AccountManger fixed to verify refreshtoken

Change-Id: I7e88b61d61c08be8e777e19cbe736524499af42c
Signed-off-by: yeonghun.nam <yeonghun.nam@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/10255
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Eunok Shin <eunok.shin@samsung.com>
Reviewed-by: Glen Youngjin Kim <glen.kim@samsung.com>
Reviewed-by: Jee Hyeok Kim <jihyeok13.kim@samsung.com>

diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountManager.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountManager.java
index 24d31c9..ee127ac 100644 (file)
--- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountManager.java
+++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountManager.java
@@ -302,24 +302,35 @@ public class AccountManager {
 
     private boolean verifyToken(TokenTable tokenInfo, String accessToken) {
 
-        if (checkTokenInDB(tokenInfo, accessToken)) {
-            if (tokenInfo.getExpiredtime() == Constants.TOKEN_INFINITE) {
-                return true;
-            }
-            if (checkExpiredTime(tokenInfo)) {
-                return true;
-            }
+        if (!checkAccessTokenInDB(tokenInfo, accessToken)) {
+            return false;
         }
-        return false;
+
+        if (tokenInfo.getExpiredtime() != Constants.TOKEN_INFINITE
+                && !checkExpiredTime(tokenInfo)) {
+            return false;
+        }
+
+        return true;
     }
 
-    private boolean checkTokenInDB(TokenTable tokenInfo, String token) {
+    private boolean checkRefreshTokenInDB(TokenTable tokenInfo, String token) {
+        if (tokenInfo.getRefreshtoken() == null) {
+            Log.w("Refreshtoken doesn't exist");
+            return false;
+        } else if (!tokenInfo.getRefreshtoken().equals(token)) {
+            Log.w("Refreshtoken is not correct");
+            return false;
+        }
+        return true;
+    }
 
+    private boolean checkAccessTokenInDB(TokenTable tokenInfo, String token) {
         if (tokenInfo.getAccesstoken() == null) {
-            Log.w("token doesn't exist");
+            Log.w("AccessToken doesn't exist");
             return false;
         } else if (!tokenInfo.getAccesstoken().equals(token)) {
-            Log.w("token is not correct");
+            Log.w("AccessToken is not correct");
             return false;
         }
         return true;
@@ -378,7 +389,7 @@ public class AccountManager {
 
         TokenTable oldTokenInfo = castMapToTokenTable(record);
 
-        if (!checkTokenInDB(oldTokenInfo, refreshToken)) {
+        if (!checkRefreshTokenInDB(oldTokenInfo, refreshToken)) {
             throw new NotFoundException("refresh token is not correct");
         }
         // call 3rd party refresh token method