@@ -169,13 +169,17 @@ def _format_auth_key(self, keys):
169169 )
170170
171171 def _get_key_arn (self , key ):
172- logging .debug (f'Getting key ARN for { key } )
173172 if key .startswith ('arn:aws:kms:' ):
174173 self .KEY_METADATA [key ] = {
175174 'KeyMetadata' : {'Arn' : key }
176175 }
177176 if key not in self .KEY_METADATA :
178- with self .stats .timer ('kms_describe_key' ):
177+ if self .stats :
178+ with self .stats .timer ('kms_describe_key' ):
179+ self .KEY_METADATA [key ] = self .kms_client .describe_key (
180+ KeyId = '{0}' .format (key )
181+ )
182+ else :
179183 self .KEY_METADATA [key ] = self .kms_client .describe_key (
180184 KeyId = '{0}' .format (key )
181185 )
@@ -261,10 +265,11 @@ def decrypt_token(self, username, token):
261265 except Exception :
262266 raise TokenValidationError ('Authentication error.' )
263267 if token_key not in self .TOKENS :
264- self .stats .incr ('token_cache.miss' )
265- self .stats .gauge ('token_cache.size_at_miss' , len (self .TOKENS ))
266- if len (self .TOKENS ) >= self .token_cache_size :
267- self .stats .incr ('token_cache.eviction' )
268+ if self .stats :
269+ self .stats .incr ('token_cache.miss' )
270+ self .stats .gauge ('token_cache.size_at_miss' , len (self .TOKENS ))
271+ if len (self .TOKENS ) >= token_cache_size :
272+ self .stats .incr ('token_cache.eviction' )
268273
269274 try :
270275 token = base64 .b64decode (token )
@@ -323,7 +328,8 @@ def decrypt_token(self, username, token):
323328 'Authentication error. General error.'
324329 )
325330 else :
326- self .stats .incr ('token_cache.hit' )
331+ if self .stats :
332+ self .stats .incr ('token_cache.hit' )
327333 ret = self .TOKENS [token_key ]
328334 now = datetime .datetime .utcnow ()
329335 try :
0 commit comments