vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

keyserver: add cache-control headers

Browse source
This commit is contained in:
Jimmy Zelinskie 2016-04-13 15:50:56 -04:00 committed by Jimmy Zelinskie
parent bc08ac2749
commit 6aa7040f39
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
endpoints/key_server.py
View file

@ -1,6 +1,6 @@
import logging import logging
from datetime import datetime from datetime import datetime, timedelta
from cryptography.hazmat.backends import default_backend from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePublicNumbers from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePublicNumbers
@ -88,7 +88,15 @@ def get_service_key(service, kid):
if key.approval is None: if key.approval is None:
abort(409) abort(409)
return jsonify(key.jwk) resp = jsonify(key.jwk)
# Set the cache header to be a year for non-expiring keys.
lifetime = timedelta(days=365)
if key.expiration_date is not None:
lifetime = key.expiration_date - key.created_date
resp.cache_control.max_age = lifetime.seconds
return resp
@key_server.route('/services/<service>/keys/<kid>', methods=['PUT']) @key_server.route('/services/<service>/keys/<kid>', methods=['PUT'])