jbufu / openid4java

Automatically exported from code.google.com/p/openid4java
Apache License 2.0
98 stars 58 forks source link

Long expire in values cause overflows #179

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. In smart mode connect to an openid server which generates associations with 
a long expire date (3628799 seconds for example) 

What is the expected output? What do you see instead?

Expected the association to be valid for that many time, instead:

1. The org.openid4java.association.Association String, String, SecretKey, int 
constructor will multiply that expire in value by 1000, causing an overflow, 
the number becomes -666168296
2. The association is added to the 
org.openid4java.consumer.InMemoryConsumerAssociationStore, but removed in the 
next call to removeExpired(), never being usable.
3. The authentication fails.

What version of the product are you using? On what operating system?

openid4java-0.9.6.662, Mac or Linux

Please provide any additional information below.

This can be fixed by casting the expireIn variable to a long before multiplying 
it by 1000.

Original issue reported on code.google.com by hrcerque...@gmail.com on 14 May 2012 at 11:37

GoogleCodeExporter commented 9 years ago
Fixed in r687.

Original comment by Johnny.B...@gmail.com on 31 Oct 2012 at 8:39

GoogleCodeExporter commented 9 years ago
Issue 186 has been merged into this issue.

Original comment by Johnny.B...@gmail.com on 15 Jan 2013 at 8:28