yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1208286] Re: V3 Identity API: expired tokens are not documented as invalid

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Dolph Mathews <1208286@xxxxxxxxxxxxxxxxxx>
Date: Tue, 10 Dec 2013 20:47:24 -0000
Reply-to: Bug 1208286 <1208286@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** No longer affects: keystone

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1208286

Title:
  V3 Identity API: expired tokens are not documented as invalid

Status in OpenStack API documentation site:
  Fix Released
Status in OpenStack Manuals:
  Fix Released

Bug description:
  The response codes from GET /auth/tokens are not documented, but they
  are non-obvious (at least to me).

  The 'happy case' is easy.  But what happens if the auth token has
  expired?  What happens if the subject token has expired?  How can I
  differentiate?

  If an expired subject token is returned as a 200 response, how can I
  tell it is expired (assuming I don't have an accurate source of time,
  e.g. in the browser)?

  For how long are expired tokens stored?

To manage notifications about this bug go to:
https://bugs.launchpad.net/openstack-api-site/+bug/1208286/+subscriptions