diff --git a/keystonemiddleware/ec2_token.py b/keystonemiddleware/ec2_token.py index faa59681..3e00646a 100644 --- a/keystonemiddleware/ec2_token.py +++ b/keystonemiddleware/ec2_token.py @@ -44,6 +44,8 @@ keystone_ec2_opts = [ 'CAs.'), cfg.BoolOpt('insecure', default=False, help='Disable SSL certificate verification.'), + cfg.IntOpt('timeout', default=60, + help='Timeout to obtain token.'), ] CONF = cfg.CONF @@ -172,9 +174,10 @@ class EC2Token(object): elif CONF.keystone_ec2_token.certfile: cert = CONF.keystone_ec2_token.certfile - response = requests.request('POST', CONF.keystone_ec2_token.url, - data=creds_json, headers=headers, - verify=verify, cert=cert) + response = requests.post(CONF.keystone_ec2_token.url, + data=creds_json, headers=headers, + verify=verify, cert=cert, + timeout=CONF.keystone_ec2_token.timeout) # NOTE(vish): We could save a call to keystone by # having keystone return token, tenant, diff --git a/keystonemiddleware/s3_token.py b/keystonemiddleware/s3_token.py index d8d8e78b..ad27aff0 100644 --- a/keystonemiddleware/s3_token.py +++ b/keystonemiddleware/s3_token.py @@ -33,12 +33,21 @@ This WSGI component: import webob +from oslo_config import cfg from oslo_log import log as logging from oslo_serialization import jsonutils from oslo_utils import strutils import requests import six +s3_opts = [ + cfg.IntOpt('timeout', default=60, + help='Timeout to obtain token.'), +] + +CONF = cfg.CONF +CONF.register_opts(s3_opts, group='s3_token') + PROTOCOL_NAME = 'S3 Token Authentication' @@ -113,7 +122,8 @@ class S3Token(object): try: response = requests.post('%s/v2.0/s3tokens' % self._request_uri, headers=headers, data=creds_json, - verify=self._verify) + verify=self._verify, + timeout=CONF.s3_token.timeout) except requests.exceptions.RequestException as e: self._logger.info('HTTP connection exception: %s', e) resp = self._deny_request('InvalidURI')