diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
index ede1479..02056a7 100644
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenManager.java
@@ -22,6 +22,7 @@ import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget;
import org.keycloak.admin.client.Config;
import org.keycloak.admin.client.resource.BasicAuthFilter;
+import org.keycloak.common.util.Time;
import org.keycloak.representations.AccessTokenResponse;
import javax.ws.rs.BadRequestException;
@@ -34,8 +35,11 @@ import java.util.Date;
*/
public class TokenManager {
+ private static final long DEFAULT_MIN_VALIDITY = 30;
+
private AccessTokenResponse currentToken;
- private Date expirationTime;
+ private long expirationTime;
+ private long minTokenValidity = DEFAULT_MIN_VALIDITY;
private final Config config;
private final ResteasyClient client;
@@ -73,10 +77,11 @@ public class TokenManager {
TokenService tokenService = target.proxy(TokenService.class);
- AccessTokenResponse response = tokenService.grantToken(config.getRealm(), form.asMap());
+ int requestTime = Time.currentTime();
+ currentToken = tokenService.grantToken(config.getRealm(), form.asMap());
+ expirationTime = requestTime + currentToken.getExpiresIn();
- defineCurrentToken(response);
- return response;
+ return currentToken;
}
public AccessTokenResponse refreshToken(){
@@ -95,27 +100,22 @@ public class TokenManager {
TokenService tokenService = target.proxy(TokenService.class);
try {
- AccessTokenResponse response = tokenService.refreshToken(config.getRealm(), form.asMap());
- defineCurrentToken(response);
- return response;
+ int requestTime = Time.currentTime();
+ currentToken = tokenService.refreshToken(config.getRealm(), form.asMap());
+ expirationTime = requestTime + currentToken.getExpiresIn();
+
+ return currentToken;
} catch (BadRequestException e) {
return grantToken();
}
}
- private void setExpirationTime() {
- Calendar cal = Calendar.getInstance();
- cal.add(Calendar.SECOND, (int) currentToken.getExpiresIn());
- expirationTime = cal.getTime();
+ public void setMinTokenValidity(long minTokenValidity) {
+ this.minTokenValidity = minTokenValidity;
}
private boolean tokenExpired() {
- return new Date().after(expirationTime);
- }
-
- private void defineCurrentToken(AccessTokenResponse accessTokenResponse){
- currentToken = accessTokenResponse;
- setExpirationTime();
+ return (Time.currentTime() + minTokenValidity) >= expirationTime;
}
}
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenService.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenService.java
index 6acdc83..0cedec6 100755
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenService.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/token/TokenService.java
@@ -36,10 +36,10 @@ public interface TokenService {
@POST
@Path("/realms/{realm}/protocol/openid-connect/token")
- public AccessTokenResponse grantToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
+ AccessTokenResponse grantToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
@POST
@Path("/realms/{realm}/protocol/openid-connect/token")
- public AccessTokenResponse refreshToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
+ AccessTokenResponse refreshToken(@PathParam("realm") String realm, MultivaluedMap<String, String> map);
}
