Merge pull request #10980 from erchn/develop

Do not use expired tokens in external_auth
This commit is contained in:
Thomas S Hatch 2014-03-06 04:38:10 -08:00
commit 6dcc0b6a00

View File

@ -11,6 +11,7 @@ import socket
import logging
import urlparse
from copy import deepcopy
import time
# import third party libs
import yaml
@ -2044,6 +2045,9 @@ def client_config(path, env_var='SALT_CLIENT_CONFIG', defaults=None):
)
# If the token file exists, read and store the contained token
if os.path.isfile(opts['token_file']):
# Make sure token is still valid
expire = opts.get('token_expire', 43200)
if os.stat(opts['token_file']).st_mtime + expire > time.mktime(time.localtime()):
with salt.utils.fopen(opts['token_file']) as fp_:
opts['token'] = fp_.read().strip()
# On some platforms, like OpenBSD, 0.0.0.0 won't catch a master running on localhost