Repository: cxf Updated Branches: refs/heads/3.1.x-fixes deea74014 -> ea2453e13
Fixed a bug with the expiry of refresh tokens with the EhCache provider Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ea2453e1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ea2453e1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ea2453e1 Branch: refs/heads/3.1.x-fixes Commit: ea2453e13f37be5e86fa4c07c110a69a32e47aae Parents: deea740 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Wed Nov 25 16:07:45 2015 +0000 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Wed Nov 25 16:08:57 2015 +0000 ---------------------------------------------------------------------- .../cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java | 2 +- .../java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/ea2453e1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java index 8eba936..d40d668 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java @@ -32,7 +32,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; public abstract class AbstractOAuthDataProvider implements OAuthDataProvider { private long accessTokenLifetime = 3600L; - private long refreshTokenLifetime = -1; + private long refreshTokenLifetime; // refresh tokens are eternal by default protected AbstractOAuthDataProvider() { } http://git-wip-us.apache.org/repos/asf/cxf/blob/ea2453e1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java index 74270a3..7722d7a 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java @@ -183,7 +183,7 @@ public final class OAuthUtils { } public static boolean isExpired(Long issuedAt, Long lifetime) { - return lifetime != -1 + return lifetime != 0L && issuedAt + lifetime < System.currentTimeMillis() / 1000; }
