github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Do not expire registration tokens

pull/477/head
Amanda Anganes 2013-07-30 11:33:15 -04:00
parent eadeded09c
commit ad2ace6d74
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
View File

@ -142,11 +142,13 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
Set<String> scopes = Sets.newHashSet(clientAuth.getScope()); Set<String> scopes = Sets.newHashSet(clientAuth.getScope());
token.setScope(scopes); token.setScope(scopes);
// make it expire if necessary // make it expire if necessary - exclude Registration Tokens as these should always be long-lived
if (!scopes.contains(OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE)) {
if (client.getAccessTokenValiditySeconds() != null && client.getAccessTokenValiditySeconds() > 0) { if (client.getAccessTokenValiditySeconds() != null && client.getAccessTokenValiditySeconds() > 0) {
Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L)); Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
token.setExpiration(expiration); token.setExpiration(expiration);
} }
}
// attach the authorization so that we can look it up later // attach the authorization so that we can look it up later
AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity();