github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Always set access token exp claim 

It follows RFC https://datatracker.ietf.org/doc/html/rfc9068
Bumped MitreID version 1.3.6.cnaf-20230914
pull/1611/head
Federica Agostini 2023-09-07 18:24:05 +02:00 committed by Enrico Vianello
parent 521019fed8
commit 20a9ed1a1a
5 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openid-connect-client/pom.xml
View File

@ -22,7 +22,7 @@
<parent>
<artifactId>openid-connect-parent</artifactId>
<groupId>org.mitre</groupId>
<version>1.3.6.cnaf-20230726</version>
<version>1.3.6.cnaf-20230914</version>
<relativePath>..</relativePath>
</parent>
<artifactId>openid-connect-client</artifactId>

2
openid-connect-common/pom.xml
View File

@ -22,7 +22,7 @@
<parent>
<artifactId>openid-connect-parent</artifactId>
<groupId>org.mitre</groupId>
<version>1.3.6.cnaf-20230726</version>
<version>1.3.6.cnaf-20230914</version>
<relativePath>..</relativePath>
</parent>
<artifactId>openid-connect-common</artifactId>

2
openid-connect-server/pom.xml
View File

@ -23,7 +23,7 @@
<parent>
<groupId>org.mitre</groupId>
<artifactId>openid-connect-parent</artifactId>
<version>1.3.6.cnaf-20230726</version>
<version>1.3.6.cnaf-20230914</version>
<relativePath>..</relativePath>
</parent>
<build>

8
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
View File

@ -219,12 +219,14 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
token.setScope(scopeService.toStrings(scopes));
// make it expire if necessary
if (client.getAccessTokenValiditySeconds() != null
&& client.getAccessTokenValiditySeconds() > 0) {
// make it always expire
if (client.getAccessTokenValiditySeconds() != null && client.getAccessTokenValiditySeconds() > 0) {
Date expiration =
new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
token.setExpiration(expiration);
} else {
token.setExpiration(new Date(System.currentTimeMillis()));
}
// attach the authorization so that we can look it up later

2
pom.xml
View File

@ -20,7 +20,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.mitre</groupId>
<artifactId>openid-connect-parent</artifactId>
<version>1.3.6.cnaf-20230726</version>
<version>1.3.6.cnaf-20230914</version>
<name>MITREid Connect</name>
<packaging>pom</packaging>
<parent>