From 3d373c4b2b18694b5c20f8376d01da29dd4d363a Mon Sep 17 00:00:00 2001
From: Ignatious Johnson <ijohnson@juniper.net>
Date: Wed, 11 Mar 2015 17:47:42 -0700
Subject: [PATCH] Fetching certificates if there is an eception during
 verification of the singned token.

Change-Id: Id9c4c66048a1878bc077bef25c0ac8636a7dc49c
Closes-Bug: 1413082
---
 src/config/api-server/vnc_auth_keystone.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/config/api-server/vnc_auth_keystone.py b/src/config/api-server/vnc_auth_keystone.py
index b4e15f9c0a5..1fe1e5748dc 100644
--- a/src/config/api-server/vnc_auth_keystone.py
+++ b/src/config/api-server/vnc_auth_keystone.py
@@ -235,8 +235,14 @@ def verify_signed_token(self, user_token):
         try:
             return self._auth_middleware.verify_signed_token(user_token)
         except:
-            return None
-    # end
+            # Retry verify after fetching the certs.
+            try:
+                self._auth_middleware.fetch_signing_cert()
+                self._auth_middleware.fetch_ca_cert()
+                return self._auth_middleware.verify_signed_token(user_token)
+            except:
+                return None
+    # end verify_signed_token
 
     # convert keystone user id to name
     def user_id_to_name(self, id):