Configurable Session Token Duration

[nathandines]

Based off of #43, but attempts to address the changes requested by @andresrc at #43 (review)

[nathandines]

Ping @andresrc

Any feedback on this? Hoping to get it through soon if we can

[nathandines]

@andresrc I've made some changes, and rebased against master to bring the parent pom forward (I didn't realise the branch was so far behind!) which I think might be better.

I did keep getting cannot find symbol when trying to use edu.umd.cs.findbugs.annotations.Nonnull. Is it a problem to use javax.annotation.Nonnull, or were you just referring to CheckForNull?

EDIT: Never mind... edu.umd.cs.findbugs.annotations.NonNull is pascal case, as opposed to javax.annotation.Nonnull. Let me know if you think the changes I've made should be acceptable.

[andresrc]

Thanks for addressing the feedback! Just a couple of additional comments.

[andresrc]

With this logic you can relax the @NonNull condition, which is only used by static analysis and cannot be enforced by Jelly and write:

this.stsTokenDuration = stsTokenDuration == null || stsTokenDuration.equals(DescriptorImpl.defaultStsTokenDuration) ? null : stsTokenDuration;

[nathandines]

Thanks for the feedback. I've added the improvements for how the method handles null values now

[andresrc]

Do we need another constant here? If it is to reference it from Jelly, ${it.STS_CREDENTIALS_DURATION_SECONDS} should do the trick. Anyway by convention, constants should be all uppercase.

[nathandines]

I kept the original constant for backwards compatibility, as it was public. I tried incorporating your suggestion, but could not access STS_CREDENTIALS_DURATION_SECONDS from Jelly using the it syntax, so at the moment, I've kept it as it was, but changed the casing. Please let me know if this would be okay.

[nathandines]

@andresrc I've made some changes. Awaiting feedback

[andresrc]

Thanks for changes, just one more thing.

[andresrc]

No need to change the type here, as it will be boxed when needed. Besides, I'm not sure if it would be backwards compatible. Better to revert this change.

[nathandines]

Ah, I changed type because I was getting boxing then unboxing compilation errors with the new setStsTokenDuration logic

[nathandines]

I’ll see what I can do to revert it when I get back to a computer

[andresrc]

Worst case:

this.stsTokenDuration = stsTokenDuration == null || stsTokenDuration.intValue() == STS_CREDENTIALS_DURATION_SECONDS ? null : stsTokenDuration;

[nathandines]

@andresrc I kept hitting boxing and unboxing errors, so I've reverted to accessing the variable through DescriptorImpl. I think this is cleaner than having .intValue() all over the place, or boxing the constant in the set and get methods