Ability to configure keystone token expiration

Amount of time a token should remain valid (in seconds) Closes bug: #232
2014-02-12 15:43:02 +01:00 · 2014-02-12 15:43:02 +01:00 · 843609d882
commit 843609d882
parent bc88270ce5
2 changed files with 24 additions and 17 deletions
--- a/manifests/identity.pp
+++ b/manifests/identity.pp
@ -323,6 +323,10 @@
 #   (optional) Syslog facility to receive log lines
 #   Defaults value in params
 #
+# [*token_expiration*]
+#   (optional) Amount of time a token should remain valid (in seconds)
+#   Defaults value in params
+#
 class cloud::identity (
  $swift_enabled                = $os_params::swift,
  $identity_roles_addons        = $os_params::identity_roles_addons,
@ -392,7 +396,8 @@ class cloud::identity (
  $verbose                      = $os_params::verbose,
  $debug                        = $os_params::debug,
  $log_facility                 = $os_params::log_facility,
-  $use_syslog                   = $os_params::use_syslog
+  $use_syslog                   = $os_params::use_syslog,
+  $ks_token_expiration          = $os_params::ks_token_expiration
 ){

  $encoded_user     = uriescape($keystone_db_user)
@ -414,7 +419,8 @@ class cloud::identity (
    verbose          => $verbose,
    bind_host        => $api_eth,
    public_port      => $ks_keystone_public_port,
-    admin_port       => $ks_keystone_admin_port
+    admin_port       => $ks_keystone_admin_port,
+    token_expiration => $ks_token_expiration
  }

  keystone_config {
--- a/spec/classes/cloud_identity_spec.rb
+++ b/spec/classes/cloud_identity_spec.rb
@ -94,21 +94,22 @@ describe 'cloud::identity' do

    it 'configure keystone server' do
      should contain_class('keystone').with(
-        :enabled          => true,
-        :admin_token      => 'SECRETE',
-        :compute_port     => '8774',
-        :debug            => true,
-        :verbose          => true,
-        :idle_timeout     => '60',
-        :log_facility     => 'LOG_LOCAL0',
-        :memcache_servers => ['10.0.0.1','10.0.0.2'],
-        :sql_connection   => 'mysql://keystone:secrete@10.0.0.1/keystone',
-        :token_driver     => 'keystone.token.backends.memcache.Token',
-        :token_provider   => 'keystone.token.providers.uuid.Provider',
-        :use_syslog       => true,
-        :bind_host        => '10.0.0.1',
-        :public_port      => '5000',
-        :admin_port       => '35357'
+        :enabled             => true,
+        :admin_token         => 'SECRETE',
+        :compute_port        => '8774',
+        :debug               => true,
+        :verbose             => true,
+        :idle_timeout        => '60',
+        :log_facility        => 'LOG_LOCAL0',
+        :memcache_servers    => ['10.0.0.1','10.0.0.2'],
+        :sql_connection      => 'mysql://keystone:secrete@10.0.0.1/keystone',
+        :token_driver        => 'keystone.token.backends.memcache.Token',
+        :token_provider      => 'keystone.token.providers.uuid.Provider',
+        :use_syslog          => true,
+        :bind_host           => '10.0.0.1',
+        :public_port         => '5000',
+        :admin_port          => '35357',
+        :ks_token_expiration => '3600'
      )
      should contain_keystone_config('ec2/driver').with('value' => 'keystone.contrib.ec2.backends.sql.Ec2')
    end