Skip to content

tokenExpired condition wrong for PasswordOAuth2AuthorizedClientProvider #7585

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
janzyka opened this issue Oct 30, 2019 · 3 comments
Closed

tokenExpired condition wrong for PasswordOAuth2AuthorizedClientProvider #7585

janzyka opened this issue Oct 30, 2019 · 3 comments
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue

Comments

@janzyka
Copy link

janzyka commented Oct 30, 2019

Summary

Condition to check whether token is about to expire is wrong in PasswordOAuth2AuthorizedClientProvider

Actual Behavior

When token will expire in skew the client won't be re-authorized

Expected Behavior

Token will be attempted to reauthorize if only skew time is left for token to expire

Configuration

There is plus/minus mistake

private boolean hasTokenExpired(AbstractOAuth2Token token) {
        return token.getExpiresAt().isBefore(Instant.now(this.clock).minus(this.clockSkew));
    }

Should become

private boolean hasTokenExpired(AbstractOAuth2Token token) {
        return token.getExpiresAt().isBefore(Instant.now(this.clock).plus(this.clockSkew));
    }

Version

5.2

Sample
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Oct 30, 2019
@rwinch
Copy link
Member

rwinch commented Oct 30, 2019

Thanks for the report. I believe this is a duplicate of gh-7511 which has been fixed in master via 1c53a78 Can you confirm @janzyka ?

cc @jgrandja

@rwinch rwinch added status: waiting-for-feedback We need additional information before we can continue and removed status: waiting-for-triage An issue we've not yet triaged labels Oct 30, 2019
@janzyka
Copy link
Author

janzyka commented Oct 30, 2019

Oh crap, sorry to add extra work. It's indeed a duplicate.

@janzyka janzyka closed this as completed Oct 30, 2019
@janzyka
Copy link
Author

janzyka commented Oct 30, 2019

@rwinch: maybe not ideal place to ask, but what is your position on the fact that all the classes around that functionality are final? I had to copy paste few classes already just for the sake of fixing small issues like this or tweak the functionality to fit my special use-case.

@jgrandja jgrandja added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue and removed status: waiting-for-feedback We need additional information before we can continue labels Oct 30, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rwinch @janzyka @jgrandja @spring-projects-issues