authlete · hidebike712 · Jun 21, 2019 · Jun 21, 2019
diff --git a/src/main/java/com/authlete/jaxrs/server/ServerConfig.java b/src/main/java/com/authlete/jaxrs/server/ServerConfig.java
@@ -38,13 +38,10 @@ public class ServerConfig
  */
  private static final String AUTHLETE_AD_BASE_URL_KEY = "authlete.ad.base_url";
  private static final String AUTHLETE_AD_WORKSPACE_KEY = "authlete.ad.workspace";
- private static final String AUTHLETE_AD_SYNC_AUTHENTICATION_TIMEOUT_KEY = "authlete.ad.sync.authentication_timeout";
  private static final String AUTHLETE_AD_SYNC_CONNECT_TIMEOUT_KEY = "authlete.ad.sync.connect_timeout";
- private static final String AUTHLETE_AD_SYNC_READ_TIMEOUT_KEY = "authlete.ad.sync.read_timeout";
- private static final String AUTHLETE_AD_ASYNC_AUTHENTICATION_TIMEOUT_KEY = "authlete.ad.async.authentication_timeout";
+ private static final String AUTHLETE_AD_SYNC_ADDITIONAL_READ_TIMEOUT_KEY = "authlete.ad.sync.additional_read_timeout";
  private static final String AUTHLETE_AD_ASYNC_CONNECT_TIMEOUT_KEY = "authlete.ad.async.connect_timeout";
  private static final String AUTHLETE_AD_ASYNC_READ_TIMEOUT_KEY = "authlete.ad.async.read_timeout";
- private static final String AUTHLETE_AD_POLL_AUTHENTICATION_TIMEOUT_KEY = "authlete.ad.poll.authentication.timeout";
  private static final String AUTHLETE_AD_POLL_CONNECT_TIMEOUT_KEY = "authlete.ad.poll.connect_timeout";
  private static final String AUTHLETE_AD_POLL_READ_TIMEOUT_KEY = "authlete.ad.poll.read_timeout";
 
@@ -53,13 +50,10 @@ public class ServerConfig
  * Default configuration values.
  */
  private static final String DEFAULT_AUTHLETE_AD_BASE_URL = "https://cibasim.authlete.com";
- private static final int DEFAULT_AUTHLETE_AD_SYNC_AUTHENTICATION_TIMEOUT = 20; // 20 seconds.
  private static final int DEFAULT_AUTHLETE_AD_SYNC_CONNECT_TIMEOUT = 10000; // 10000 milliseconds.
- private static final int DEFAULT_AUTHLETE_AD_SYNC_READ_TIMEOUT = 60000; // 60000 milliseconds.
- private static final int DEFAULT_AUTHLETE_AD_ASYNC_AUTHENTICATION_TIMEOUT = 20; // 20 seconds.
+ private static final int DEFAULT_AUTHLETE_AD_SYNC_ADDITIONAL_READ_TIMEOUT = 10000; // 10000 milliseconds.
  private static final int DEFAULT_AUTHLETE_AD_ASYNC_CONNECT_TIMEOUT = 10000; // 10000 milliseconds.
  private static final int DEFAULT_AUTHLETE_AD_ASYNC_READ_TIMEOUT = 10000; // 10000 milliseconds.
- private static final int DEFAULT_AUTHLETE_AD_POLL_AUTHENTICATION_TIMEOUT = 20; // 20 seconds.
  private static final int DEFAULT_AUTHLETE_AD_POLL_CONNECT_TIMEOUT = 10000; // 10000 milliseconds.
  private static final int DEFAULT_AUTHLETE_AD_POLL_READ_TIMEOUT = 10000; // 10000 milliseconds.
 
