inteligr8/common-rest-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

better oauth token expiration handling

Browse Source
This commit is contained in:
Brian Long 2023-06-12 17:16:03 -04:00
parent 44e82b3a6b
commit f84279a148
1 changed files with 29 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java
View File

@ -48,6 +48,7 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
private String accessToken; private String accessToken;
private long expiration; private long expiration;
private String refreshToken; private String refreshToken;
private Long refreshTokenExpiration;
/** /**
* This constructor creates an OAuth-based authorization filter using the * This constructor creates an OAuth-based authorization filter using the
@ -99,8 +100,29 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
*/ */
@Override @Override
public void filter(ClientRequestContext requestContext) { public void filter(ClientRequestContext requestContext) {
if (this.accessToken == null || System.currentTimeMillis() > this.expiration) if (this.accessToken == null) {
this.requestToken(); this.requestToken();
} else if (System.currentTimeMillis() >= this.expiration) {
this.logger.trace("Access token expired; retrieving new one with refresh token");
if (this.refreshTokenExpiration != null && System.currentTimeMillis() >= this.refreshTokenExpiration.longValue()) {
this.logger.debug("Refresh token expired; performing full authentication");
this.refreshToken = null;
this.requestToken();
} else {
try {
this.requestToken();
} catch (WebApplicationException wae) {
if (wae.getResponse().getStatusInfo().getFamily() == Family.CLIENT_ERROR) {
this.logger.debug("Received OAuth response {} using refresh token; performing full authentication", wae.getResponse().getStatus());
this.refreshToken = null;
this.requestToken();
} else {
throw wae;
}
}
}
}
requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, "Bearer " + this.accessToken); requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, "Bearer " + this.accessToken);
} }
@ -140,6 +162,8 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
.build(); .build();
WebTarget target = client.target(this.tokenUrl); WebTarget target = client.target(this.tokenUrl);
long requestSendTime = System.currentTimeMillis();
Response response = target.request().post(entity); Response response = target.request().post(entity);
this.logger.debug("Received OAuth response: {}", response.getStatus()); this.logger.debug("Received OAuth response: {}", response.getStatus());
@ -160,8 +184,10 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
} }
this.accessToken = (String)responseMap.get("access_token"); this.accessToken = (String)responseMap.get("access_token");
this.expiration = System.currentTimeMillis() + ((Number)responseMap.get("expires_in")).longValue() * 1000L; this.expiration = requestSendTime + ((Number)responseMap.get("expires_in")).longValue() * 1000L;
this.refreshToken = (String)responseMap.get("refresh_token"); this.refreshToken = (String)responseMap.get("refresh_token");
if (responseMap.containsKey("refresh_token_expires_in"))
this.refreshTokenExpiration = requestSendTime + ((Number)responseMap.get("refresh_token_expires_in")).longValue() * 1000L;
} }
protected Form createRefreshForm() { protected Form createRefreshForm() {