2 years ago · e73832d570
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
@@ -124,9 +124,12 @@ public class AuthJwtService {
 
															 				JWTClaimsSet claims = resolve(authToken);
														
 
															 				boolean isExpiration = claims.getExpirationTime().after(DateTime.now().toDate());
														
 
															 				boolean isVerify = hmac512Service.verify(authToken);
														
 
															-				_logger.debug("JWT Validate {} , Verify {} , now {} , ExpirationTime {} , isExpiration : {}" , 
														
 
															-						isVerify && isExpiration,isVerify,DateTime.now().toDate(),claims.getExpirationTime(),isExpiration);
														
 
															-
														
 
															+				_logger.debug("JWT Validate {} " , isVerify && isExpiration);
														
 
															+				
														
 
															+				if(!(isVerify && isExpiration)) {
														
 
															+					_logger.debug("HMAC Verify {} , now {} , ExpirationTime {} , is not Expiration : {}" , 
														
 
															+						isVerify,DateTime.now().toDate(),claims.getExpirationTime(),isExpiration);
														
 
															+				}
														
 
															 				return isVerify && isExpiration;
														
 
															 			}
														
 
															 		} catch (ParseException e) {
														
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java
@@ -76,8 +76,7 @@ public class InMemorySessionManager implements SessionManager{
 
															         if(session != null) {
														
 
															         	_logger.debug("refresh session Id {} at refreshTime {}",sessionId,refreshTime);
														
 
															 	        session.setLastAccessTime(refreshTime);
														
 
															-	        //invalidate sessionId then renew one
														
 
															-	        sessionStore.invalidate(sessionId);
														
 
															+	        //put new session
														
 
															 	        create(sessionId , session);
														
 
															         }
														
 
															         return session;
														
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionManagerFactory.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionManagerFactory.java
@@ -109,8 +109,7 @@ public class SessionManagerFactory implements SessionManager{
 
															 		Session session = null;
														
 
															 		if(isRedis) {
														
 
															 			session = redisSessionManager.refresh(sessionId,refreshTime);
														
 
															-			//renew one
														
 
															-			inMemorySessionManager.remove(sessionId);
														
 
															+			//renew one in Memory
														
 
															 			inMemorySessionManager.create(sessionId, session);
														
 
															 		}else {
														
 
															 			session = inMemorySessionManager.refresh(sessionId,refreshTime);