KEYCLOAK-2555 ForbiddenException when importing test realm or creating test user

2016-02-29 10:09:06 +01:00 · 2016-02-29 10:09:06 +01:00 · 24328fdc47
commit 24328fdc47
parent 711e6a54ca
2 changed files with 19 additions and 19 deletions
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
@ -22,6 +22,7 @@ import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
 import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
 import org.keycloak.admin.client.Config;
 import org.keycloak.admin.client.resource.BasicAuthFilter;
 import org.keycloak.common.util.Time;
 import org.keycloak.representations.AccessTokenResponse;
 import javax.ws.rs.BadRequestException;
@ -34,8 +35,11 @@ import java.util.Date;
 */
 public class TokenManager {
    private static final long DEFAULT_MIN_VALIDITY = 30;
    private AccessTokenResponse currentToken;
-    private Date expirationTime;
+    private long expirationTime;
    private long minTokenValidity = DEFAULT_MIN_VALIDITY;
    private final Config config;
    private final ResteasyClient client;
@ -73,10 +77,11 @@ public class TokenManager {
        TokenService tokenService = target.proxy(TokenService.class);
-        AccessTokenResponse response = tokenService.grantToken(config.getRealm(), form.asMap());
+        int requestTime = Time.currentTime();
        currentToken = tokenService.grantToken(config.getRealm(), form.asMap());
        expirationTime = requestTime + currentToken.getExpiresIn();
-        defineCurrentToken(response);
+        return currentToken;
        return response;
    }
    public AccessTokenResponse refreshToken(){
@ -95,27 +100,22 @@ public class TokenManager {
        TokenService tokenService = target.proxy(TokenService.class);
        try {
-            AccessTokenResponse response = tokenService.refreshToken(config.getRealm(), form.asMap());
+            int requestTime = Time.currentTime();
-            defineCurrentToken(response);
+            currentToken = tokenService.refreshToken(config.getRealm(), form.asMap());
-            return response;
+            expirationTime = requestTime + currentToken.getExpiresIn();
            return currentToken;
        } catch (BadRequestException e) {
            return grantToken();
        }
    }
-    private void setExpirationTime() {
+    public void setMinTokenValidity(long minTokenValidity) {
-        Calendar cal = Calendar.getInstance();
+        this.minTokenValidity = minTokenValidity;
        cal.add(Calendar.SECOND, (int) currentToken.getExpiresIn());
        expirationTime = cal.getTime();
    }
    private boolean tokenExpired() {
-        return new Date().after(expirationTime);
+        return (Time.currentTime() + minTokenValidity) >= expirationTime;
    }
    private void defineCurrentToken(AccessTokenResponse accessTokenResponse){
        currentToken = accessTokenResponse;
        setExpirationTime();
    }
 }
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenService.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenService.java
@ -36,10 +36,10 @@ public interface TokenService {
    @POST
    @Path("/realms/{realm}/protocol/openid-connect/token")
-    public AccessTokenResponse grantToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
+    AccessTokenResponse grantToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
    @POST
    @Path("/realms/{realm}/protocol/openid-connect/token")
-    public AccessTokenResponse refreshToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
+    AccessTokenResponse refreshToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
 }