From 9f9c2bffa4ff4d18034a97b6735a328fedbf7bfd Mon Sep 17 00:00:00 2001
From: Federica Agostini <federica.agostini@cnaf.infn.it>
Date: Mon, 11 Sep 2023 19:16:44 +0200
Subject: [PATCH] Use default AT/RT lifetime

when a client request trough API does not explicit one
---
 .../api/client/service/ClientConverter.java    | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/client/service/ClientConverter.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/client/service/ClientConverter.java
index aea7903f3..79befce7d 100644
--- a/iam-login-service/src/main/java/it/infn/mw/iam/api/client/service/ClientConverter.java
+++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/client/service/ClientConverter.java
@@ -38,6 +38,7 @@
 import it.infn.mw.iam.api.common.client.RegisteredClientDTO;
 import it.infn.mw.iam.api.common.client.TokenEndpointAuthenticationMethod;
 import it.infn.mw.iam.config.IamProperties;
+import it.infn.mw.iam.config.client_registration.ClientRegistrationProperties;
 
 @Component
 public class ClientConverter {
@@ -46,11 +47,14 @@ public class ClientConverter {
 
   private final String clientRegistrationBaseUrl;
 
+  private final ClientRegistrationProperties clientProperties;
+
   @Autowired
-  public ClientConverter(IamProperties properties) {
+  public ClientConverter(IamProperties properties, ClientRegistrationProperties clientProperties) {
     this.iamProperties = properties;
     clientRegistrationBaseUrl =
         String.format("%s%s", iamProperties.getBaseUrl(), ClientRegistrationApiController.ENDPOINT);
+    this.clientProperties = clientProperties;
   }
 
   private <T> Set<T> cloneSet(Set<T> stringSet) {
@@ -228,12 +232,18 @@ public ClientDetailsEntity entityFromRegistrationRequest(RegisteredClientDTO dto
       client.setCodeChallengeMethod(pkceAlgo);
     }
 
-    if (dto.getAccessTokenValiditySeconds() != null) {
+    if (!isNull(dto.getAccessTokenValiditySeconds())) {
       client.setAccessTokenValiditySeconds(dto.getAccessTokenValiditySeconds());
+    } else {
+      client.setAccessTokenValiditySeconds(
+          clientProperties.getClientDefaults().getDefaultAccessTokenValiditySeconds());
     }
-    
-    if (dto.getRefreshTokenValiditySeconds() != null) {
+
+    if (!isNull(dto.getRefreshTokenValiditySeconds())) {
       client.setRefreshTokenValiditySeconds(dto.getRefreshTokenValiditySeconds());
+    } else {
+      client.setRefreshTokenValiditySeconds(
+          clientProperties.getClientDefaults().getDefaultRefreshTokenValiditySeconds());
     }
 
     return client;