Update Keystone code from official Github repository with branch Master on 09/01/2015.

Change-Id: I0ff6099e6e2580f87f502002a998bbfe12673498

2 files changed, 19 insertions, 18 deletions

diff --git a/keystone-moon/keystone/contrib/revoke/backends/kvs.py b/keystone-moon/keystone/contrib/revoke/backends/kvs.py
index cc41fbee..349ed6e3 100644
--- a/keystone-moon/keystone/contrib/revoke/backends/kvs.py
+++ b/keystone-moon/keystone/contrib/revoke/backends/kvs.py
@@ -13,12 +13,12 @@
 import datetime
 
 from oslo_config import cfg
+from oslo_log import versionutils
 from oslo_utils import timeutils
 
 from keystone.common import kvs
 from keystone.contrib import revoke
 from keystone import exception
-from keystone.openstack.common import versionutils
 
 
 CONF = cfg.CONF
@@ -45,29 +45,30 @@ class Revoke(revoke.Driver):
         except exception.NotFound:
             return []
 
-    def _prune_expired_events_and_get(self, last_fetch=None, new_event=None):
-        pruned = []
+    def list_events(self, last_fetch=None):
         results = []
+
+        with self._store.get_lock(_EVENT_KEY):
+            events = self._list_events()
+
+        for event in events:
+            revoked_at = event.revoked_at
+            if last_fetch is None or revoked_at > last_fetch:
+                results.append(event)
+        return results
+
+    def revoke(self, event):
+        pruned = []
         expire_delta = datetime.timedelta(seconds=CONF.token.expiration)
         oldest = timeutils.utcnow() - expire_delta
-        # TODO(ayoung): Store the time of the oldest event so that the
-        # prune process can be skipped if none of the events have timed out.
+
         with self._store.get_lock(_EVENT_KEY) as lock:
             events = self._list_events()
-            if new_event is not None:
-                events.append(new_event)
+            if event:
+                events.append(event)
 
             for event in events:
                 revoked_at = event.revoked_at
                 if revoked_at > oldest:
                     pruned.append(event)
-                    if last_fetch is None or revoked_at > last_fetch:
-                        results.append(event)
             self._store.set(_EVENT_KEY, pruned, lock)
-        return results
-
-    def list_events(self, last_fetch=None):
-        return self._prune_expired_events_and_get(last_fetch=last_fetch)
-
-    def revoke(self, event):
-        self._prune_expired_events_and_get(new_event=event)
diff --git a/keystone-moon/keystone/contrib/revoke/backends/sql.py b/keystone-moon/keystone/contrib/revoke/backends/sql.py
index 1b0cde1e..dd7fdd19 100644
--- a/keystone-moon/keystone/contrib/revoke/backends/sql.py
+++ b/keystone-moon/keystone/contrib/revoke/backends/sql.py
@@ -33,7 +33,7 @@ class RevocationEvent(sql.ModelBase, sql.ModelDictMixin):
     access_token_id = sql.Column(sql.String(64))
     issued_before = sql.Column(sql.DateTime(), nullable=False)
     expires_at = sql.Column(sql.DateTime())
-    revoked_at = sql.Column(sql.DateTime(), nullable=False)
+    revoked_at = sql.Column(sql.DateTime(), nullable=False, index=True)
     audit_id = sql.Column(sql.String(32))
     audit_chain_id = sql.Column(sql.String(32))
 
@@ -81,7 +81,6 @@ class Revoke(revoke.Driver):
         session.flush()
 
     def list_events(self, last_fetch=None):
-        self._prune_expired_events()
         session = sql.get_session()
         query = session.query(RevocationEvent).order_by(
             RevocationEvent.revoked_at)
@@ -102,3 +101,4 @@ class Revoke(revoke.Driver):
         session = sql.get_session()
         with session.begin():
             session.add(record)
+        self._prune_expired_events()