Querying Authlog with a maxtime of > now-2 minutes may lead to inconsistent behavior

[csanders-git]

Documentation says

There is an intentional two minute delay in availability of new authentications in the API response. Duo operates a large scale distributed system, and this two minute buffer period ensures that calls will return consistent results. Querying for results more recent than two minutes will return as empty.

However, maxtime is set by default to now. (see

duo_client_python/duo_client/admin.py

Line 448 in 7c5b115

params['maxtime'] = int(time.time()) * 1000

). Given this, it is quite possible that depending on refresh intervals the user will receive an empty list, when in fact results would be expected.

PR will appear as follows:

        # Querying for results more recent than two minutes will return as empty.
        if 'maxtime' not in params:
            params['maxtime'] = int(time.time() - 120) * 1000