syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilgrosso <...@git.apache.org>
Subject [GitHub] syncope issue #70: [SYNCOPE-1301] fixed
Date Thu, 12 Apr 2018 15:12:55 GMT
Github user ilgrosso commented on the issue:

    https://github.com/apache/syncope/pull/70
  
    @IsurangaPerera I don't remember the details, but what I can see from the source three
is that `AccessTokenDataBinderImpl#create` is invoked in two places:
    
    1. https://github.com/apache/syncope/blob/master/core/logic/src/main/java/org/apache/syncope/core/logic/AccessTokenLogic.java#L84
(plain login)
    1. https://github.com/apache/syncope/blob/master/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java#L549
(SAML 2.0 login)
    
    The former provides `replaceExisting` as `false`, the latter as `true`.
    
    From the code in `AccessTokenDataBinderImpl#create` I can see that:
    
    * for plain login, JWT is generated only at first invocation
    * for SAML 2.0 login, JWT is generated at every invocation, and existing JWT is replaced
if existing
    
    Moreover, I cannot recall exactly why the UNIQUE constraint is not imposed to AccessToken's
`owner`.


---

Mime
View raw message