libcloud-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (LIBCLOUD-835) Malformed auth token causes fatal exception in Google Storage driver
Date Mon, 25 Jul 2016 17:30:20 GMT

    [ https://issues.apache.org/jira/browse/LIBCLOUD-835?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15392342#comment-15392342
] 

ASF GitHub Bot commented on LIBCLOUD-835:
-----------------------------------------

GitHub user paultiplady opened a pull request:

    https://github.com/apache/libcloud/pull/844

    [LIBCLOUD-835] Fix caching of Google auth tokens

    ## Fix corruption bug in Google auth token caching
    
    ### Description
    
    The `GoogleOAuth2Credential. _write_token_to_file()` method writes a copy of the latest
OAuth token to disk. Prior to this fix, the token was being written to disk without truncating
the file first, which is fine in the case where the new token has the same number of characters
(or more) as the old one. However, in some situations Google OAuth returns a shorter token
string, which was causing the library to crash when loading the corrupted token.
    
    ### Status
    
    Fixed, needs tests.
    
    ### Checklist (tick everything that applies)
    
    - [x] [Code linting](http://libcloud.readthedocs.org/en/latest/development.html#code-style-guide)
(required, can be done after the PR checks)
    - [ ] Documentation
    - [ ] [Tests](http://libcloud.readthedocs.org/en/latest/testing.html)
    - [ ] [ICLA](http://libcloud.readthedocs.org/en/latest/development.html#contributing-bigger-changes)
(required for bigger changes)
    
    _write_token_to_file was not zeroing the file before writing
    a new token, causing corruption.
    
    FIXES: LIBCLOUD-835

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/qwil/libcloud LIBCLOUD-835_google-token-corruption

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/libcloud/pull/844.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #844
    
----
commit 9d05463aa2faa4733ac0129c2797ee9d043e58f9
Author: Paul Tiplady <paul@qwil.co>
Date:   2016-07-22T18:32:27Z

    [LIBCLOUD-835] Fix caching of Google auth tokens
    
    _write_token_to_file was not zeroing the file before writing
    a new token, causing corruption.
    
    FIXES: LIBCLOUD-835

----


> Malformed auth token causes fatal exception in Google Storage driver
> --------------------------------------------------------------------
>
>                 Key: LIBCLOUD-835
>                 URL: https://issues.apache.org/jira/browse/LIBCLOUD-835
>             Project: Libcloud
>          Issue Type: Bug
>            Reporter: Paul Tiplady
>            Priority: Critical
>
> One of my Django instances has started hitting a libcloud error which is causing a fatal
exception, bringing down the instance.
> It looks like libcloud is writing invalid JSON into the auth token, which then causes
a JSON parse error when it is subsequently read back in.
> Here's the token that's written:
> {code}
> $ cat /root/.google_libcloud_auth.<project>
> {"access_token": "<redacted>", "token_type": "Bearer", "expire_time": "2016-07-12T16:45:09Z",
"expires_in": 3559}09Z", "expires_in": 3537}
> {code}
> Note the two "expires_in" keys, one with a nonsense value of `3559}09Z"`
> Environment:
> Python 3.4.4 
> apache-libcloud==1.0.0



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message