[
https://issues.apache.org/jira/browse/NIFI-9797?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17506565#comment-17506565
]
Lawrence commented on NIFI-9797:
--------------------------------
whoops, my bad.
Thanks for checking on this. Workarounds are making my client configuration in
keycloak to have an exceptionally long expire time, so not optimal, but more
concerning is anyone who is currently using that AccessToken class could have a
lot of bad things happen.
> AccessToken isExpired broken
> ----------------------------
>
> Key: NIFI-9797
> URL: https://issues.apache.org/jira/browse/NIFI-9797
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.16.0
> Reporter: Lawrence
> Priority: Major
>
> While using a build of the current snapshot (1.16.0) so i could use the new
> StandardOAuth2AccessTokenProvider I ran into an issue with how the
> AccessToken got changed to calculate if the token is expired. This is going
> to break potentially a lot of folks using that AccessToken. It's subtracting
> 5000 seconds from the expiresIn property. I think it was assumed that
> expires_in would be in millis also, but it is not, per OAuth standards:
> [https://datatracker.ietf.org/doc/html/rfc6749#section-4.2.2]
> Here is a link to the PR that got merged where I added a comment ( to little
> to late ).
> [https://github.com/apache/nifi/pull/5319#pullrequestreview-909366668]
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
