You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by GitBox <gi...@apache.org> on 2022/03/14 20:39:16 UTC
[GitHub] [nifi] lawrencegrass commented on a change in pull request #5319: NIFI-9065 Add support for OAuth2AccessTokenProvider in InvokeHTTP.
lawrencegrass commented on a change in pull request #5319:
URL: https://github.com/apache/nifi/pull/5319#discussion_r826357634
##########
File path: nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-api/src/main/java/org/apache/nifi/oauth2/AccessToken.java
##########
@@ -17,53 +17,80 @@
package org.apache.nifi.oauth2;
+import java.time.Duration;
+import java.time.Instant;
+
public class AccessToken {
private String accessToken;
private String refreshToken;
private String tokenType;
- private Integer expires;
- private String scope;
+ private long expiresIn;
+ private String scopes;
+
+ private final Instant fetchTime;
- private Long fetchTime;
+ public static final int EXPIRY_MARGIN = 5000;
- public AccessToken(String accessToken,
- String refreshToken,
- String tokenType,
- Integer expires,
- String scope) {
+ public AccessToken() {
+ this.fetchTime = Instant.now();
+ }
+
+ public AccessToken(String accessToken, String refreshToken, String tokenType, long expiresIn, String scopes) {
+ this();
this.accessToken = accessToken;
- this.tokenType = tokenType;
this.refreshToken = refreshToken;
- this.expires = expires;
- this.scope = scope;
- this.fetchTime = System.currentTimeMillis();
+ this.tokenType = tokenType;
+ this.expiresIn = expiresIn;
+ this.scopes = scopes;
}
public String getAccessToken() {
return accessToken;
}
+ public void setAccessToken(String accessToken) {
+ this.accessToken = accessToken;
+ }
+
public String getRefreshToken() {
return refreshToken;
}
+ public void setRefreshToken(String refreshToken) {
+ this.refreshToken = refreshToken;
+ }
+
public String getTokenType() {
return tokenType;
}
- public Integer getExpires() {
- return expires;
+ public void setTokenType(String tokenType) {
+ this.tokenType = tokenType;
+ }
+
+ public long getExpiresIn() {
+ return expiresIn;
}
- public String getScope() {
- return scope;
+ public void setExpiresIn(long expiresIn) {
+ this.expiresIn = expiresIn;
}
- public Long getFetchTime() {
+ public String getScopes() {
+ return scopes;
+ }
+
+ public void setScopes(String scopes) {
+ this.scopes = scopes;
+ }
+
+ public Instant getFetchTime() {
return fetchTime;
}
public boolean isExpired() {
- return System.currentTimeMillis() >= ( fetchTime + (expires * 1000) );
+ boolean expired = Duration.between(Instant.now(), fetchTime.plusSeconds(expiresIn - EXPIRY_MARGIN)).isNegative();
Review comment:
expiresIn needs to be multiplied by 1000, or EXPIRY_MARGIN needs to be set to 5. Per OAuth standards the expires_in is in seconds. I've confirmed (using keycloak) that setting my token expiration to 5 minutes gets converted to 300 seconds and then on this step has 5000 subtracted from it. Which of course expires my non expired token.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org