On Fri, May 7, 2010 at 5:59 PM, Paul Lindner <lind...@inuus.com> wrote:
> I propose that we add expiration methods to the SecurityToken interface. > This is necessary for future OAuth2 compatibility. Here's the proposed > interface: > > /** > * @return the UTC timestamp (in milliseconds) that this token expires or > null if unknown or indeterminate > */ > Long getExpiresAt(); > +1 > > /** > * @return true if the token is no longer valid > */ > boolean isExpired(); > +0 or maybe -0.1 -- is this really necessary? Seems like boilerplate. --j