You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by kr...@apache.org on 2020/04/11 03:43:31 UTC
[knox] branch master updated: KNOX-2340 - Fix
DefaultTokenStateServiceTest timeouts (#312)
This is an automated email from the ASF dual-hosted git repository.
krisden pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new 0e04e5c KNOX-2340 - Fix DefaultTokenStateServiceTest timeouts (#312)
0e04e5c is described below
commit 0e04e5c005e9cc7d3f0f811633477a5067deb0aa
Author: Kevin Risden <ri...@users.noreply.github.com>
AuthorDate: Fri Apr 10 23:43:23 2020 -0400
KNOX-2340 - Fix DefaultTokenStateServiceTest timeouts (#312)
Fix DefaultTokenStateServiceTest timeouts to be more
reasonable. I used TimeUnit every where to ensure we
are doing things with the correct unit of time.
Previously there were issues where milliseconds and
seconds were being mixed. This caused race conditions
in AliasBasedTokenStateServiceTest which extends
DefaultTokenStateServiceTest.
Signed-off-by: Kevin Risden <kr...@apache.org>
---
.../token/impl/DefaultTokenStateService.java | 2 +-
.../token/impl/DefaultTokenStateServiceTest.java | 44 +++++++++++-----------
2 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/DefaultTokenStateService.java b/gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/DefaultTokenStateService.java
index 575213c..7397a68 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/DefaultTokenStateService.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/token/impl/DefaultTokenStateService.java
@@ -252,7 +252,7 @@ public class DefaultTokenStateService implements TokenStateService {
protected boolean hasRemainingRenewals(final String tokenId, long renewInterval) {
// Is the current time + 30-second buffer + the renewal interval is less than the max lifetime for the token?
- return ((System.currentTimeMillis() + 30000 + renewInterval) < getMaxLifetime(tokenId));
+ return ((System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(30) + renewInterval) < getMaxLifetime(tokenId));
}
protected long getMaxLifetime(final String tokenId) {
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenStateServiceTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenStateServiceTest.java
index e6ad1fc..d7306f2 100644
--- a/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenStateServiceTest.java
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenStateServiceTest.java
@@ -45,7 +45,6 @@ import static org.junit.Assert.fail;
public class DefaultTokenStateServiceTest {
- private static long EVICTION_INTERVAL = 2L;
private static RSAPrivateKey privateKey;
@BeforeClass
@@ -59,7 +58,7 @@ public class DefaultTokenStateServiceTest {
@Test
public void testGetExpiration() throws Exception {
- final JWTToken token = createMockToken(System.currentTimeMillis() + 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(60));
final TokenStateService tss = createTokenStateService();
tss.addToken(token, System.currentTimeMillis());
@@ -81,7 +80,7 @@ public class DefaultTokenStateServiceTest {
@Test(expected = UnknownTokenException.class)
public void testGetExpiration_InvalidToken() throws Exception {
- final JWTToken token = createMockToken(System.currentTimeMillis() + 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(60));
// Expecting an UnknownTokenException because the token is not known to the TokenStateService
createTokenStateService().getTokenExpiration(TokenUtils.getTokenId(token));
@@ -89,7 +88,7 @@ public class DefaultTokenStateServiceTest {
@Test
public void testGetExpiration_AfterRenewal() throws Exception {
- final JWTToken token = createMockToken(System.currentTimeMillis() + 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(60));
final TokenStateService tss = createTokenStateService();
tss.addToken(token, System.currentTimeMillis());
@@ -103,7 +102,7 @@ public class DefaultTokenStateServiceTest {
@Test
public void testIsExpired_Negative() throws Exception {
- final JWTToken token = createMockToken(System.currentTimeMillis() + 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(60));
final TokenStateService tss = createTokenStateService();
tss.addToken(token, System.currentTimeMillis());
@@ -112,7 +111,7 @@ public class DefaultTokenStateServiceTest {
@Test
public void testIsExpired_Positive() throws Exception {
- final JWTToken token = createMockToken(System.currentTimeMillis() - 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() - TimeUnit.SECONDS.toMillis(60));
final TokenStateService tss = createTokenStateService();
tss.addToken(token, System.currentTimeMillis());
@@ -122,7 +121,7 @@ public class DefaultTokenStateServiceTest {
@Test(expected = UnknownTokenException.class)
public void testIsExpired_Revoked() throws Exception {
- final JWTToken token = createMockToken(System.currentTimeMillis() + 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(60));
final TokenStateService tss = createTokenStateService();
tss.addToken(token, System.currentTimeMillis());
