fix: consider no expiry valid and add back jitter to the calculation

openfga · Apr 26, 2024 · c34968c · c34968c
1 parent 2084b0a
commit c34968c
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 10 deletions.
diff --git a/src/main/java/dev/openfga/sdk/api/auth/AccessToken.java b/src/main/java/dev/openfga/sdk/api/auth/AccessToken.java
@@ -16,23 +16,33 @@
 
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
+import java.util.Random;
 
 class AccessToken {
     private static final int TOKEN_EXPIRY_BUFFER_THRESHOLD_IN_SEC = 300;
     private Instant expiresAt;
 
+    private final Random random = new Random();
     private String token;
 
     public boolean isValid() {
-        if (isNullOrWhitespace(token) || expiresAt == null) {
+        if (isNullOrWhitespace(token)) {
             return false;
         }
 
-        // A token should be considered valid until 5 minutes before the expiry
-        Instant nowWithLeeway =
-                Instant.now().plusSeconds(TOKEN_EXPIRY_BUFFER_THRESHOLD_IN_SEC).truncatedTo(ChronoUnit.SECONDS);
+        // Is expiry is null then the token will not expire so should be considered always valid
+        if (expiresAt == null) {
+            return true;
+        }
+
+        // A token should be considered valid until 5 minutes before the expiry with some jitter
+        // to account for multiple calls to `isValid` at the same time and prevent multiple refresh calls
+        Instant expiresWithLeeway = expiresAt
+                .minusSeconds(TOKEN_EXPIRY_BUFFER_THRESHOLD_IN_SEC)
+                .minusSeconds(random.nextInt(TOKEN_EXPIRY_BUFFER_THRESHOLD_IN_SEC))
+                .truncatedTo(ChronoUnit.SECONDS);
 
-        return expiresAt.isAfter(nowWithLeeway);
+        return Instant.now().truncatedTo(ChronoUnit.SECONDS).isBefore(expiresWithLeeway);
     }
 
     public String getToken() {

diff --git a/src/test/java/dev/openfga/sdk/api/auth/AccessTokenTest.java b/src/test/java/dev/openfga/sdk/api/auth/AccessTokenTest.java
@@ -27,9 +27,8 @@ private static Stream<Arguments> expTimeAndResults() {
         return Stream.of(
                 Arguments.of("Expires in 1 hour should be valid", Instant.now().plus(1, ChronoUnit.HOURS), true),
                 Arguments.of(
-                        "Expires in 10 minutes should be valid", Instant.now().plus(10, ChronoUnit.MINUTES), true),
-                Arguments.of(
-                        "Expires in 6 minutes should be valid", Instant.now().plus(6, ChronoUnit.MINUTES), true),
+                        "Expires in 15 minutes should be valid", Instant.now().plus(15, ChronoUnit.MINUTES), true),
+                Arguments.of("No expiry value should be valid", null, true),
                 Arguments.of(
                         "Expired 1 hour ago should not not be valid",
                         Instant.now().minus(1, ChronoUnit.HOURS),
@@ -46,8 +45,11 @@ private static Stream<Arguments> expTimeAndResults() {
                         "Expires in 5 minutes should not not be valid",
                         Instant.now().plus(5, ChronoUnit.MINUTES),
                         false),
-                Arguments.of("Expires now should not not be valid", Instant.now(), false),
-                Arguments.of("Not set should not not be valid", null, false));
+                Arguments.of(
+                        "Expires in 1 minute should not not be valid",
+                        Instant.now().plus(1, ChronoUnit.MINUTES),
+                        false),
+                Arguments.of("Expires now should not not be valid", Instant.now(), false));
     }
 
     @MethodSource("expTimeAndResults")