Commit 89d3f616 authored by Davide Zerbetto's avatar Davide Zerbetto
Browse files

Setting an expire date for the OAuth2 hybrid SSO

(cherry picked from commit bb98f18d)
parent 2acde528
...@@ -20,6 +20,8 @@ package it.eng.spagobi.services.oauth2; ...@@ -20,6 +20,8 @@ package it.eng.spagobi.services.oauth2;
import java.net.MalformedURLException; import java.net.MalformedURLException;
import java.net.URL; import java.net.URL;
import java.security.interfaces.RSAPublicKey; import java.security.interfaces.RSAPublicKey;
import java.util.Calendar;
import java.util.Date;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
...@@ -53,6 +55,8 @@ public class Oauth2HybridSsoService extends JWTSsoService { ...@@ -53,6 +55,8 @@ public class Oauth2HybridSsoService extends JWTSsoService {
static private Logger logger = Logger.getLogger(Oauth2HybridSsoService.class); static private Logger logger = Logger.getLogger(Oauth2HybridSsoService.class);
private static int USER_JWT_TOKEN_EXPIRE_HOURS = 10; // JWT token for regular users will expire in 10 HOURS
@Override @Override
public String readUserIdentifier(HttpServletRequest request) { public String readUserIdentifier(HttpServletRequest request) {
HttpSession session = request.getSession(); HttpSession session = request.getSession();
...@@ -70,7 +74,10 @@ public class Oauth2HybridSsoService extends JWTSsoService { ...@@ -70,7 +74,10 @@ public class Oauth2HybridSsoService extends JWTSsoService {
private String accessToken2JWTToken(String accessToken) { private String accessToken2JWTToken(String accessToken) {
String userId = getUserId(accessToken); String userId = getUserId(accessToken);
LogMF.debug(logger, "User id detected from access token [{0}]", userId); LogMF.debug(logger, "User id detected from access token [{0}]", userId);
return JWTSsoService.userId2jwtToken(userId); Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.HOUR, USER_JWT_TOKEN_EXPIRE_HOURS);
Date expiresAt = calendar.getTime();
return JWTSsoService.userId2jwtToken(userId, expiresAt);
} }
private String getUserId(String accessToken) { private String getUserId(String accessToken) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment