Bug Description
Since mysql only stores timestamps with an accuracy of seconds rather than microseconds, doing comparisons of token expiration times will fail and tokens will not show up as being revoked.
A breakpoint in keystone/contrib/revoke/model.py, is_revoked():
mysql:
(Pdb) p self.revoke_map
{'trust_id=*': {'consumer_id=*': {'access_token_id=*': {'expires_at=2014-07-22 22:55:53': {'domain_id=*': {'project_id=*': {u'user_id=949c28307de74cafb4ab07c6ada75d6c': {'role_id=*': {'issued_before': datetime.datetime(2014, 7, 22, 21, 55, 59, 610579)}}}}}}}}}
DB2:
(Pdb) p self.revoke_map
{'trust_id=*': {'consumer_id=*': {'access_token_id=*': {'expires_at=2014-07-22 22:58:44.322976': {'domain_id=*': {'project_id=*': {u'user_id=c4ed3fa9ee5f4e02b580389400a817e0': {'role_id=*': {'issued_before': datetime.datetime(2014, 7, 22, 21, 58, 49, 390556)}}}}}}}}}
This is in add_event in model.py:
mysql:
(Pdb) event.expires_at
datetime.datetime(2014, 7, 22, 23, 28, 2)
db2:
(Pdb) event.expires_at
datetime.datetime(2014, 7, 22, 23, 22, 40, 481090)