Giters

spring-attic / spring-security-oauth

Support for adding OAuth1(a) and OAuth2 features (consumer and provider) for Spring web applications.

Home Page:http://github.com/spring-projects/spring-security-oauth

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Missing clock skew support in AccessTokenProviderChain

akloeber opened this issue · comments

commented

Summary

The fix for #1287 added a clock skew to OAuth2RestTemplate but there is another expiration check in AccessTokenProviderChain that does not take this clock skew into account which renders this fix useless when used in combination with AccessTokenProviderChain.

Version

2.5.0.RELEASE