@@ -69,13 +63,10 @@ public class ServerConfig
  */
  private static final String AUTHLETE_AD_BASE_URL = sProperties.getString(AUTHLETE_AD_BASE_URL_KEY, DEFAULT_AUTHLETE_AD_BASE_URL);
  private static final String AUTHLETE_AD_WORKSPACE = sProperties.getString(AUTHLETE_AD_WORKSPACE_KEY);
- private static final int AUTHLETE_AD_SYNC_AUTHENTICATION_TIMEOUT = sProperties.getInt(AUTHLETE_AD_SYNC_AUTHENTICATION_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_SYNC_AUTHENTICATION_TIMEOUT);
  private static final int AUTHLETE_AD_SYNC_CONNECT_TIMEOUT = sProperties.getInt(AUTHLETE_AD_SYNC_CONNECT_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_SYNC_CONNECT_TIMEOUT);
- private static final int AUTHLETE_AD_SYNC_READ_TIMEOUT = sProperties.getInt(AUTHLETE_AD_SYNC_READ_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_SYNC_READ_TIMEOUT);
- private static final int AUTHLETE_AD_ASYNC_AUTHENTICATION_TIMEOUT = sProperties.getInt(AUTHLETE_AD_ASYNC_AUTHENTICATION_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_ASYNC_AUTHENTICATION_TIMEOUT);
+ private static final int AUTHLETE_AD_SYNC_ADDITIONAL_READ_TIMEOUT = sProperties.getInt(AUTHLETE_AD_SYNC_ADDITIONAL_READ_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_SYNC_ADDITIONAL_READ_TIMEOUT);
  private static final int AUTHLETE_AD_ASYNC_CONNECT_TIMEOUT = sProperties.getInt(AUTHLETE_AD_ASYNC_CONNECT_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_ASYNC_CONNECT_TIMEOUT);
  private static final int AUTHLETE_AD_ASYNC_READ_TIMEOUT = sProperties.getInt(AUTHLETE_AD_ASYNC_READ_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_ASYNC_READ_TIMEOUT);
- private static final int AUTHLETE_AD_POLL_AUTHENTICATION_TIMEOUT = sProperties.getInt(AUTHLETE_AD_POLL_AUTHENTICATION_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_POLL_AUTHENTICATION_TIMEOUT);
  private static final int AUTHLETE_AD_POLL_CONNECT_TIMEOUT = sProperties.getInt(AUTHLETE_AD_POLL_CONNECT_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_POLL_CONNECT_TIMEOUT);
  private static final int AUTHLETE_AD_POLL_READ_TIMEOUT = sProperties.getInt(AUTHLETE_AD_POLL_READ_TIMEOUT_KEY, DEFAULT_AUTHLETE_AD_POLL_READ_TIMEOUT);
 
@@ -114,34 +105,6 @@ public static String getAuthleteAdWorkspace()
  }
 
 
- /**
- * Get the authentication/authorization timeout value (in seconds) used when
- * the authorization server makes a request to <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">
- * /api/authenticate/sync API</a> of <a href="https://cibasim.authlete.com">
- * Authlete CIBA authentication device simulator</a>.
- *
- * <p>
- * The authentication device simulator waits for this timeout value to get
- * authorization decision from an end-user.
- * </p>
- *
- * @return
- * The authentication/authorization timeout value (in seconds) used
- * when the authorization server makes a request to
- * <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">
- * /api/authenticate/sync API</a> of <a href="https://cibasim.authlete.com">
- * Authlete CIBA authentication device simulator</a>.
- *
- * @see <a href="https://cibasim.authlete.com">Authlete CIBA authentication device simulator</a>
- *
- * @see <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">/api/authenticate/sync API</a>
- */
- public static int getAuthleteAdSyncAuthenticationTimeout()
- {
- return AUTHLETE_AD_SYNC_AUTHENTICATION_TIMEOUT;
- }
-
-
  /**
  * Get the connect timeout value (in milliseconds) used when the authorization
  * server makes a request to <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">
@@ -165,52 +128,39 @@ public static int getAuthleteAdSyncConnectTimeout()
 
 
  /**
- * Get the read timeout value (in milliseconds) used when the authorization
- * server makes a request to <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">
+ * Get the value (in milliseconds) that is used to compute the read timeout
+ * value used when the authorization server makes a request to <a
+ * href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">
  * /api/authenticate/sync API</a> of <a href="https://cibasim.authlete.com">
  * Authlete CIBA authentication device simulator</a>.
  *
- * @return
- * The read timeout value (in milliseconds) used when the authorization
- * server makes a request to <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">
- * /api/authenticate/sync API</a> of <a href="https://cibasim.authlete.com">
- * Authlete CIBA authentication device simulator</a>.
- *
- * @see <a href="https://cibasim.authlete.com">Authlete CIBA authentication device simulator</a>
- *
- * @see <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">/api/authenticate/sync API</a>
- */
- public static int getAuthleteAdSyncReadTimeout()
- {
- return AUTHLETE_AD_SYNC_READ_TIMEOUT;
- }
-
-
- /**
- * Get the authentication/authorization timeout value (in seconds) used when
- * the authorization server makes a request to <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_async">
- * /api/authenticate/async API</a> of <a href="https://cibasim.authlete.com">
- * Authlete CIBA authentication device simulator</a>.
- *
  * <p>
- * The authentication device simulator waits for this timeout value to get
- * authorization decision from an end-user.
+ * The read timeout value is computed as follows.
+ * </p>
+ *
+ * <p style="border: solid 1px black; padding: 0.5em;">
+ * (read timeout) = (the duration of an <code>'auth_req_id'</code> in milliseconds) + (the value returned by this method)
  * </p>
  *
+ * For more details, see the implementation of {@link com.authlete.jaxrs.server.ad.AuthenticationDevice
+ * AuthenticationDevice}.
+ *
  * @return
- * The authentication/authorization timeout value (in seconds) used
- * when the authorization server makes a request to
- * <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_async">
- * /api/authenticate/async API</a> of <a href="https://cibasim.authlete.com">
+ * The value (in milliseconds) that is used to compute the read timeout
+ * value used when the authorization server makes a request to <a
+ * href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">
+ * /api/authenticate/sync API</a> of <a href="https://cibasim.authlete.com">
  * Authlete CIBA authentication device simulator</a>.
  *
  * @see <a href="https://cibasim.authlete.com">Authlete CIBA authentication device simulator</a>
  *
- * @see <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_async">/api/authenticate/async API</a>
+ * @see <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_sync">/api/authenticate/sync API</a>
+ *
+ * @see {@link com.authlete.jaxrs.server.ad.AuthenticationDevice AuthenticationDevice}.
  */
- public static int getAuthleteAdAsyncAuthenticationTimeout()
+ public static int getAuthleteAdSyncAdditionalReadTimeout()
  {
- return AUTHLETE_AD_ASYNC_AUTHENTICATION_TIMEOUT;
+ return AUTHLETE_AD_SYNC_ADDITIONAL_READ_TIMEOUT;
  }
 
