diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2015-05-11 18:14:42 -0400 |
|---|---|---|
| committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2015-05-12 00:39:31 +0200 |
| commit | 8445b3297cd0b25989f2575c21bf3426aee7c5ad (patch) | |
| tree | 3ce2b9aa142f9946548fc6175dcc07fa2561ace0 /ipsilon/util/data.py | |
| parent | 6437f6c9385e5e59cb21de7a3addedd904ee2825 (diff) | |
| download | ipsilon-8445b3297cd0b25989f2575c21bf3426aee7c5ad.tar.gz ipsilon-8445b3297cd0b25989f2575c21bf3426aee7c5ad.tar.xz ipsilon-8445b3297cd0b25989f2575c21bf3426aee7c5ad.zip | |
Use plugin-specific configuration, better expiration
Use a SAML2 plugin specific option to specify the database uri
for sessions.
Use a much more robust method to find sessions that need
expiration (thanks Patrick).
https://fedorahosted.org/ipsilon/ticket/90
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/util/data.py')
| -rw-r--r-- | ipsilon/util/data.py | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/ipsilon/util/data.py b/ipsilon/util/data.py index f90519d..53a1756 100644 --- a/ipsilon/util/data.py +++ b/ipsilon/util/data.py @@ -1,11 +1,12 @@ # Copyright (C) 2013 Ipsilon project Contributors, for license see COPYING import cherrypy +import datetime from ipsilon.util.log import Log from sqlalchemy import create_engine from sqlalchemy import MetaData, Table, Column, Text from sqlalchemy.pool import QueuePool, SingletonThreadPool -from sqlalchemy.sql import select +from sqlalchemy.sql import select, and_ import ConfigParser import os import uuid @@ -513,9 +514,12 @@ class TranStore(Store): class SAML2SessionStore(Store): - def __init__(self, path=None): - super(SAML2SessionStore, self).__init__('saml2.sessions.db') + def __init__(self, database_url): + super(SAML2SessionStore, self).__init__(database_url=database_url) self.table = 'sessions' + # pylint: disable=protected-access + table = SqlQuery(self._db, self.table, UNIQUE_DATA_COLUMNS)._table + table.create(checkfirst=True) def _get_unique_id_from_column(self, name, value): """ @@ -533,6 +537,16 @@ class SAML2SessionStore(Store): raise ValueError("Multiple entries returned") return data.keys()[0] + def remove_expired_sessions(self): + # pylint: disable=protected-access + table = SqlQuery(self._db, self.table, UNIQUE_DATA_COLUMNS)._table + sel = select([table.columns.uuid]). \ + where(and_(table.c.name == 'expiration_time', + table.c.value <= datetime.datetime.now())) + # pylint: disable=no-value-for-parameter + d = table.delete().where(table.c.uuid.in_(sel)) + d.execute() + def get_data(self, idval=None, name=None, value=None): return self.get_unique_data(self.table, idval, name, value) |