Timeout inactive is improperly used #55
Description
Hello,
isilon_sdk_python/isi_sdk_9_1_0/isi_sdk_9_1_0/api_client.py
Lines 559 to 560 in a76bec4
The issue is when you query the session endpoint, what it returns is:
{"services":["platform"],"timeout_absolute":14400,"timeout_inactive":900,"username":"someuser"}
Timeout inactive is not 15 seconds it's 15 minutes... So not only the code is wrong but it should really do something like:
--- api_client.py.orig 2022-07-27 11:03:58.739454831 +0200
+++ api_client.py 2022-07-27 11:45:37.025356419 +0200
@@ -83,6 +83,7 @@
self.session_expiration = 0
self.inactive_expiration = 0
+ self.inactive_threshold = 0
self.x_csrf_token = None
def __del__(self):
@@ -548,6 +548,7 @@
self.cookie = cookies.split(';')[0]
timeout = json.loads(response_data.data)['timeout_absolute']
self.session_expiration = now + timeout
+ self.inactive_threshold = json.loads(response_data.data)['timeout_inactive']
try:
# extract X-CSRF token from response cookies
@@ -557,8 +565,8 @@
# this is not an anti-CSRF version of PAPI
pass
- # 15 seconds is the default keep alive timeout
- self.inactive_expiration = now + 15
+ # Increase inactive_expiration by inactive_threshold
+ self.inactive_expiration = now + max(self.inactive_threshold, 15)
headers['Cookie'] = self.cookie
if self.x_csrf_token:
Regards,
Mathieu