From 099211593c09d109af30229be0c0ad7a7bccceee Mon Sep 17 00:00:00 2001 From: strangeweaver Date: Thu, 4 Feb 2016 17:44:25 +0000 Subject: [PATCH] Fix high load performance issue in token expiration task --- .../repository/OAuth2TokenRepository.java | 20 +++++++++++++++++++ .../impl/JpaOAuth2TokenRepository.java | 4 ++-- .../DefaultOAuth2ProviderTokenService.java | 4 ---- 3 files changed, 22 insertions(+), 6 deletions(-) diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java index 79f167c51..5afc5def3 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java @@ -61,8 +61,28 @@ public interface OAuth2TokenRepository { public Set getAccessTokensForResourceSet(ResourceSet rs); + /** + * removes duplicate access tokens. + * + * @deprecated this method was added to return the remove duplicate access tokens values + * so that {code removeAccessToken(OAuth2AccessTokenEntity o)} would not to fail. the + * removeAccessToken method has been updated so as it will not fail in the event that an + * accessToken has been duplicated, so this method is unnecessary. + * + */ + @Deprecated public void clearDuplicateAccessTokens(); + /** + * removes duplicate refresh tokens. + * + * @deprecated this method was added to return the remove duplicate refresh token value + * so that {code removeRefreshToken(OAuth2RefreshTokenEntity o)} would not to fail. the + * removeRefreshToken method has been updated so as it will not fail in the event that + * refreshToken has been duplicated, so this method is unnecessary. + * + */ + @Deprecated public void clearDuplicateRefreshTokens(); public List getAccessTokensForApprovedSite(ApprovedSite approvedSite); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java index eb30cbe45..d10480e16 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java @@ -95,7 +95,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override @Transactional(value="defaultTransactionManager") public void removeAccessToken(OAuth2AccessTokenEntity accessToken) { - OAuth2AccessTokenEntity found = getAccessTokenByValue(accessToken.getValue()); + OAuth2AccessTokenEntity found = getAccessTokenById(accessToken.getId()); if (found != null) { manager.remove(found); } else { @@ -140,7 +140,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override @Transactional(value="defaultTransactionManager") public void removeRefreshToken(OAuth2RefreshTokenEntity refreshToken) { - OAuth2RefreshTokenEntity found = getRefreshTokenByValue(refreshToken.getValue()); + OAuth2RefreshTokenEntity found = getRefreshTokenById(refreshToken.getId()); if (found != null) { manager.remove(found); } else { diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java index b35871218..8bfcd970b 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java @@ -489,10 +489,6 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi @Override public void clearExpiredTokens() { logger.debug("Cleaning out all expired tokens"); - - // get all the duplicated tokens first to maintain consistency - tokenRepository.clearDuplicateAccessTokens(); - tokenRepository.clearDuplicateRefreshTokens(); Collection accessTokens = getExpiredAccessTokens(); if (accessTokens.size() > 0) {