cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject [02/21] cxf git commit: Supporting a case where the token introspection response does not contain the issuedAt property, patch from fjollberg applied, This closes #130
Date Fri, 22 Apr 2016 02:13:10 GMT
Supporting a case where the token introspection response does not contain the issuedAt property,
patch from fjollberg applied, This closes #130


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/66606fed
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/66606fed
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/66606fed

Branch: refs/heads/master-jaxrs-2.1
Commit: 66606fed2b8566799b23c85943357f7d68a45062
Parents: 27824e1
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Apr 19 10:56:58 2016 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Apr 19 10:58:22 2016 +0100

----------------------------------------------------------------------
 .../security/oauth2/filters/AccessTokenIntrospectionClient.java | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/66606fed/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
index 679aafa..39ddcfe 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenIntrospectionClient.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.rs.security.oauth2.filters;
 
 import java.util.Collections;
+import java.util.Date;
 import java.util.LinkedList;
 import java.util.List;
 
@@ -68,9 +69,11 @@ public class AccessTokenIntrospectionClient implements AccessTokenValidator
{
         }
         if (response.getIat() != null) {
             atv.setTokenIssuedAt(response.getIat());
+        } else {
+            atv.setTokenIssuedAt(new Date().getTime());
         }
         if (response.getExp() != null) {
-            atv.setTokenLifetime(response.getExp() - response.getIat());
+            atv.setTokenLifetime(response.getExp() - atv.getTokenIssuedAt());
         }
         if (!StringUtils.isEmpty(response.getAud())) {
             atv.setAudiences(response.getAud());


Mime
View raw message