[Amdatu-commits] SVN r2385 - in branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server: . service

Wed, 23 May 2012 05:29:58 -0700 

Author: [email protected]
Date: Wed May 23 14:29:51 2012
New Revision: 2385

Log:
[AMDATU-158] Fixed mismatch in secs/millisecs of nonce timestamp 

Modified:
   
branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server/OAuthNonceStorageProvider.java
   
branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server/service/PluggableOAuthValidator.java

Modified: 
branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server/OAuthNonceStorageProvider.java
==============================================================================
--- 
branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server/OAuthNonceStorageProvider.java
   (original)
+++ 
branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server/OAuthNonceStorageProvider.java
   Wed May 23 14:29:51 2012
@@ -30,7 +30,7 @@
      * is not the same request.
      * 
      * @param timestamp
-     *        The timestamp of the request that contains the nonce
+     *        The timestamp of the request that contains the nonce, expressed 
in seconds
      * @param nonce
      *        The nonce itself
      * @param requestParams
@@ -48,9 +48,9 @@
 
     /**
      * Removes expired nonces. All nonces which have a timestamp that is older 
(smaller: <) then the provided timestamp
-     * are removed.
+     * are removed. The timestamp is expressed in seconds.
      * 
-     * @param timestamp
+     * @param timestamp Timestamp expressed in seconds.
      */
     void removeExpiredNonces(long timestamp);
 }

Modified: 
branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server/service/PluggableOAuthValidator.java
==============================================================================
--- 
branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server/service/PluggableOAuthValidator.java
     (original)
+++ 
branches/amdatu-auth-0.2.2/oauth-server/src/main/java/org/amdatu/auth/oauth/server/service/PluggableOAuthValidator.java
     Wed May 23 14:29:51 2012
@@ -98,8 +98,10 @@
      * Remove usedNonces with timestamps that are too old to be valid.
      */
     private void removeOldNonces(final long currentTimeMsec) {
-        long minTimestamp = currentTimeMsec - m_maxTimestampAgeMsec;
-        m_nonceStore.removeExpiredNonces(minTimestamp);
+        long minTimestampMsec = currentTimeMsec - m_maxTimestampAgeMsec;
+
+        // The minTimestamp is in milliseconds, but the nonce store uses 
seconds!
+        m_nonceStore.removeExpiredNonces(minTimestampMsec / 1000);
     }
 
     /**
_______________________________________________
Amdatu-commits mailing list
[email protected]
http://lists.amdatu.org/mailman/listinfo/amdatu-commits

Reply via email to