Repository: cxf-fediz Updated Branches: refs/heads/master abc084f03 -> 019cba632
Fixing token expiration logic Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6112d1a0 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6112d1a0 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6112d1a0 Branch: refs/heads/master Commit: 6112d1a0f882acb9f94ab619df9928750b158287 Parents: abc084f Author: Colm O hEigeartaigh <[email protected]> Authored: Mon Nov 28 14:58:26 2016 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Mon Nov 28 14:58:26 2016 +0000 ---------------------------------------------------------------------- .../idp/beans/IdpTokenExpiredAction.java | 20 +++++++++----------- .../service/idp/beans/wsfed/WfreshParser.java | 9 ++++++--- 2 files changed, 15 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6112d1a0/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/IdpTokenExpiredAction.java ---------------------------------------------------------------------- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/IdpTokenExpiredAction.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/IdpTokenExpiredAction.java index 2ea9a7d..cbe4ee8 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/IdpTokenExpiredAction.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/IdpTokenExpiredAction.java @@ -38,17 +38,15 @@ public class IdpTokenExpiredAction { public boolean isTokenExpired(String homeRealm, RequestContext context) throws Exception { - if (tokenExpirationValidation) { - SecurityToken idpToken = - (SecurityToken) WebUtils.getAttributeFromExternalContext(context, homeRealm); - if (idpToken == null) { - return true; - } - - if (idpToken.isExpired()) { - LOG.info("[IDP_TOKEN=" + idpToken.getId() + "] is expired."); - return true; - } + SecurityToken idpToken = + (SecurityToken) WebUtils.getAttributeFromExternalContext(context, homeRealm); + if (idpToken == null) { + return true; + } + + if (tokenExpirationValidation && idpToken.isExpired()) { + LOG.info("[IDP_TOKEN=" + idpToken.getId() + "] is expired."); + return true; } return false; http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6112d1a0/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java ---------------------------------------------------------------------- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java index 1a11873..148d24b 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java @@ -38,6 +38,12 @@ public class WfreshParser { public boolean authenticationRequired(String wfresh, String whr, RequestContext context) throws Exception { + SecurityToken idpToken = + (SecurityToken) WebUtils.getAttributeFromExternalContext(context, whr); + if (idpToken == null) { + return true; + } + if (wfresh == null || wfresh.trim().isEmpty()) { return false; } @@ -55,9 +61,6 @@ public class WfreshParser { long ttlMs = ttl * 60L * 1000L; if (ttlMs > 0) { - - SecurityToken idpToken = - (SecurityToken) WebUtils.getAttributeFromExternalContext(context, whr); Date createdDate = idpToken.getCreated(); if (createdDate != null) { Date expiryDate = new Date();
