2 năm trước cách đây · e73832d570
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
@@ -124,9 +124,12 @@ public class AuthJwtService {
 
				 				JWTClaimsSet claims = resolve(authToken);
			
 
				 				boolean isExpiration = claims.getExpirationTime().after(DateTime.now().toDate());
			
 
				 				boolean isVerify = hmac512Service.verify(authToken);
			
 
				-				_logger.debug("JWT Validate {} , Verify {} , now {} , ExpirationTime {} , isExpiration : {}" , 
			
 
				-						isVerify && isExpiration,isVerify,DateTime.now().toDate(),claims.getExpirationTime(),isExpiration);
			
 
				-
			
 
				+				_logger.debug("JWT Validate {} " , isVerify && isExpiration);
			
 
				+				
			
 
				+				if(!(isVerify && isExpiration)) {
			
 
				+					_logger.debug("HMAC Verify {} , now {} , ExpirationTime {} , is not Expiration : {}" , 
			
 
				+						isVerify,DateTime.now().toDate(),claims.getExpirationTime(),isExpiration);
			
 
				+				}
			
 
				 				return isVerify && isExpiration;
			
 
				 			}
			
 
				 		} catch (ParseException e) {
			
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java
@@ -76,8 +76,7 @@ public class InMemorySessionManager implements SessionManager{
 
				         if(session != null) {
			
 
				         	_logger.debug("refresh session Id {} at refreshTime {}",sessionId,refreshTime);
			
 
				 	        session.setLastAccessTime(refreshTime);
			
 
				-	        //invalidate sessionId then renew one
			
 
				-	        sessionStore.invalidate(sessionId);
			
 
				+	        //put new session
			
 
				 	        create(sessionId , session);
			
 
				         }
			
 
				         return session;
			
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionManagerFactory.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionManagerFactory.java
@@ -109,8 +109,7 @@ public class SessionManagerFactory implements SessionManager{
 
				 		Session session = null;
			
 
				 		if(isRedis) {
			
 
				 			session = redisSessionManager.refresh(sessionId,refreshTime);
			
 
				-			//renew one
			
 
				-			inMemorySessionManager.remove(sessionId);
			
 
				+			//renew one in Memory
			
 
				 			inMemorySessionManager.create(sessionId, session);
			
 
				 		}else {
			
 
				 			session = inMemorySessionManager.refresh(sessionId,refreshTime);