aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon/keystone/revoke/backends
diff options
context:
space:
mode:
authorRHE <rebirthmonkey@gmail.com>2017-11-24 13:54:26 +0100
committerRHE <rebirthmonkey@gmail.com>2017-11-24 13:54:26 +0100
commit920a49cfa055733d575282973e23558c33087a4a (patch)
treed371dab34efa5028600dad2e7ca58063626e7ba4 /keystone-moon/keystone/revoke/backends
parentef3eefca70d8abb4a00dafb9419ad32738e934b2 (diff)
remove keystone-moon
Change-Id: I80d7c9b669f19d5f6607e162de8e0e55c2f80fdd Signed-off-by: RHE <rebirthmonkey@gmail.com>
Diffstat (limited to 'keystone-moon/keystone/revoke/backends')
-rw-r--r--keystone-moon/keystone/revoke/backends/__init__.py0
-rw-r--r--keystone-moon/keystone/revoke/backends/sql.py100
2 files changed, 0 insertions, 100 deletions
diff --git a/keystone-moon/keystone/revoke/backends/__init__.py b/keystone-moon/keystone/revoke/backends/__init__.py
deleted file mode 100644
index e69de29b..00000000
--- a/keystone-moon/keystone/revoke/backends/__init__.py
+++ /dev/null
diff --git a/keystone-moon/keystone/revoke/backends/sql.py b/keystone-moon/keystone/revoke/backends/sql.py
deleted file mode 100644
index 9f8a82db..00000000
--- a/keystone-moon/keystone/revoke/backends/sql.py
+++ /dev/null
@@ -1,100 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from keystone.common import sql
-from keystone.models import revoke_model
-from keystone import revoke
-
-
-class RevocationEvent(sql.ModelBase, sql.ModelDictMixin):
- __tablename__ = 'revocation_event'
- attributes = revoke_model.REVOKE_KEYS
-
- # The id field is not going to be exposed to the outside world.
- # It is, however, necessary for SQLAlchemy.
- id = sql.Column(sql.Integer, primary_key=True, nullable=False)
- domain_id = sql.Column(sql.String(64))
- project_id = sql.Column(sql.String(64))
- user_id = sql.Column(sql.String(64))
- role_id = sql.Column(sql.String(64))
- trust_id = sql.Column(sql.String(64))
- consumer_id = sql.Column(sql.String(64))
- access_token_id = sql.Column(sql.String(64))
- issued_before = sql.Column(sql.DateTime(), nullable=False)
- expires_at = sql.Column(sql.DateTime())
- revoked_at = sql.Column(sql.DateTime(), nullable=False, index=True)
- audit_id = sql.Column(sql.String(32))
- audit_chain_id = sql.Column(sql.String(32))
-
-
-class Revoke(revoke.RevokeDriverV8):
- def _flush_batch_size(self, dialect):
- batch_size = 0
- if dialect == 'ibm_db_sa':
- # This functionality is limited to DB2, because
- # it is necessary to prevent the transaction log
- # from filling up, whereas at least some of the
- # other supported databases do not support update
- # queries with LIMIT subqueries nor do they appear
- # to require the use of such queries when deleting
- # large numbers of records at once.
- batch_size = 100
- # Limit of 100 is known to not fill a transaction log
- # of default maximum size while not significantly
- # impacting the performance of large token purges on
- # systems where the maximum transaction log size has
- # been increased beyond the default.
- return batch_size
-
- def _prune_expired_events(self):
- oldest = revoke.revoked_before_cutoff_time()
-
- with sql.session_for_write() as session:
- dialect = session.bind.dialect.name
- batch_size = self._flush_batch_size(dialect)
- if batch_size > 0:
- query = session.query(RevocationEvent.id)
- query = query.filter(RevocationEvent.revoked_at < oldest)
- query = query.limit(batch_size).subquery()
- delete_query = (session.query(RevocationEvent).
- filter(RevocationEvent.id.in_(query)))
- while True:
- rowcount = delete_query.delete(synchronize_session=False)
- if rowcount == 0:
- break
- else:
- query = session.query(RevocationEvent)
- query = query.filter(RevocationEvent.revoked_at < oldest)
- query.delete(synchronize_session=False)
-
- session.flush()
-
- def list_events(self, last_fetch=None):
- with sql.session_for_read() as session:
- query = session.query(RevocationEvent).order_by(
- RevocationEvent.revoked_at)
-
- if last_fetch:
- query = query.filter(RevocationEvent.revoked_at > last_fetch)
-
- events = [revoke_model.RevokeEvent(**e.to_dict()) for e in query]
-
- return events
-
- def revoke(self, event):
- kwargs = dict()
- for attr in revoke_model.REVOKE_KEYS:
- kwargs[attr] = getattr(event, attr)
- record = RevocationEvent(**kwargs)
- with sql.session_for_write() as session:
- session.add(record)
- self._prune_expired_events()