KEYCLOAK-2555 ForbiddenException when importing test realm or creating test user

2016-02-29 10:09:06 +01:00 · 2016-02-29 10:09:06 +01:00 · 24328fdc47
commit 24328fdc47
parent 711e6a54ca
2 changed files with 19 additions and 19 deletions
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
@ -22,6 +22,7 @@ import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
 import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
 import org.keycloak.admin.client.Config;
 import org.keycloak.admin.client.resource.BasicAuthFilter;
+import org.keycloak.common.util.Time;
 import org.keycloak.representations.AccessTokenResponse;

 import javax.ws.rs.BadRequestException;
@ -34,8 +35,11 @@ import java.util.Date;
 */
 public class TokenManager {

+    private static final long DEFAULT_MIN_VALIDITY = 30;
+
    private AccessTokenResponse currentToken;
-    private Date expirationTime;
+    private long expirationTime;
+    private long minTokenValidity = DEFAULT_MIN_VALIDITY;
    private final Config config;
    private final ResteasyClient client;

@ -73,10 +77,11 @@ public class TokenManager {

        TokenService tokenService = target.proxy(TokenService.class);

-        AccessTokenResponse response = tokenService.grantToken(config.getRealm(), form.asMap());
+        int requestTime = Time.currentTime();
+        currentToken = tokenService.grantToken(config.getRealm(), form.asMap());
+        expirationTime = requestTime + currentToken.getExpiresIn();

-        defineCurrentToken(response);
-        return response;
+        return currentToken;
    }

    public AccessTokenResponse refreshToken(){
@ -95,27 +100,22 @@ public class TokenManager {
        TokenService tokenService = target.proxy(TokenService.class);

        try {
-            AccessTokenResponse response = tokenService.refreshToken(config.getRealm(), form.asMap());
-            defineCurrentToken(response);
-            return response;
+            int requestTime = Time.currentTime();
+            currentToken = tokenService.refreshToken(config.getRealm(), form.asMap());
+            expirationTime = requestTime + currentToken.getExpiresIn();
+
+            return currentToken;
        } catch (BadRequestException e) {
            return grantToken();
        }
    }

-    private void setExpirationTime() {
-        Calendar cal = Calendar.getInstance();
-        cal.add(Calendar.SECOND, (int) currentToken.getExpiresIn());
-        expirationTime = cal.getTime();
+    public void setMinTokenValidity(long minTokenValidity) {
+        this.minTokenValidity = minTokenValidity;
    }

    private boolean tokenExpired() {
-        return new Date().after(expirationTime);
-    }
-
-    private void defineCurrentToken(AccessTokenResponse accessTokenResponse){
-        currentToken = accessTokenResponse;
-        setExpirationTime();
+        return (Time.currentTime() + minTokenValidity) >= expirationTime;
    }

 }
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenService.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenService.java
@ -36,10 +36,10 @@ public interface TokenService {

    @POST
    @Path("/realms/{realm}/protocol/openid-connect/token")
-    public AccessTokenResponse grantToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
+    AccessTokenResponse grantToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);

    @POST
    @Path("/realms/{realm}/protocol/openid-connect/token")
-    public AccessTokenResponse refreshToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
+    AccessTokenResponse refreshToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);

 }