Merge ~cjwatson/launchpad:testopenid-file-store into launchpad:master

Proposed by Colin Watson
Status: Merged
Approved by: Colin Watson
Approved revision: 6e53d62261ddd24e7f0b8d6c394f00c16ea87410
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~cjwatson/launchpad:testopenid-file-store
Merge into: launchpad:master
Diff against target: 74 lines (+17/-3)
3 files modified
configs/development/launchpad-lazr.conf (+1/-0)
lib/lp/services/config/schema-lazr.conf (+4/-0)
lib/lp/testopenid/browser/ (+12/-3)
Reviewer Review Type Date Requested Status
William Grant code Approve
Review via email:

Commit message

testopenid: Use a filesystem-based store

Description of the change

Now that we normally use gunicorn for development setups, there are multiple worker processes serving requests, and they won't have access to the same MemoryStore instance for testopenid requests; this can cause OpenID exchanges to fail depending on which workers serve the relevant requests. Use a filesystem-based store instead so that live nonces and associations can be shared between processes.

To post a comment you must log in.
Revision history for this message
William Grant (wgrant) :
review: Approve (code)
Revision history for this message
Colin Watson (cjwatson) :

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/configs/development/launchpad-lazr.conf b/configs/development/launchpad-lazr.conf
index 5c0f74a..4f34d76 100644
--- a/configs/development/launchpad-lazr.conf
+++ b/configs/development/launchpad-lazr.conf
@@ -93,6 +93,7 @@ public_https: False
93devmode: true93devmode: true
94use_gunicorn: true94use_gunicorn: true
95enable_test_openid_provider: True95enable_test_openid_provider: True
96test_openid_provider_store: /var/tmp/testopenid
96openid_canonical_root: https://testopenid.test/97openid_canonical_root: https://testopenid.test/
97openid_provider_root: https://testopenid.test/98openid_provider_root: https://testopenid.test/
98ca_certificates_path: /etc/ssl/certs/ca-certificates.crt99ca_certificates_path: /etc/ssl/certs/ca-certificates.crt
diff --git a/lib/lp/services/config/schema-lazr.conf b/lib/lp/services/config/schema-lazr.conf
index 7b35f3a..fe28a8c 100644
--- a/lib/lp/services/config/schema-lazr.conf
+++ b/lib/lp/services/config/schema-lazr.conf
@@ -868,6 +868,10 @@ dbuser: launchpad_main
868# datatype: boolean868# datatype: boolean
869enable_test_openid_provider: False869enable_test_openid_provider: False
871# Directory to use as a store for the test OpenID provider.
872# datatype: string
871# The password to accept for all users for HTTP basic auth.875# The password to accept for all users for HTTP basic auth.
872# If None, HTTP basic auth is disabled876# If None, HTTP basic auth is disabled
873# Obviously this should never be set in anything even vaguely877# Obviously this should never be set in anything even vaguely
diff --git a/lib/lp/testopenid/browser/ b/lib/lp/testopenid/browser/
index f2ce757..f58022c 100644
--- a/lib/lp/testopenid/browser/
+++ b/lib/lp/testopenid/browser/
@@ -24,7 +24,7 @@ from openid.server.server import (
25 Server,25 Server,
26 )26 )
27from import MemoryStore27from import FileOpenIDStore
28from zope.authentication.interfaces import IUnauthenticatedPrincipal28from zope.authentication.interfaces import IUnauthenticatedPrincipal
29from zope.browserpage import ViewPageTemplateFile29from zope.browserpage import ViewPageTemplateFile
30from zope.component import getUtility30from zope.component import getUtility
@@ -39,6 +39,7 @@ from import (
39 )39 )
40from import UnexpectedFormData40from import UnexpectedFormData
41from lp.registry.interfaces.person import IPerson41from lp.registry.interfaces.person import IPerson
42from import config
42from import (43from import (
43 AccountStatus,44 AccountStatus,
44 IAccountSet,45 IAccountSet,
@@ -74,7 +75,15 @@ from lp.testopenid.interfaces.server import (
75OPENID_REQUEST_SESSION_KEY = 'testopenid.request'76OPENID_REQUEST_SESSION_KEY = 'testopenid.request'
77openid_store = MemoryStore()78openid_store = None
81def get_openid_store():
82 global openid_store
83 if openid_store is None:
84 openid_store = FileOpenIDStore(
85 config.launchpad.test_openid_provider_store)
86 return openid_store
@@ -128,7 +137,7 @@ class OpenIDMixin:
128 def __init__(self, context, request):137 def __init__(self, context, request):
129 super(OpenIDMixin, self).__init__(context, request)138 super(OpenIDMixin, self).__init__(context, request)
130 self.server_url = get_server_url()139 self.server_url = get_server_url()
131 self.openid_server = Server(openid_store, self.server_url)140 self.openid_server = Server(get_openid_store(), self.server_url)
133 @property142 @property
134 def user_identity_url(self):143 def user_identity_url(self):


People subscribed via source and target branches

to status/vote changes: