@Override public byte[] retrievePassword(AuthenticationTokenIdentifier identifier) throws InvalidToken { long now = System.currentTimeMillis(); if (identifier.getExpirationDate() < now) { throw new InvalidToken("Token has expired"); } if (identifier.getIssueDate() > now) { throw new InvalidToken("Token issued in the future"); } AuthenticationKey masterKey = allKeys.get(identifier.getKeyId()); if (masterKey == null) { throw new InvalidToken("Unknown master key for token (id=" + identifier.getKeyId() + ")"); } // regenerate the password return createPassword(identifier.getBytes(), masterKey.getKey()); }
if (requestedExpirationDate > identifier.getExpirationDate()) { throw new RuntimeException("Requested token lifetime exceeds configured maximum"); log.trace("Overriding token expiration date from {} to {}", identifier.getExpirationDate(), requestedExpirationDate); identifier.setExpirationDate(requestedExpirationDate);