Use plugin-specific configuration, better expiration

Use a SAML2 plugin specific option to specify the database uri for sessions. Use a much more robust method to find sessions that need expiration (thanks Patrick). https://fedorahosted.org/ipsilon/ticket/90 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
author: Rob Crittenden <rcritten@redhat.com> 2015-05-11 18:14:42 -0400
committer: Rob Crittenden <rcritten@redhat.com> 2015-05-11 18:14:42 -0400
commit: 551456691bcca369308cc8580705f1baa258f9fe (patch)
tree: 3ce2b9aa142f9946548fc6175dcc07fa2561ace0 /ipsilon/util
parent: d169919a1ff5a7668c8bb23a45b59011a91132e1 (diff)
download: ipsilon.git-551456691bcca369308cc8580705f1baa258f9fe.tar.gz
ipsilon.git-551456691bcca369308cc8580705f1baa258f9fe.tar.xz
ipsilon.git-551456691bcca369308cc8580705f1baa258f9fe.zip
1 files changed, 17 insertions, 3 deletions
diff --git a/ipsilon/util/data.py b/ipsilon/util/data.py
index f90519d..53a1756 100644
--- a/ipsilon/util/data.py
+++ b/ipsilon/util/data.py
@@ -1,11 +1,12 @@
 # Copyright (C) 2013 Ipsilon project Contributors, for license see COPYING
 
 import cherrypy
+import datetime
 from ipsilon.util.log import Log
 from sqlalchemy import create_engine
 from sqlalchemy import MetaData, Table, Column, Text
 from sqlalchemy.pool import QueuePool, SingletonThreadPool
-from sqlalchemy.sql import select
+from sqlalchemy.sql import select, and_
 import ConfigParser
 import os
 import uuid
@@ -513,9 +514,12 @@ class TranStore(Store):
 
 class SAML2SessionStore(Store):
 
-    def __init__(self, path=None):
-        super(SAML2SessionStore, self).__init__('saml2.sessions.db')
+    def __init__(self, database_url):
+        super(SAML2SessionStore, self).__init__(database_url=database_url)
         self.table = 'sessions'
+        # pylint: disable=protected-access
+        table = SqlQuery(self._db, self.table, UNIQUE_DATA_COLUMNS)._table
+        table.create(checkfirst=True)
 
     def _get_unique_id_from_column(self, name, value):
         """
@@ -533,6 +537,16 @@ class SAML2SessionStore(Store):
             raise ValueError("Multiple entries returned")
         return data.keys()[0]
 
+    def remove_expired_sessions(self):
+        # pylint: disable=protected-access
+        table = SqlQuery(self._db, self.table, UNIQUE_DATA_COLUMNS)._table
+        sel = select([table.columns.uuid]). \
+            where(and_(table.c.name == 'expiration_time',
+                       table.c.value <= datetime.datetime.now()))
+        # pylint: disable=no-value-for-parameter
+        d = table.delete().where(table.c.uuid.in_(sel))
+        d.execute()
+
     def get_data(self, idval=None, name=None, value=None):
         return self.get_unique_data(self.table, idval, name, value)
author	Rob Crittenden <rcritten@redhat.com>	2015-05-11 18:14:42 -0400
committer	Rob Crittenden <rcritten@redhat.com>	2015-05-11 18:14:42 -0400
commit	551456691bcca369308cc8580705f1baa258f9fe (patch)
tree	3ce2b9aa142f9946548fc6175dcc07fa2561ace0 /ipsilon/util
parent	d169919a1ff5a7668c8bb23a45b59011a91132e1 (diff)
download	ipsilon.git-551456691bcca369308cc8580705f1baa258f9fe.tar.gz ipsilon.git-551456691bcca369308cc8580705f1baa258f9fe.tar.xz ipsilon.git-551456691bcca369308cc8580705f1baa258f9fe.zip