"someuser"}
Timeout inactive is not 15 seconds it's 15 minutes... So not only the code is wrong but it should really do something like:
--- api_client.py.orig 2022-07-27 11:03:58.739454831 +0200 +++ api_client.py 2022-07-27 11:45:37.025356419 +0200 @@ -83,6 +83,7 @@ self.session_expiration = 0 self.inactive_expiration = 0 + self.inactive_threshold = 0 self.x_csrf_token = None def __del__(self): @@ -548,6 +548,7 @@ self.cookie = cookies.split(';')[0] timeout = json.loads(response_data.data)['timeout_absolute'] self.session_expiration = now + timeout + self.inactive_threshold = json.loads(response_data.data)['timeout_inactive'] try: # extract X-CSRF token from response cookies @@ -557,8 +565,8 @@ # this is not an anti-CSRF version of PAPI pass - # 15 seconds is the default keep alive timeout - self.inactive_expiration = now + 15 + # Increase inactive_expiration by inactive_threshold + self.inactive_expiration = now + max(self.inactive_threshold, 15) headers['Cookie'] = self.cookie if self.x_csrf_token:
Regards, Mathieu
Hello,
https://github.com/Isilon/isilon_sdk_python/blob/a76bec4087528b16679c54f4c9e1200a590b47bd/isi_sdk_9_1_0/isi_sdk_9_1_0/api_client.py#L559-L560
The issue is when you query the session endpoint, what it returns is:
Timeout inactive is not 15 seconds it's 15 minutes... So not only the code is wrong but it should really do something like:
Regards, Mathieu