private void waitUntilExpired(@NotNull TokenInfo info) { long now = System.currentTimeMillis(); while (!info.isExpired(now)) { now = waitForSystemTimeIncrement(now); } }
private void waitUntilExpired(@NotNull TokenInfo info) { long now = System.currentTimeMillis(); while (!info.isExpired(now)) { now = waitForSystemTimeIncrement(now); } }
private boolean validateCredentials(TokenCredentials tokenCredentials) { // credentials without userID -> check if attributes provide // sufficient information for successful authentication. String token = tokenCredentials.getToken(); tokenInfo = tokenProvider.getTokenInfo(token); if (tokenInfo == null) { log.debug("No valid TokenInfo for token."); return false; } long loginTime = new Date().getTime(); if (tokenInfo.isExpired(loginTime)) { // token is expired log.debug("Token is expired"); tokenInfo.remove(); return false; } if (tokenInfo.matches(tokenCredentials)) { tokenInfo.resetExpiration(loginTime); return true; } return false; } }
if (tokenInfo.isExpired(loginTime)) {
if (tokenInfo.isExpired(loginTime)) {
@Test public void testIsExpired() { long loginTime = new Date().getTime(); TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); assertFalse(info.isExpired(loginTime)); loginTime = new Date().getTime() + 3600000; assertFalse(info.isExpired(loginTime)); long expiredTime = new Date().getTime() + 7200001; assertTrue(info.isExpired(expiredTime)); }
@Test public void testResetTokenExpirationExpiredToken() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); long expiredTime = new Date().getTime() + 7200001; assertTrue(info.isExpired(expiredTime)); assertFalse(info.resetExpiration(expiredTime)); }
@Test public void testResetTokenExpiration() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); assertFalse(info.resetExpiration(new Date().getTime())); long loginTime = new Date().getTime() + 3600000; assertFalse(info.isExpired(loginTime)); assertTrue(info.resetExpiration(loginTime)); } }
@Test public void testAuthenticateExpiredTokenMock() throws Exception { TokenCredentials tc = new TokenCredentials("token"); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { auth.authenticate(tc); fail("LoginException expected"); } catch (LoginException e) { // success } Mockito.verify(ti, Mockito.never()).matches(Mockito.any()); Mockito.verify(ti, Mockito.never()).resetExpiration(Mockito.anyLong()); } }
@Test public void testAuthenticateRefreshToken() throws Exception { TokenCredentials tc = new TokenCredentials("token"); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false); Mockito.when(ti.matches(tc)).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { assertTrue(auth.authenticate(tc)); Mockito.verify(ti).resetExpiration(Mockito.anyLong()); } catch (LoginException e) { fail(e.getMessage()); } }
@Test public void testAuthenticateSkipRefreshToken() throws Exception { TokenCredentials tc = new TokenCredentials("token"); tc.setAttribute(TokenConstants.TOKEN_SKIP_REFRESH, ""); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false); Mockito.when(ti.matches(tc)).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { assertTrue(auth.authenticate(tc)); Mockito.verify(ti, Mockito.never()).resetExpiration(Mockito.anyLong()); } catch (LoginException e) { fail(e.getMessage()); } }
private static void assertTokenInfo(TokenInfo info, String userId) { assertNotNull(info); assertNotNull(info.getToken()); assertEquals(userId, info.getUserId()); assertFalse(info.isExpired(new Date().getTime())); }