Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1391643

Summary: SSO token expiration should be returned as long
Product: [oVirt] ovirt-engine Reporter: Ravi Nori <rnori>
Component: AAAAssignee: Ravi Nori <rnori>
Status: CLOSED CURRENTRELEASE QA Contact: Gonza <grafuls>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 4.0.0CC: bugs, mgoldboi, mperina, pstehlik
Target Milestone: ovirt-4.0.6Keywords: ZStream
Target Release: 4.0.6.1Flags: rule-engine: ovirt-4.0.z+
mgoldboi: planning_ack+
mperina: devel_ack+
pstehlik: testing_ack+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-01-18 07:26:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ravi Nori 2016-11-03 16:30:00 UTC 
Description of problem: The SSO token expiration date is returned as a int value this causes issues with the date of token expiration and the value of the date is in the past.


Version-Release number of selected component (if applicable): 4.0

obtain token using curl

curl -v -k -H "Accept: application/json" 'https://admin%40internal:<password>@<engine>:<port/ovirt-engine/sso/oauth/token?grant_type=urn:ovirt:params:oauth:grant-type:http&scope=ovirt-app-api'

The exp value is int and is in the past

Actual results: The exp value returned is in the past

Expected results: the exp value should be in the future

Additional info: This exp value is the authentication record expiration date as returned by the ldap server and should not be confused with the session expiration data which is determined by engine.
Comment 1 Gonza 2016-12-07 14:55:04 UTC 
Verified with:
ovirt-engine-4.1.0-0.2.master.20161205151239.git8f91a7d.el7.centos.noarch

# curl -v -k -H "Accept: application/json" 'https://admin%40internal:<password>@<engine>:<port/ovirt-engine/sso/oauth/token?grant_type=urn:ovirt:params:oauth:grant-type:http&scope=ovirt-app-api'
...
{"access_token":"lt-dY_MODlhXuQw1OGd4jjgY6DQiZJCc3EvZpv89m1UprOaalKdq_wBhUVfKmSbADltDSycoVQZ2cnpvLqSHjw","scope":"ovirt-app-api ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate","exp":"1481726536000","token_type":"bearer"}

new Date(1481726536000L).toString();
Wednesday, December 14, 2016 2:42:16 PM GMT

# date
Wed Dec  7 16:54:31 IST 2016