 
@@ -258,34 +208,6 @@ public static int getAuthleteAdAsyncReadTimeout()
  }
 
 
- /**
- * Get the authentication/authorization timeout value (in seconds) used when
- * the authorization server makes a request to <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_poll">
- * /api/authenticate/poll API</a> of <a href="https://cibasim.authlete.com">
- * Authlete CIBA authentication device simulator</a>.
- *
- * <p>
- * The authentication device simulator waits for this timeout value to get
- * authorization decision from an end-user.
- * </p>
- *
- * @return
- * The authentication/authorization timeout value (in seconds) used
- * when the authorization server makes a request to
- * <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_poll">
- * /api/authenticate/poll API</a> of <a href="https://cibasim.authlete.com">
- * Authlete CIBA authentication device simulator</a>.
- *
- * @see <a href="https://cibasim.authlete.com">Authlete CIBA authentication device simulator</a>
- *
- * @see <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_poll">/api/authenticate/poll API</a>
- */
- public static int getAuthleteAdPollAuthenticationTimeout()
- {
- return AUTHLETE_AD_POLL_AUTHENTICATION_TIMEOUT;
- }
-
-
  /**
  * Get the connect timeout value (in milliseconds) used when the authorization
  * server makes a request to <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim/1.0.0#/default/post_api_authenticate_poll">

diff --git a/src/main/java/com/authlete/jaxrs/server/ad/AuthenticationDevice.java b/src/main/java/com/authlete/jaxrs/server/ad/AuthenticationDevice.java
@@ -45,6 +45,15 @@
  */
 public class AuthenticationDevice
 {
+ /**
+ * The limit values for end-user authentication/authorization timeout defined
+ * by <a href="https://app.swaggerhub.com/apis-docs/Authlete/cibasim">Authlete
+ * CIBA authentication device simulator API</a>.
+ */
+ public static final int AUTHENTICATION_TIMEOUT_MIN = 5;
+ public static final int AUTHENTICATION_TIMEOUT_MAX = 60;
+
+
  /**
  * Authlete CIBA authentication simulator API endpoints.
  */
@@ -57,17 +66,14 @@ public class AuthenticationDevice
  /**
  * Parameters required to communicate with the authentication device simulator.
  */
- private static final String sBaseUrl = ServerConfig.getAuthleteAdBaseUrl();
- private static final String sWorkspace = ServerConfig.getAuthleteAdWorkspace();
- private static final int sSyncAuthenticationTimeout = ServerConfig.getAuthleteAdSyncAuthenticationTimeout();
- private static final int sSyncConnectTimeout = ServerConfig.getAuthleteAdSyncConnectTimeout();
- private static final int sSyncReadTimeout = ServerConfig.getAuthleteAdSyncReadTimeout();
- private static final int sAsyncAuthenticationTimeout = ServerConfig.getAuthleteAdAsyncAuthenticationTimeout();
- private static final int sAsyncConnectTimeout = ServerConfig.getAuthleteAdAsyncConnectTimeout();
- private static final int sAsyncReadTimeout = ServerConfig.getAuthleteAdAsyncReadTimeout();
- private static final int sPollAuthenticationTimeout = ServerConfig.getAuthleteAdPollAuthenticationTimeout();
- private static final int sPollConnectTimeout = ServerConfig.getAuthleteAdPollConnectTimeout();
- private static final int sPollReadTimeout = ServerConfig.getAuthleteAdPollReadTimeout();
+ private static final String sBaseUrl = ServerConfig.getAuthleteAdBaseUrl();
+ private static final String sWorkspace = ServerConfig.getAuthleteAdWorkspace();
+ private static final int sSyncConnectTimeout = ServerConfig.getAuthleteAdSyncConnectTimeout();
+ private static final int sSyncAdditionalReadTimeout = ServerConfig.getAuthleteAdSyncAdditionalReadTimeout();
+ private static final int sAsyncConnectTimeout = ServerConfig.getAuthleteAdAsyncConnectTimeout();
+ private static final int sAsyncReadTimeout = ServerConfig.getAuthleteAdAsyncReadTimeout();
+ private static final int sPollConnectTimeout = ServerConfig.getAuthleteAdPollConnectTimeout();
+ private static final int sPollReadTimeout = ServerConfig.getAuthleteAdPollReadTimeout();
 
 
  private static Client createClient(int readTimeout, int connectTimeout)
@@ -97,6 +103,10 @@ private static Client createClient(int readTimeout, int connectTimeout)
  * @param message
  * A message to be shown to the end-user on the authentication device.
  *
+ * @param authTimeout
+ * The value of timeout in seconds for the end-user authentication/authorization
+ * on the authentication device.
+ *
  * @param actionizeToken
  * A token that is used with the actionize endpoint ({@code /api/atuhenticate/actionize})
  * to automate authentication device responses.
@@ -105,17 +115,22 @@ private static Client createClient(int readTimeout, int connectTimeout)
  * A response from the authentication device.
  */
  public static SyncAuthenticationResponse syncAuth(String subject, String message,
- String actionizeToken)
+ int authTimeout, String actionizeToken)
  {
+ // Determine the read timeout in milliseconds based on the value of the
+ // authentication timeout. This should be a bit longer than the timeout
+ // for end-user authentication/authorization.
+ int readTimeout = authTimeout * 1000 + sSyncAdditionalReadTimeout;
+
  // Create a web client to communicate with the authentication device.
- Client client = createClient(sSyncReadTimeout, sSyncConnectTimeout);
+ Client client = createClient(readTimeout, sSyncConnectTimeout);
 
  // A request to be sent to the authentication device.
  SyncAuthenticationRequest request = new SyncAuthenticationRequest()
  .setWorkspace(sWorkspace)
  .setUser(subject)
  .setMessage(message)
- .setTimeout(sSyncAuthenticationTimeout)
+ .setTimeout(authTimeout)
  .setActionizeToken(actionizeToken);
 
  // Send the request as a HTTP POST request.
@@ -134,6 +149,10 @@ public static SyncAuthenticationResponse syncAuth(String subject, String message
  * @param message
  * A message to be shown to the end-user on the authentication device.
  *
+ * @param authTimeout
+ * The value of timeout in seconds for the end-user authentication/authorization
+ * on the authentication device.
+ *
  * @param actionizeToken
  * A token that is used with the actionize endpoint ({@code /api/atuhenticate/actionize})
  * to automate authentication device responses.
@@ -142,7 +161,7 @@ public static SyncAuthenticationResponse syncAuth(String subject, String message
  * A response from the authentication device simulator.
  */
  public static AsyncAuthenticationResponse asyncAuth(String subject, String message,
- String actionizeToken)
+ int authTimeout, String actionizeToken)
  {
  // Create a web client to communicate with the authentication device.
  Client client = createClient(sAsyncReadTimeout, sAsyncConnectTimeout);
@@ -152,7 +171,7 @@ public static AsyncAuthenticationResponse asyncAuth(String subject, String messa
  .setWorkspace(sWorkspace)
  .setUser(subject)
  .setMessage(message)
- .setTimeout(sAsyncAuthenticationTimeout)
+ .setTimeout(authTimeout)
  .setActionizeToken(actionizeToken);
 
  // Send the request as a HTTP POST request.
@@ -171,6 +190,10 @@ public static AsyncAuthenticationResponse asyncAuth(String subject, String messa
  * @param message
  * A message to be shown to the end-user on the authentication device.
  *
+ * @param authTimeout
+ * The value of timeout in seconds for the end-user authentication/authorization
+ * on the authentication device.
+ *
  * @param actionizeToken
  * A token that is used with the actionize endpoint ({@code /api/atuhenticate/actionize})
  * to automate authentication device responses.
@@ -179,7 +202,7 @@ public static AsyncAuthenticationResponse asyncAuth(String subject, String messa
  * A response from the authentication device simulator.
  */
  public PollAuthenticationResponse pollAuth(String subject, String message,
- String actionizeToken)
+ int authTimeout, String actionizeToken)
  {
  // TODO: Implement this.
  return null;