Token value < 60 breaks itokens

gholt / swauth

This is the historical location of Swauth; active development is now at https://github.com/openstack/swauth

45 stars 29 forks source link

Token value < 60 breaks itokens #73

Open ctrochalakis opened 9 years ago

ctrochalakis commented 9 years ago

The itoken expiration time is set by the following code: self.itoken_expires = time() + self.token_life - 60

That effectively means that setting token_life to a value less than60 secs results in a token with an expiration date set in the past.

Is there a reason to subtract 60 secs from the token_life value? Perhaps it should be dropped.

gholt commented 9 years ago

Hmm. I checked the history on that line and -- after 4 years and the initial commit being the only commit for that line -- I honestly have no idea why the 60 is there. I guess nobody's ever set the token_life to under 60 seconds before either. =)

ctrochalakis commented 9 years ago

Hehe! We set it to 60secs so we could debug a driver's retry logic when the token has expired.

onovy commented 8 years ago

review for removing it here: https://review.openstack.org/246342 comments welcome