[
https://issues.apache.org/jira/browse/KNOX-3038?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17845220#comment-17845220
]
ASF subversion and git services commented on KNOX-3038:
-------------------------------------------------------
Commit f7fcc7a79e3699470ebfd51237310e7072dba398 in knox's branch
refs/heads/master from Sandor Molnar
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=f7fcc7a79 ]
KNOX-3038 - The expires_in field in OAuthResource response returns the
configured token TTL. (#907)
Additionally, removed the override of the getExpiry() method because in the
database the meaning of expiration time must remain the same as in the parent
class.
> OAuth resource tokens are short-lived
> -------------------------------------
>
> Key: KNOX-3038
> URL: https://issues.apache.org/jira/browse/KNOX-3038
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 2.1.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Blocker
> Fix For: 2.1.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> The tokens generated using the new OAuth resource (see KNOX-3028 for details)
> have their expiration time in a format that indicates the time (in
> milliseconds) from the epoch. This is wrong because the reaper thread will
> eliminate them as soon as the next time it's triggered.
> It's also important to emphasize, that tokens generated on the path need some
> sort of indication of this value in the response.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
