Enforce minimum token refresh rate

2022-07-20 10:19:58 +02:00 · 2022-07-20 10:19:58 +02:00 · 6afe0a2b11
parent 9fc1dac17c
commit 6afe0a2b11
2 changed files with 13 additions and 3 deletions
--- a/app/src/main/java/eu/faircode/email/GmailState.java
+++ b/app/src/main/java/eu/faircode/email/GmailState.java
@ -62,14 +62,18 @@ public class GmailState {

    void refresh(@NonNull Context context, @NonNull String user, boolean expire, long keep_alive)
            throws AuthenticatorException, OperationCanceledException, IOException {
+        long now = new Date().getTime();
        Long expiration = getAccessTokenExpirationTime();
-        if (expiration != null && expiration - keep_alive < new Date().getTime()) {
+        if (expiration != null && expiration - keep_alive < now) {
            EntityLog.log(context, "Force invalidation" +
                    " expiration=" + new Date(expiration) +
                    " keep-alive=" + (keep_alive / 60 / 1000) + "m");
            expire = true;
        }

+        if (expiration != null && expiration - ServiceAuthenticator.MIN_EXPIRE_INTERVAL > now)
+            expire = false;
+
        if (expire)
            try {
                if (token != null) {
--- a/app/src/main/java/eu/faircode/email/ServiceAuthenticator.java
+++ b/app/src/main/java/eu/faircode/email/ServiceAuthenticator.java
@ -56,6 +56,8 @@ public class ServiceAuthenticator extends Authenticator {
    static final int AUTH_TYPE_GMAIL = 2;
    static final int AUTH_TYPE_OAUTH = 3;

+    static final long MIN_EXPIRE_INTERVAL = 15 * 60 * 1000L;
+
    ServiceAuthenticator(
            Context context,
            int auth, String provider, int keep_alive,
@ -150,14 +152,18 @@ public class ServiceAuthenticator extends Authenticator {
    private static void OAuthRefresh(Context context, String id, AuthState authState, boolean expire, long keep_alive)
            throws MessagingException {
        try {
+            long now = new Date().getTime();
            Long expiration = authState.getAccessTokenExpirationTime();
-            if (expiration != null && expiration - keep_alive < new Date().getTime()) {
+            if (expiration != null && expiration - keep_alive < now) {
                EntityLog.log(context, "OAuth force refresh" +
                        " expiration=" + new Date(expiration) +
                        " keep_alive=" + (keep_alive / 60 / 1000) + "m");
-                authState.setNeedsTokenRefresh(true);
+                expire = true;
            }

+            if (expiration != null && expiration - MIN_EXPIRE_INTERVAL > now)
+                expire = false;
+
            if (expire)
                authState.setNeedsTokenRefresh(true);