From ef407eab8d1e52c9d62090c18b9eccddbece106c Mon Sep 17 00:00:00 2001 From: Carol Alexandru Date: Thu, 12 May 2022 14:56:40 +0200 Subject: [PATCH 1/2] OlatLmsRestTemplate: also refresh auth token when receiving 403 FORBIDDEN --- .../servicelayer/lms/impl/olat/OlatLmsRestTemplate.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsRestTemplate.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsRestTemplate.java index bc026a1f..3f67d36e 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsRestTemplate.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsRestTemplate.java @@ -55,7 +55,8 @@ public class OlatLmsRestTemplate extends RestTemplate { ClientHttpResponse response = execution.execute(request, body); log.debug("OLAT [regular API call] {} Headers: {}", response.getStatusCode(), response.getHeaders()); // If we get a 401, re-authenticate and try once more - if (response.getStatusCode() == HttpStatus.UNAUTHORIZED) { + if (response.getStatusCode() == HttpStatus.UNAUTHORIZED || + response.getStatusCode() == HttpStatus.FORBIDDEN) { authenticate(); request.getHeaders().set("X-OLAT-TOKEN", OlatLmsRestTemplate.this.token); response = execution.execute(request, body); From 3e6efd3ccfb9c407fb3c04e3b546da1d56c1aa94 Mon Sep 17 00:00:00 2001 From: anhefti Date: Wed, 18 May 2022 10:29:55 +0200 Subject: [PATCH 2/2] fixed SEB client access token expire. --- .../servicelayer/sebconfig/impl/ClientConfigServiceImpl.java | 1 + .../webservice/weblayer/oauth/AuthorizationServerConfig.java | 1 + 2 files changed, 2 insertions(+) diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/sebconfig/impl/ClientConfigServiceImpl.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/sebconfig/impl/ClientConfigServiceImpl.java index 7f065a9c..a2ef6971 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/sebconfig/impl/ClientConfigServiceImpl.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/sebconfig/impl/ClientConfigServiceImpl.java @@ -211,6 +211,7 @@ public class ClientConfigServiceImpl implements ClientConfigService { baseClientDetails.setScope(Collections.emptySet()); baseClientDetails.setClientSecret(Utils.toString(pwd)); baseClientDetails.setAccessTokenValiditySeconds(-1); // not expiring + baseClientDetails.setRefreshTokenValiditySeconds(-1); // not expiring if (log.isDebugEnabled()) { log.debug("Created new BaseClientDetails for id: {}", clientName); diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/oauth/AuthorizationServerConfig.java b/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/oauth/AuthorizationServerConfig.java index 568391da..2aa63173 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/oauth/AuthorizationServerConfig.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/oauth/AuthorizationServerConfig.java @@ -87,6 +87,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap defaultTokenServices.setTokenEnhancer(jwtAccessTokenConverter); defaultTokenServices.setAccessTokenValiditySeconds(this.adminAccessTokenValSec); defaultTokenServices.setRefreshTokenValiditySeconds(this.adminRefreshTokenValSec); + defaultTokenServices.setClientDetailsService(this.webServiceClientDetails); endpoints .tokenStore(this.tokenStore)