andreas.dinauer/oidc-proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🚧 Check expiry before using token from cache

Browse Source
This commit is contained in:
Andreas Dinauer 2026-04-18 16:10:46 +02:00
parent 1aebd3b50c
commit 04f1ccffcb
1 changed files with 17 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/main/java/dev/dinauer/oidcproxy/session/SessionCache.java
View File

@ -21,41 +21,9 @@ public class SessionCache
{ {
private final Map<String, AccessToken> tokens = new ConcurrentHashMap<>(); private final Map<String, AccessToken> tokens = new ConcurrentHashMap<>();
@Inject
Logger LOG;
@Inject @Inject
SessionService sessionService; SessionService sessionService;
@Inject
EncryptUtils encryptUtils;
@Inject
AccessTokenRepository accessTokenRepository;
@Startup
@ActivateRequestContext
void housekeeping()
{
Executors.newScheduledThreadPool(1).scheduleAtFixedRate(() -> {
LOG.info("Running housekeeping...");
List<AccessTokenEntity> sessions = accessTokenRepository.findExpiresBefore(ZonedDateTime.now().plusMinutes(2));
for (AccessTokenEntity session : sessions)
{
QuarkusTransaction.begin();
tokens.remove(session.getId());
try
{
accessTokenRepository.delete(session);
QuarkusTransaction.commit();
}
catch (Exception e)
{
QuarkusTransaction.rollback();
}
}
}, 0, 30, TimeUnit.SECONDS);
}
public String add(String accessToken, String refreshToken) public String add(String accessToken, String refreshToken)
{ {
String sessionId = UUID.randomUUID().toString(); String sessionId = UUID.randomUUID().toString();
@ -66,10 +34,10 @@ public class SessionCache
public String get(String sessionId) throws TokenNotFoundException public String get(String sessionId) throws TokenNotFoundException
{ {
String sessionHash = toHash(sessionId); String sessionHash = toHash(sessionId);
AccessToken token = tokens.get(sessionHash); Optional<String> token = getFromCache(sessionHash);
if (token != null) if (token.isPresent())
{ {
return token.getToken(); return token.get();
} }
AccessToken fromDB = sessionService.provide(sessionHash); AccessToken fromDB = sessionService.provide(sessionHash);
tokens.put(sessionHash, fromDB); tokens.put(sessionHash, fromDB);
@ -83,6 +51,20 @@ public class SessionCache
sessionService.remove(sessionHash); sessionService.remove(sessionHash);
} }
public Optional<String> getFromCache(String sessionHash)
{
AccessToken token = tokens.get(sessionHash);
if (token != null && ZonedDateTime.now().isBefore(token.getExpiresAt()))
{
return Optional.of(token.getToken());
}
else
{
tokens.remove(sessionHash);
return Optional.empty();
}
}
private String toHash(String sessionId) private String toHash(String sessionId)
{ {
try try