From 804dd13abd8e4c7b2203e5471cbc91b1f586229f Mon Sep 17 00:00:00 2001
From: Guus der Kinderen <guus@goodbytes.nl>
Date: Tue, 5 Apr 2016 15:01:37 +0200
Subject: [PATCH] KEYCLOAK-2731: Improve thread safety of TokenManager This
 commit guards access to the non-final fields of TokenManager by its intrinsic
 lock.

---
 .../admin/client/token/TokenManager.java      | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
index 02056a7e2c..8607065123 100644
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
@@ -52,7 +52,7 @@ public class TokenManager {
         return getAccessToken().getToken();
     }
 
-    public AccessTokenResponse getAccessToken(){
+    public synchronized AccessTokenResponse getAccessToken(){
         if(currentToken == null){
             grantToken();
         }else if(tokenExpired()){
@@ -78,9 +78,10 @@ public class TokenManager {
         TokenService tokenService = target.proxy(TokenService.class);
 
         int requestTime = Time.currentTime();
-        currentToken = tokenService.grantToken(config.getRealm(), form.asMap());
-        expirationTime = requestTime + currentToken.getExpiresIn();
-
+        synchronized (this) {
+            currentToken = tokenService.grantToken( config.getRealm(), form.asMap() );
+            expirationTime = requestTime + currentToken.getExpiresIn();
+        }
         return currentToken;
     }
 
@@ -101,20 +102,22 @@ public class TokenManager {
 
         try {
             int requestTime = Time.currentTime();
-            currentToken = tokenService.refreshToken(config.getRealm(), form.asMap());
-            expirationTime = requestTime + currentToken.getExpiresIn();
 
+            synchronized (this) {
+                currentToken = tokenService.refreshToken( config.getRealm(), form.asMap() );
+                expirationTime = requestTime + currentToken.getExpiresIn();
+            }
             return currentToken;
         } catch (BadRequestException e) {
             return grantToken();
         }
     }
 
-    public void setMinTokenValidity(long minTokenValidity) {
+    public synchronized void setMinTokenValidity(long minTokenValidity) {
         this.minTokenValidity = minTokenValidity;
     }
 
-    private boolean tokenExpired() {
+    private synchronized boolean tokenExpired() {
         return (Time.currentTime() + minTokenValidity) >= expirationTime;
     }