@@ -135,7 +134,7 @@ public class DefaultTokenStateServiceTest {
@Test
public void testRenewal() throws Exception {
- final JWTToken token = createMockToken(System.currentTimeMillis() - 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() - TimeUnit.SECONDS.toMillis(60));
final TokenStateService tss = createTokenStateService();
// Add the expired token
@@ -149,13 +148,14 @@ public class DefaultTokenStateServiceTest {
@Test
public void testRenewalBeyondMaxLifetime() throws Exception {
+ long maxLifetimeDuration = TimeUnit.SECONDS.toMillis(5);
long issueTime = System.currentTimeMillis();
- long expiration = issueTime + 5000;
+ long expiration = issueTime + maxLifetimeDuration;
final JWTToken token = createMockToken(expiration);
final TokenStateService tss = createTokenStateService();
// Add the token with a short maximum lifetime
- tss.addToken(TokenUtils.getTokenId(token), issueTime, expiration, 5000L);
+ tss.addToken(TokenUtils.getTokenId(token), issueTime, expiration, maxLifetimeDuration);
try {
// Attempt to renew the token for the default interval, which should exceed the specified short maximum lifetime
@@ -169,10 +169,10 @@ public class DefaultTokenStateServiceTest {
@Test
public void testNegativeTokenEviction() throws InterruptedException, UnknownTokenException {
- final JWTToken token = createMockToken(System.currentTimeMillis() - 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() - TimeUnit.SECONDS.toMillis(60));
final TokenStateService tss = createTokenStateService();
- final long evictionInterval = TimeUnit.SECONDS.toMillis(20);
+ final long evictionInterval = TimeUnit.SECONDS.toMillis(3);
final long maxTokenLifetime = TimeUnit.MINUTES.toMillis(2);
// Add the expired token
@@ -183,7 +183,7 @@ public class DefaultTokenStateServiceTest {
assertTrue("Expected the token to have expired.", tss.isExpired(token));
// Sleep to allow the eviction evaluation to be performed prior to the maximum token lifetime
- Thread.sleep(evictionInterval + 5); // No grace period configured
+ Thread.sleep(evictionInterval + (evictionInterval / 2));
// Renewal should succeed because there is sufficient time until max lifetime is exceeded
tss.renewToken(token, TimeUnit.SECONDS.toMillis(10));
@@ -192,11 +192,11 @@ public class DefaultTokenStateServiceTest {
@Test
public void testTokenEviction() throws InterruptedException, ServiceLifecycleException, UnknownTokenException {
- final JWTToken token = createMockToken(System.currentTimeMillis() - 60000);
+ final JWTToken token = createMockToken(System.currentTimeMillis() - TimeUnit.SECONDS.toMillis(60));
final TokenStateService tss = createTokenStateService();
- final long evictionInterval = TimeUnit.SECONDS.toMillis(30);
- final long maxTokenLifetime = evictionInterval - 10;
+ final long evictionInterval = TimeUnit.SECONDS.toMillis(3);
+ final long maxTokenLifetime = evictionInterval / 2;
try {
tss.start();
@@ -208,7 +208,7 @@ public class DefaultTokenStateServiceTest {
assertTrue("Expected the token to have expired.", tss.isExpired(token));
// Sleep to allow the eviction evaluation to be performed
- Thread.sleep(evictionInterval + 10);
+ Thread.sleep(evictionInterval + (evictionInterval / 2));
// Expect the renew call to fail since the token should have been evicted
final UnknownTokenException e = assertThrows(UnknownTokenException.class, () -> tss.renewToken(token));
@@ -220,7 +220,7 @@ public class DefaultTokenStateServiceTest {
@Test
public void testTokenPermissiveness() throws UnknownTokenException {
- final long expiry = System.currentTimeMillis() + 300000;
+ final long expiry = System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(300);
final JWT token = getJWTToken(expiry);
TokenStateService tss = new DefaultTokenStateService();
try {
@@ -228,7 +228,8 @@ public class DefaultTokenStateServiceTest {
} catch (ServiceLifecycleException e) {
fail("Error creating TokenStateService: " + e.getMessage());
}
- assertEquals(expiry/1000, tss.getTokenExpiration(token)/1000);
+ assertEquals(TimeUnit.MILLISECONDS.toSeconds(expiry),
+ TimeUnit.MILLISECONDS.toSeconds(tss.getTokenExpiration(token)));
}
@Test(expected = UnknownTokenException.class)
@@ -260,8 +261,8 @@ public class DefaultTokenStateServiceTest {
protected static GatewayConfig createMockGatewayConfig(boolean tokenPermissiveness) {
GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
- /* configure token eviction time to be 5 secs for test */
- EasyMock.expect(config.getKnoxTokenEvictionInterval()).andReturn(EVICTION_INTERVAL).anyTimes();
+ /* configure token eviction time to be 2 secs for test */
+ EasyMock.expect(config.getKnoxTokenEvictionInterval()).andReturn(2L).anyTimes();
EasyMock.expect(config.getKnoxTokenEvictionGracePeriod()).andReturn(0L).anyTimes();
EasyMock.expect(config.isKnoxTokenPermissiveValidationEnabled()).andReturn(tokenPermissiveness).anyTimes();
EasyMock.replay(config);
@@ -298,5 +299,4 @@ public class DefaultTokenStateServiceTest {
token.sign(signer);
return token;
}
-
}