@@ -247,15 +247,16 @@ def decrypt_token(self, username, token):
247247 '''
248248 Decrypt a token.
249249 '''
250+ time_start = datetime .datetime .utcnow ()
250251 version , user_type , _from = self ._parse_username (username )
251252 if (version > self .maximum_token_version or
252253 version < self .minimum_token_version ):
253254 raise TokenValidationError ('Unacceptable token version.' )
254255 if self .stats :
255- self .stats .incr ('token_version_{0}' . format ( version ) )
256- self .stats .incr (f'cache_key.from. { _from } )
257- self .stats .incr (f'cache_key.to. { self .to_auth_context } )
258- self .stats .incr (f'cache_key.user_type. { user_type } )
256+ self .stats .incr ('token_version_{version}' )
257+ self .stats .incr (f'cache_key_from_ { _from } )
258+ self .stats .incr (f'cache_key_to_ { self .to_auth_context } )
259+ self .stats .incr (f'cache_key_user_type_ { user_type } )
259260 try :
260261 token_key = '{0}{1}{2}{3}' .format (
261262 hashlib .sha256 (ensure_bytes (token )).hexdigest (),
@@ -267,10 +268,10 @@ def decrypt_token(self, username, token):
267268 raise TokenValidationError ('Authentication error.' )
268269 if token_key not in self .TOKENS :
269270 if self .stats :
270- self .stats .incr ('token_cache.miss ' )
271- self .stats .gauge ('token_cache.size_at_miss ' , len (self .TOKENS ))
271+ self .stats .incr ('token_cache_miss ' )
272+ self .stats .gauge ('token_cache_size_at_miss ' , len (self .TOKENS ))
272273 if len (self .TOKENS ) >= self .token_cache_size :
273- self .stats .incr ('token_cache.eviction ' )
274+ self .stats .incr ('token_cache_eviction ' )
274275
275276 try :
276277 token = base64 .b64decode (token )
@@ -330,9 +331,12 @@ def decrypt_token(self, username, token):
330331 )
331332 else :
332333 if self .stats :
333- self .stats .incr ('token_cache.hit ' )
334+ self .stats .incr ('token_cache_hit ' )
334335 ret = self .TOKENS [token_key ]
336+
335337 now = datetime .datetime .utcnow ()
338+ if self .stats :
339+ self .stats .timing ('decrypt_token_validation_duration' , (now - time_start ).total_seconds () * 1000 ) # noqa: E501
336340 try :
337341 not_before = datetime .datetime .strptime (
338342 ret ['payload' ]['not_before' ],
@@ -344,14 +348,14 @@ def decrypt_token(self, username, token):
344348 )
345349 except Exception :
346350 logging .exception (
347- 'Failed to get not_before and not_after from token payload.'
351+ 'Failed to get not_before and not_after from token payload.' # noqa: E501
348352 )
349353 raise TokenValidationError (
350354 'Authentication error. Missing validity.'
351355 )
352356 delta = (not_after - not_before ).seconds / 60
353357 if delta > self .auth_token_max_lifetime :
354- logging .warning ('Token used which exceeds max token lifetime.' )
358+ logging .warning ('Token used which exceeds max token lifetime.' ) # noqa: E501
355359 raise TokenValidationError (
356360 'Authentication error. Token lifetime exceeded.'
357361 )
@@ -360,10 +364,13 @@ def decrypt_token(self, username, token):
360364 raise TokenValidationError (
361365 'Authentication error. Invalid time validity for token.'
362366 )
363- if self .stats :
364- self .stats .incr ('token_cache.set' )
365- self .stats .gauge ('token_cache.size_at_set' , len (self .TOKENS ))
367+
366368 self .TOKENS [token_key ] = ret
369+ duration = (datetime .datetime .utcnow () - now ).total_seconds () * 1000
370+ if self .stats :
371+ self .stats .timing ('decrypt_token_duration_post_validation' , duration ) # noqa: E501
372+ self .stats .incr ('token_cache_set' )
373+ self .stats .gauge ('token_cache_size_at_set' , len (self .TOKENS )) # noqa: E501
367374 return self .TOKENS [token_key ]
368375
369376
0 commit comments