From 0bd8b2fbf6aab75ab62404ddbcd0e44fa34f8d50 Mon Sep 17 00:00:00 2001
From: Luca Frosini <luca.frosini@isti.cnr.it>
Date: Mon, 28 Oct 2024 15:40:19 +0100
Subject: [PATCH] Fixing code

---
 .../authorization/utils/secret/JWTSecret.java       | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/main/java/org/gcube/common/authorization/utils/secret/JWTSecret.java b/src/main/java/org/gcube/common/authorization/utils/secret/JWTSecret.java
index de2912c..36628fe 100644
--- a/src/main/java/org/gcube/common/authorization/utils/secret/JWTSecret.java
+++ b/src/main/java/org/gcube/common/authorization/utils/secret/JWTSecret.java
@@ -3,6 +3,7 @@ package org.gcube.common.authorization.utils.secret;
 import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
+import java.util.Calendar;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
@@ -18,7 +19,6 @@ import org.gcube.common.authorization.utils.clientid.RenewalProvider;
 import org.gcube.common.authorization.utils.user.KeycloakUser;
 import org.gcube.common.authorization.utils.user.User;
 import org.gcube.common.iam.OIDCBearerAuth;
-import org.gcube.common.keycloak.model.util.Time;
 import org.gcube.common.scope.impl.ScopeBean;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -53,9 +53,13 @@ public class JWTSecret extends Secret {
 		try {
 			boolean expired = isExpired();
 			
+			long now = Calendar.getInstance().getTimeInMillis();
+			long expireTime = oidcBearerAuth.getAccessToken().getExp()*1000;
+			long expireWithTolerance = expireTime-TOLERANCE;
+			
 			// We consider expired TOLERANCE millisecond in advance to avoid to perform 
 			// a requests while the token is expiring and for this reason is rejected
-			if(!expired && Time.currentTimeMillis()>=(oidcBearerAuth.getAccessToken().getExp()-TOLERANCE)) {
+			if(!expired && now>=expireWithTolerance) {
 				expired = true;
 			}
 			
@@ -163,10 +167,11 @@ public class JWTSecret extends Secret {
 		if(user==null) {
 			try {
 				ObjectMapper objectMapper = new ObjectMapper();
-				user = objectMapper.readValue(token, KeycloakUser.class);
+				String accessTokenString = objectMapper.writeValueAsString(oidcBearerAuth.getAccessToken());
+				user = objectMapper.readValue(accessTokenString, KeycloakUser.class);
 				user.setRoles(getRoles());
 			} catch (Exception e) {
-				throw new RuntimeException();
+				throw new RuntimeException(e);
 			}
 		}
 		return user;