X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FUserAdminLoginModule.java;h=cdb0f4ca27edfff0ad89340753d357ab097c09d7;hb=b6e64316eb5472b68f4673cbda3f1e375defe8fe;hp=ad9eb24c52ac912c32f9568ca956f19869123405;hpb=088c1b517a543e935d8ab65c3b2fd2d0269b551d;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
index ad9eb24c5..cdb0f4ca2 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/UserAdminLoginModule.java
@@ -1,11 +1,9 @@
 package org.argeo.cms.auth;
 
 import static org.argeo.naming.LdapAttrs.cn;
-import static org.argeo.naming.LdapAttrs.description;
 
 import java.io.IOException;
 import java.security.PrivilegedAction;
-import java.time.Instant;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;
@@ -32,12 +30,12 @@ import org.apache.commons.logging.LogFactory;
 import org.argeo.cms.CmsException;
 import org.argeo.cms.internal.kernel.Activator;
 import org.argeo.naming.LdapAttrs;
-import org.argeo.naming.NamingUtils;
 import org.argeo.node.NodeConstants;
 import org.argeo.node.security.CryptoKeyring;
 import org.argeo.osgi.useradmin.AuthenticatingUser;
 import org.argeo.osgi.useradmin.IpaUtils;
 import org.argeo.osgi.useradmin.OsUserUtils;
+import org.argeo.osgi.useradmin.TokenUtils;
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.FrameworkUtil;
 import org.osgi.framework.ServiceReference;
@@ -245,7 +243,7 @@ public class UserAdminLoginModule implements LoginModule {
 
 		// Log and monitor new login
 		HttpServletRequest request = (HttpServletRequest) sharedState.get(CmsAuthUtils.SHARED_STATE_HTTP_REQUEST);
-		CmsAuthUtils.addAuthorization(subject, authorization, locale, request);
+		CmsAuthUtils.addAuthorization(subject, authorization);
 
 		// Unlock keyring (underlying login to the JCR repository)
 		char[] password = (char[]) sharedState.get(CmsAuthUtils.SHARED_STATE_PWD);
@@ -336,15 +334,17 @@ public class UserAdminLoginModule implements LoginModule {
 	}
 
 	protected Authorization getAuthorizationFromToken(UserAdmin userAdmin, Group tokenGroup) {
-		String expiryDateStr = (String) tokenGroup.getProperties().get(description.name());
-		if (expiryDateStr != null) {
-			Instant expiryDate = NamingUtils.ldapDateToInstant(expiryDateStr);
-			if (expiryDate.isBefore(Instant.now())) {
-				if (log.isDebugEnabled())
-					log.debug("Token " + tokenGroup.getName() + " has expired.");
-				return null;
-			}
-		}
+		if (TokenUtils.isExpired(tokenGroup))
+			return null;
+//		String expiryDateStr = (String) tokenGroup.getProperties().get(description.name());
+//		if (expiryDateStr != null) {
+//			Instant expiryDate = NamingUtils.ldapDateToInstant(expiryDateStr);
+//			if (expiryDate.isBefore(Instant.now())) {
+//				if (log.isDebugEnabled())
+//					log.debug("Token " + tokenGroup.getName() + " has expired.");
+//				return null;
+//			}
+//		}
 		Authorization auth = userAdmin.getAuthorization(tokenGroup);
 		return auth;
 	}