You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by sn...@apache.org on 2016/08/22 15:00:22 UTC
[18/50] usergrid git commit: Better handle expired JWTs for Apigee
SSO token validation. Fix typos.
Better handle expired JWTs for Apigee SSO token validation. Fix typos.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/81de9645
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/81de9645
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/81de9645
Branch: refs/heads/asf-site
Commit: 81de9645749bd42d8d9f1a3a8bc1f81133619df7
Parents: 69625af
Author: Michael Russo <mr...@apigee.com>
Authored: Tue Aug 2 14:58:18 2016 -0700
Committer: Michael Russo <mr...@apigee.com>
Committed: Tue Aug 2 14:58:18 2016 -0700
----------------------------------------------------------------------
.../org/apache/usergrid/security/sso/ApigeeSSO2Provider.java | 8 ++++++--
.../usergrid/security/tokens/cassandra/TokenServiceImpl.java | 2 +-
2 files changed, 7 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/81de9645/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java b/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java
index 0165e1d..8ee8e03 100644
--- a/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java
+++ b/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java
@@ -146,7 +146,7 @@ public class ApigeeSSO2Provider implements ExternalSSOProvider {
return properties.getProperty(USERGRID_EXTERNAL_PUBLICKEY_URL);
}
- public Jws<Claims> getClaimsForKeyUrl(String token, PublicKey ssoPublicKey) throws NoSuchAlgorithmException, InvalidKeySpecException, BadTokenException {
+ public Jws<Claims> getClaimsForKeyUrl(String token, PublicKey ssoPublicKey) throws NoSuchAlgorithmException, InvalidKeySpecException, BadTokenException, ExpiredTokenException {
Jws<Claims> claims = null;
if(ssoPublicKey == null){
@@ -171,6 +171,10 @@ public class ApigeeSSO2Provider implements ExternalSSOProvider {
logger.debug("Signature section of Apigee JWT invalid for token: {}", token);
}
throw new BadTokenException("Malformed Apigee JWT");
+ } catch ( ExpiredJwtException e ){
+ final long expiry = Long.valueOf(e.getClaims().get("exp").toString());
+ final long expirationDelta = ((System.currentTimeMillis()/1000) - expiry)*1000;
+ throw new ExpiredTokenException(String.format("Token expired %d milliseconds ago.", expirationDelta ));
}
@@ -193,7 +197,7 @@ public class ApigeeSSO2Provider implements ExternalSSOProvider {
final long expirationDelta = ((System.currentTimeMillis()/1000) - expiry)*1000;
- throw new ExpiredTokenException(String.format("Token expired %d millisecons ago.", expirationDelta ));
+ throw new ExpiredTokenException(String.format("Token expired %d milliseconds ago.", expirationDelta ));
}
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/81de9645/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java b/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
index 4815f9d..6ea6de0 100644
--- a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
+++ b/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
@@ -645,7 +645,7 @@ public class TokenServiceImpl implements TokenService {
long expirationDelta = System.currentTimeMillis() - expires;
if ( expires != Long.MAX_VALUE && expirationDelta > 0 ) {
- throw new ExpiredTokenException( String.format( "Token expired %d millisecons ago.", expirationDelta ) );
+ throw new ExpiredTokenException( String.format( "Token expired %d milliseconds ago.", expirationDelta ) );
}
return uuid;
}