s3token: Raise error on negative secret_cache_duration config

Change-Id: I8a961302a8905f483433976f6105b138a1acd7ba
2018-12-11 18:47:53 +00:00 · 2018-12-11 18:47:53 +00:00 · 46bde0c0b2
commit 46bde0c0b2
parent ec70cf9605
1 changed files with 3 additions and 1 deletions
--- a/swift/common/middleware/s3api/s3token.py
+++ b/swift/common/middleware/s3api/s3token.py
@ -162,7 +162,9 @@ class S3Token(object):
            self._verify = None

        self._secret_cache_duration = int(conf.get('secret_cache_duration', 0))
-        if self._secret_cache_duration > 0:
+        if self._secret_cache_duration < 0:
+            raise ValueError('secret_cache_duration must be non-negative')
+        if self._secret_cache_duration:
            try:
                auth_plugin = keystone_loading.get_plugin_loader(
                    conf.get('auth_type', 'password'))