Merge pull request #484 from Megala21/fix

Fixing race conditions in refresh token generation
8 years ago · c9fae3dba2
parent bb1435e273 600e2529bd
commit c9fae3dba2
2 changed files with 6 additions and 4 deletions
--- a/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java
+++ b/components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/authorization/client/OAuthRequestInterceptor.java
@ -96,7 +96,7 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
            tokenInfo = tokenIssuerService.getToken(PASSWORD_GRANT_TYPE, username, password);
            tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
        }
-        synchronized(tokenInfo) {
+        synchronized(this) {
            if (System.currentTimeMillis() + refreshTimeOffset > tokenInfo.getExpires_in()) {
                tokenInfo = tokenIssuerService.getToken(REFRESH_GRANT_TYPE, tokenInfo.getRefresh_token());
                tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
--- a/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
+++ b/components/extensions/mb-extensions/org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization/src/main/java/org/wso2/carbon/andes/extensions/device/mgt/mqtt/authorization/client/OAuthRequestInterceptor.java
@ -79,9 +79,11 @@ public class OAuthRequestInterceptor implements RequestInterceptor {
            tokenInfo = tokenIssuerService.getToken(PASSWORD_GRANT_TYPE, username, password);
            tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
        }
-        if (System.currentTimeMillis() + refreshTimeOffset > tokenInfo.getExpires_in()) {
-            tokenInfo = tokenIssuerService.getToken(REFRESH_GRANT_TYPE, tokenInfo.getRefresh_token());
-            tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
+        synchronized (this) {
+            if (System.currentTimeMillis() + refreshTimeOffset > tokenInfo.getExpires_in()) {
+                tokenInfo = tokenIssuerService.getToken(REFRESH_GRANT_TYPE, tokenInfo.getRefresh_token());
+                tokenInfo.setExpires_in(System.currentTimeMillis() + tokenInfo.getExpires_in());
+            }
        }
        String headerValue = "Bearer " + tokenInfo.getAccess_token();
        template.header("Authorization", headerValue);