rework error holddown based on comments from @c00kiemon5ter

jschlyter · jschlyter · commit 6ac7c42cbcb5 · 2020-09-10T13:28:50.000+02:00
diff --git a/src/cryptojwt/key_bundle.py b/src/cryptojwt/key_bundle.py
@@ -157,7 +157,7 @@ def __init__(
         keys=None,
         source="",
         cache_time=300,
-        error_holddown=0,
+        ignore_errors_period=0,
         fileformat="jwks",
         keytype="RSA",
         keyusage=None,
@@ -190,7 +190,8 @@ def __init__(
         self.remote = False
         self.local = False
         self.cache_time = cache_time
-        self.error_holddown = error_holddown
+        self.ignore_errors_period = ignore_errors_period
+        self.ignore_errors_until = None  # UNIX timestamp of last error
         self.time_out = 0
         self.etag = ""
         self.source = None
@@ -201,7 +202,6 @@ def __init__(
         self.last_updated = 0
         self.last_remote = None  # HTTP Date of last remote update
         self.last_local = None  # UNIX timestamp of last local update
-        self.last_error = None  # UNIX timestamp of last error
 
         if httpc:
             self.httpc = httpc
@@ -369,15 +369,13 @@ def do_remote(self):
         # if self.verify_ssl is not None:
         #     self.httpc_params["verify"] = self.verify_ssl
 
-        if self.last_error:
-            t = self.last_error + self.error_holddown
-            if time.time() < t:
-                LOGGER.warning(
-                    "Not reading remote JWKS from %s (in error holddown until %s)",
-                    self.source,
-                    datetime.fromtimestamp(t),
-                )
-                return False
+        if self.ignore_errors_until and time.time() < self.ignore_errors_until:
+            LOGGER.warning(
+                "Not reading remote JWKS from %s (in error holddown until %s)",
+                self.source,
+                datetime.fromtimestamp(self.ignore_errors_until),
+            )
+            return False
 
         LOGGER.info("Reading remote JWKS from %s", self.source)
         try:
@@ -404,7 +402,7 @@ def do_remote(self):
                 self.do_keys(self.imp_jwks["keys"])
             except KeyError:
                 LOGGER.error("No 'keys' keyword in JWKS")
-                self.last_error = time.time()
+                self.ignore_errors_until = time.time() + self.ignore_errors_period
                 raise UpdateFailed(MALFORMED.format(self.source))
 
             if hasattr(_http_resp, "headers"):
@@ -417,15 +415,13 @@ def do_remote(self):
 
         else:
             LOGGER.warning(
-                "HTTP status %d reading remote JWKS from %s",
-                _http_resp.status_code,
-                self.source,
+                "HTTP status %d reading remote JWKS from %s", _http_resp.status_code, self.source,
             )
-            self.last_error = time.time()
+            self.ignore_errors_until = time.time() + self.ignore_errors_period
             raise UpdateFailed(REMOTE_FAILED.format(self.source, _http_resp.status_code))
 
         self.last_updated = time.time()
-        self.last_error = None
+        self.ignore_errors_until = None
         return True
 
     def _parse_remote_response(self, response):
diff --git a/tests/test_03_key_bundle.py b/tests/test_03_key_bundle.py
@@ -1027,10 +1027,10 @@ def test_remote_not_modified():
     assert kb2.last_updated
 
 
-def test_error_holddown():
+def test_ignore_errors_period():
     source_good = "https://example.com/keys.json"
     source_bad = "https://example.com/keys-bad.json"
-    error_holddown = 1
+    ignore_errors_period = 1
     # Mock response
     with responses.RequestsMock() as rsps:
         rsps.add(method="GET", url=source_good, json=JWKS_DICT, status=200)
@@ -1040,11 +1040,11 @@ def test_error_holddown():
             source=source_good,
             httpc=requests.request,
             httpc_params=httpc_params,
-            error_holddown=error_holddown,
+            ignore_errors_period=ignore_errors_period,
         )
         res = kb.do_remote()
         assert res == True
-        assert kb.last_error is None
+        assert kb.ignore_errors_until is None
 
         # refetch, but fail by using a bad source
         kb.source = source_bad
@@ -1055,11 +1055,11 @@ def test_error_holddown():
 
         # retry should fail silently as we're in holddown
         res = kb.do_remote()
-        assert kb.last_error is not None
+        assert kb.ignore_errors_until is not None
         assert res == False
 
         # wait until holddown
-        time.sleep(error_holddown + 1)
+        time.sleep(ignore_errors_period + 1)
 
         # try again
         kb.source = source_good
