Removed default settings for AT

Conflicts with RAT logic
indigo-iam · Nov 30, 2023 · 6b8dcf7 · 6b8dcf7
1 parent e27cd75
commit 6b8dcf7
Showing 1 changed file with 0 additions and 18 deletions.
diff --git a/...server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java b/...server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
@@ -85,8 +85,6 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
   private static final Logger logger =
       LoggerFactory.getLogger(DefaultOAuth2ProviderTokenService.class);
 
-  private static final int DEFAULT_ACCESS_TOKEN_VALIDITY_SECS = 3600;
-
   @Autowired
   private OAuth2TokenRepository tokenRepository;
 
@@ -105,16 +103,6 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
   @Autowired
   private ApprovedSiteService approvedSiteService;
 
-  int defaultAccessTokenValiditySeconds;
-
-  public DefaultOAuth2ProviderTokenService() {
-    this(DEFAULT_ACCESS_TOKEN_VALIDITY_SECS);
-  }
-
-  public DefaultOAuth2ProviderTokenService(int defaultAccessTokenValiditySeconds) {
-    this.defaultAccessTokenValiditySeconds = defaultAccessTokenValiditySeconds;
-  }
-
   @Override
   public Set<OAuth2AccessTokenEntity> getAllAccessTokensForUser(String userName) {
     return tokenRepository.getAccessTokensByUserName(userName);
@@ -239,9 +227,6 @@ public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentica
             new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
 
         token.setExpiration(expiration);
-      } else {
-        token.setExpiration(
-            new Date(System.currentTimeMillis() + (defaultAccessTokenValiditySeconds * 1000L)));
       }
 
       // attach the authorization so that we can look it up later
@@ -405,9 +390,6 @@ public OAuth2AccessTokenEntity refreshAccessToken(String refreshTokenValue,
       Date expiration =
           new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
       token.setExpiration(expiration);
-    } else {
-      token.setExpiration(
-          new Date(System.currentTimeMillis() + (defaultAccessTokenValiditySeconds * 1000L)));
     }
 
     if (client.isReuseRefreshToken()) {