[knox] branch master updated: KNOX-2862 - Setup idle timeout for SSO cookie to 15 minutes (#714)

[am...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

amagyar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git


The following commit(s) were added to refs/heads/master by this push:
     new 642b224b1 KNOX-2862 - Setup idle timeout for SSO cookie to 15 minutes (#714)
642b224b1 is described below

commit 642b224b1de74c3b7f0fbea28cc4b4f1bf826f6d
Author: Attila Magyar <m....@gmail.com>
AuthorDate: Wed Jan 18 10:31:30 2023 +0100

    KNOX-2862 - Setup idle timeout for SSO cookie to 15 minutes (#714)
---
 .../org/apache/knox/gateway/service/knoxsso/WebSSOResource.java    | 2 +-
 .../apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java    | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java
index 6f14bd219..afbca9289 100644
--- a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java
+++ b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java
@@ -95,7 +95,7 @@ public class WebSSOResource {
   private static final String ORIGINAL_URL_COOKIE_NAME = "original-url";
   private static final String DEFAULT_SSO_COOKIE_NAME = "hadoop-jwt";
   private static final String SSO_COOKIE_SAMESITE_DEFAULT = "Strict";
-  private static final long TOKEN_TTL_DEFAULT = 30000L;
+  public static final long TOKEN_TTL_DEFAULT = 15000 * 60;
   static final String RESOURCE_PATH = "/api/v1/websso";
   private String cookieName;
   private boolean secureOnly = true;
diff --git a/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java b/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java
index 5f6389e09..1d8940b41 100644
--- a/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java
+++ b/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java
@@ -17,6 +17,7 @@
  */
 package org.apache.knox.gateway.service.knoxsso;
 
+import static org.apache.knox.gateway.service.knoxsso.WebSSOResource.TOKEN_TTL_DEFAULT;
 import static org.apache.knox.gateway.services.GatewayServices.GATEWAY_CLUSTER_ATTRIBUTE;
 import static org.easymock.EasyMock.anyObject;
 import static org.easymock.EasyMock.anyString;
@@ -326,7 +327,7 @@ public class WebSSOResourceTest {
     Date expiresDate = parsedToken.getExpiresDate();
     Date now = new Date();
     assertTrue(expiresDate.after(now));
-    assertTrue((expiresDate.getTime() - now.getTime()) < 30000L);
+    assertTrue((expiresDate.getTime() - now.getTime()) < TOKEN_TTL_DEFAULT);
   }
 
   @Test
@@ -381,7 +382,7 @@ public class WebSSOResourceTest {
     Date expiresDate = parsedToken.getExpiresDate();
     Date now = new Date();
     assertTrue(expiresDate.after(now));
-    assertTrue((expiresDate.getTime() - now.getTime()) < 30000L);
+    assertTrue((expiresDate.getTime() - now.getTime()) < TOKEN_TTL_DEFAULT);
   }
 
   @Test
@@ -463,7 +464,7 @@ public class WebSSOResourceTest {
     Date expiresDate = parsedToken.getExpiresDate();
     Date now = new Date();
     assertTrue(expiresDate.after(now));
-    assertTrue((expiresDate.getTime() - now.getTime()) < 30000L);
+    assertTrue((expiresDate.getTime() - now.getTime()) < TOKEN_TTL_DEFAULT);
   }
 
   @Test