root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Prevent race condition in ReactiveTokenValidator

This commit is contained in:
Madhura Bhave 2017-11-28 14:23:47 -08:00
parent 85ba361198
commit 2319d01feb
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/reactive/ReactiveTokenValidator.java
View File

@ -23,6 +23,7 @@ import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
@ -71,7 +72,8 @@ class ReactiveTokenValidator {
private Mono<Void> validateKeyIdAndSignature(Token token) {
String keyId = token.getKeyId();
return Mono.just(this.cachedTokenKeys)
Map<String, String> localCachedTokenKeys = new HashMap<>(this.cachedTokenKeys);
return Mono.just(localCachedTokenKeys)
.filter((tokenKeys) -> tokenKeys.containsKey(keyId))
.switchIfEmpty(this.securityService.fetchTokenKeys()
.doOnSuccess((fetchedTokenKeys) -> {