This is an automated email from the ASF dual-hosted git repository.
smolnar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new 9b9b4ea KNOX-2383 - Checking token expiration in cache should not
depend on the validate flag (#341)
9b9b4ea is described below
commit 9b9b4ead5bcd1b40ec9c6efd36d78297857dc6bb
Author: Sandor Molnar <[email protected]>
AuthorDate: Tue Jun 9 20:57:29 2020 +0200
KNOX-2383 - Checking token expiration in cache should not depend on the
validate flag (#341)
---
.../token/impl/AliasBasedTokenStateService.java | 19 +++++++------------
.../token/impl/AliasBasedTokenStateServiceTest.java | 6 +++---
2 files changed, 10 insertions(+), 15 deletions(-)
diff --git
a/gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/AliasBasedTokenStateService.java
b/gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/AliasBasedTokenStateService.java
index 756deca..4f2e18c 100644
---
a/gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/AliasBasedTokenStateService.java
+++
b/gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/AliasBasedTokenStateService.java
@@ -166,24 +166,19 @@ public class AliasBasedTokenStateService extends
DefaultTokenStateService {
@Override
public long getTokenExpiration(String tokenId, boolean validate) throws
UnknownTokenException {
- long expiration = 0;
-
- if (!validate) {
- // If validation is not required, then check the in-memory collection
first
- try {
- expiration = super.getTokenExpiration(tokenId, validate);
- return expiration;
- } catch (UnknownTokenException e) {
- // It's not in memory
- }
+ // Check the in-memory collection first and return immediately if
associated record found there
+ try {
+ return super.getTokenExpiration(tokenId, validate);
+ } catch (UnknownTokenException e) {
+ // It's not in memory
}
- // If validating, or there is no associated record in the in-memory
collection, proceed to check the alias service
-
if (validate) {
validateToken(tokenId);
}
+ // If there is no associated record in the in-memory collection, proceed
to check the alias service
+ long expiration = 0;
try {
char[] expStr =
aliasService.getPasswordFromAliasForCluster(AliasService.NO_CLUSTER_NAME,
tokenId);
if (expStr != null) {
diff --git
a/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/AliasBasedTokenStateServiceTest.java
b/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/AliasBasedTokenStateServiceTest.java
index 8254843..cd4d063 100644
---
a/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/AliasBasedTokenStateServiceTest.java
+++
b/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/AliasBasedTokenStateServiceTest.java
@@ -372,10 +372,10 @@ public class AliasBasedTokenStateServiceTest extends
DefaultTokenStateServiceTes
tss.updateExpiration(tokenId, updatedExpiration);
}
+ //invoking with true/false validation flags as it should not affect if
values are coming from the cache
+ int count = 0;
for (String tokenId : tokenExpirations.keySet()) {
- assertEquals("Expected the cached expiration to have been updated.",
- updatedExpiration,
- tss.getTokenExpiration(tokenId, false));
+ assertEquals("Expected the cached expiration to have been updated.",
updatedExpiration, tss.getTokenExpiration(tokenId, count++ % 2 == 0));
}
} finally {
tss.stop();
