Allow setting the refresh token clock skew
#2,079 创建于 2020年12月15日
仓库指标
- Star
- (4,284 star)
- PR 合并指标
- (平均合并 1天 21小时) (30 天内合并 18 个 PR)
描述
Describe the bug Spring Cloud Gateway didn't support refresh token until last milestone. (https://spring.io/blog/2020/11/18/spring-cloud-2020-0-0-m5-aka-ilford-is-available) I upgraded my project to support and use refresh token, and now i am using TokenRelay filter in spring-cloud-gateway, not in spring-cloud-security. But, access token is refreshed at every request although access token is not expired.
Sample Here is the sample log in my first request
2020-12-15 14:08:16.036 TRACE 10828 --- [ioEventLoop-7-2] o.s.w.r.f.client.ExchangeFunctions : [5bbf4c1f] HTTP POST http://localhost:8443/cas/oauth2.0/accessToken, headers={masked} 2020-12-15 14:08:16.041 TRACE 10828 --- [ctor-http-nio-8] o.s.http.codec.FormHttpMessageWriter : [5bbf4c1f] Writing form fields [grant_type, code, redirect_uri] (content masked) 2020-12-15 14:08:17.328 TRACE 10828 --- [ctor-http-nio-8] o.s.http.codec.json.Jackson2JsonDecoder : [5bbf4c1f] Decoded [{access_token=eyJ***.ey***.dD***, refresh_token=RT-2-b0yk***, token_type=bearer, expires_in=60, scope=custom_mod}]
the access token will expires in 60 seconds as you can see in log. But it is refreshing before expired.
2020-12-15 14:08:21.920 TRACE 10828 --- [ioEventLoop-7-2] o.s.w.r.f.client.ExchangeFunctions : [7a6b8bbd] HTTP POST http://localhost:8443/cas/oauth2.0/accessToken, headers={masked} 2020-12-15 14:08:21.922 TRACE 10828 --- [ctor-http-nio-8] o.s.http.codec.FormHttpMessageWriter : [7a6b8bbd] Writing form fields [grant_type, refresh_token] (content masked) 2020-12-15 14:08:22.737 TRACE 10828 --- [ctor-http-nio-8] o.s.http.codec.json.Jackson2JsonDecoder : [7a6b8bbd] Decoded [{access_token=ey***.ey***.5O***, token_type=bearer, expires_in=60, scope=custom_mod}]