[
https://issues.apache.org/jira/browse/LIBCLOUD-835?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15392342#comment-15392342
]
ASF GitHub Bot commented on LIBCLOUD-835:
-----------------------------------------
GitHub user paultiplady opened a pull request:
https://github.com/apache/libcloud/pull/844
[LIBCLOUD-835] Fix caching of Google auth tokens
## Fix corruption bug in Google auth token caching
### Description
The `GoogleOAuth2Credential. _write_token_to_file()` method writes a copy
of the latest OAuth token to disk. Prior to this fix, the token was being
written to disk without truncating the file first, which is fine in the case
where the new token has the same number of characters (or more) as the old one.
However, in some situations Google OAuth returns a shorter token string, which
was causing the library to crash when loading the corrupted token.
### Status
Fixed, needs tests.
### Checklist (tick everything that applies)
- [x] [Code
linting](http://libcloud.readthedocs.org/en/latest/development.html#code-style-guide)
(required, can be done after the PR checks)
- [ ] Documentation
- [ ] [Tests](http://libcloud.readthedocs.org/en/latest/testing.html)
- [ ]
[ICLA](http://libcloud.readthedocs.org/en/latest/development.html#contributing-bigger-changes)
(required for bigger changes)
_write_token_to_file was not zeroing the file before writing
a new token, causing corruption.
FIXES: LIBCLOUD-835
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/qwil/libcloud
LIBCLOUD-835_google-token-corruption
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/libcloud/pull/844.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #844
----
commit 9d05463aa2faa4733ac0129c2797ee9d043e58f9
Author: Paul Tiplady <[email protected]>
Date: 2016-07-22T18:32:27Z
[LIBCLOUD-835] Fix caching of Google auth tokens
_write_token_to_file was not zeroing the file before writing
a new token, causing corruption.
FIXES: LIBCLOUD-835
----
> Malformed auth token causes fatal exception in Google Storage driver
> --------------------------------------------------------------------
>
> Key: LIBCLOUD-835
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-835
> Project: Libcloud
> Issue Type: Bug
> Reporter: Paul Tiplady
> Priority: Critical
>
> One of my Django instances has started hitting a libcloud error which is
> causing a fatal exception, bringing down the instance.
> It looks like libcloud is writing invalid JSON into the auth token, which
> then causes a JSON parse error when it is subsequently read back in.
> Here's the token that's written:
> {code}
> $ cat /root/.google_libcloud_auth.<project>
> {"access_token": "<redacted>", "token_type": "Bearer", "expire_time":
> "2016-07-12T16:45:09Z", "expires_in": 3559}09Z", "expires_in": 3537}
> {code}
> Note the two "expires_in" keys, one with a nonsense value of `3559}09Z"`
> Environment:
> Python 3.4.4
> apache-libcloud==1.0.0
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
