launchpad-reviewers team mailing list archive

[Colin Watson <cjwatson@xxxxxxxxxxxxx>]

Colin Watson has proposed merging ~cjwatson/launchpad:testopenid-file-store into launchpad:master.

Commit message:
testopenid: Use a filesystem-based store

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/399125

Now that we normally use gunicorn for development setups, there are multiple worker processes serving requests, and they won't have access to the same MemoryStore instance for testopenid requests; this can cause OpenID exchanges to fail depending on which workers serve the relevant requests.  Use a filesystem-based store instead so that live nonces and associations can be shared between processes.
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad:testopenid-file-store into launchpad:master.

diff --git a/lib/lp/services/config/schema-lazr.conf b/lib/lp/services/config/schema-lazr.conf
index 7b35f3a..8ec14f5 100644
--- a/lib/lp/services/config/schema-lazr.conf
+++ b/lib/lp/services/config/schema-lazr.conf
@@ -868,6 +868,10 @@ dbuser: launchpad_main
 # datatype: boolean
 enable_test_openid_provider: False
 
+# Directory to use as a store for the test OpenID provider.
+# datatype: string
+test_openid_provider_store: /var/tmp/testopenid
+
 # The password to accept for all users for HTTP basic auth.
 # If None, HTTP basic auth is disabled
 # Obviously this should never be set in anything even vaguely
diff --git a/lib/lp/testopenid/browser/server.py b/lib/lp/testopenid/browser/server.py
index f2ce757..f58022c 100644
--- a/lib/lp/testopenid/browser/server.py
+++ b/lib/lp/testopenid/browser/server.py
@@ -24,7 +24,7 @@ from openid.server.server import (
     ENCODE_HTML_FORM,
     Server,
     )
-from openid.store.memstore import MemoryStore
+from openid.store.filestore import FileOpenIDStore
 from zope.authentication.interfaces import IUnauthenticatedPrincipal
 from zope.browserpage import ViewPageTemplateFile
 from zope.component import getUtility
@@ -39,6 +39,7 @@ from lp.app.browser.launchpadform import (
     )
 from lp.app.errors import UnexpectedFormData
 from lp.registry.interfaces.person import IPerson
+from lp.services.config import config
 from lp.services.identity.interfaces.account import (
     AccountStatus,
     IAccountSet,
@@ -74,7 +75,15 @@ from lp.testopenid.interfaces.server import (
 
 OPENID_REQUEST_SESSION_KEY = 'testopenid.request'
 SESSION_PKG_KEY = 'TestOpenID'
-openid_store = MemoryStore()
+openid_store = None
+
+
+def get_openid_store():
+    global openid_store
+    if openid_store is None:
+        openid_store = FileOpenIDStore(
+            config.launchpad.test_openid_provider_store)
+    return openid_store
 
 
 @implementer(ICanonicalUrlData)
@@ -128,7 +137,7 @@ class OpenIDMixin:
     def __init__(self, context, request):
         super(OpenIDMixin, self).__init__(context, request)
         self.server_url = get_server_url()
-        self.openid_server = Server(openid_store, self.server_url)
+        self.openid_server = Server(get_openid_store(), self.server_url)
 
     @property
     def user_identity_url(self):