From 6696fc52f5541591d053f5514822181caffe193e Mon Sep 17 00:00:00 2001
From: lixingjia <lixingjia@bigai.ai>
Date: Mon, 14 Oct 2024 19:42:02 +0800
Subject: [PATCH] bugfix: resolve issue in Raft model where follower crashes
 could lead client to continued use of expired tokens

---
 changes/en-us/2.x.md                                            | 1 +
 changes/zh-cn/2.x.md                                            | 1 +
 .../seata/discovery/registry/raft/RaftRegistryServiceImpl.java  | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/changes/en-us/2.x.md b/changes/en-us/2.x.md
index f33315450e4..fc1a1f60783 100644
--- a/changes/en-us/2.x.md
+++ b/changes/en-us/2.x.md
@@ -12,6 +12,7 @@ Add changes here for all PR submitted to the 2.x branch.
 - [[#6899](https://github.com/apache/incubator-seata/pull/6899)] fix file.conf read failed after package
 - [[#6890](https://github.com/apache/incubator-seata/pull/6890)] fix designerJson to standardJson: subStateMachine compensateState cannot be recognized
 - [[#6907](https://github.com/apache/incubator-seata/pull/6907)] fix the issue of Codecov not generating reports
+- [[#6925](https://github.com/apache/incubator-seata/pull/6925)] fix the issue in Raft model a follower's crash may lead to the continued use of expired tokens
 
 ### optimize:
 - [[#6826](https://github.com/apache/incubator-seata/pull/6826)] remove the branch registration operation of the XA read-only transaction
diff --git a/changes/zh-cn/2.x.md b/changes/zh-cn/2.x.md
index a99f7c3e6f9..005f7f44f98 100644
--- a/changes/zh-cn/2.x.md
+++ b/changes/zh-cn/2.x.md
@@ -12,6 +12,7 @@
 - [[#6899](https://github.com/apache/incubator-seata/pull/6899)] 修复file.conf打包后的读取
 - [[#6890](https://github.com/apache/incubator-seata/pull/6890)] 修复saga设计json转标准json过程中: 子状态机补偿节点无法被识别
 - [[#6907](https://github.com/apache/incubator-seata/pull/6907)] 修复Codecov未生成报告的问题
+- [[#6925](https://github.com/apache/incubator-seata/pull/6925)] 修复Raft模式下，Follower崩溃可能导致Client继续使用过期令牌的问题
 
 ### optimize:
 - [[#6826](https://github.com/apache/incubator-seata/pull/6826)] 移除只读XA事务的分支注册操作
diff --git a/discovery/seata-discovery-raft/src/main/java/org/apache/seata/discovery/registry/raft/RaftRegistryServiceImpl.java b/discovery/seata-discovery-raft/src/main/java/org/apache/seata/discovery/registry/raft/RaftRegistryServiceImpl.java
index f52464ef4ae..b5a28967ec4 100644
--- a/discovery/seata-discovery-raft/src/main/java/org/apache/seata/discovery/registry/raft/RaftRegistryServiceImpl.java
+++ b/discovery/seata-discovery-raft/src/main/java/org/apache/seata/discovery/registry/raft/RaftRegistryServiceImpl.java
@@ -414,7 +414,6 @@ private static void refreshToken(String tcAddress) throws RetryableException {
         Map<String, String> header = new HashMap<>();
         header.put(HTTP.CONTENT_TYPE, ContentType.APPLICATION_JSON.getMimeType());
         String response = null;
-        tokenTimeStamp = System.currentTimeMillis();
         try (CloseableHttpResponse httpResponse =
             HttpClientUtil.doPost("http://" + tcAddress + "/api/v1/auth/login", param, header, 1000)) {
             if (httpResponse != null) {
@@ -427,6 +426,7 @@ private static void refreshToken(String tcAddress) throws RetryableException {
                         throw new AuthenticationFailedException("Authentication failed! you should configure the correct username and password.");
                     }
                     jwtToken = jsonNode.get("data").asText();
+                    tokenTimeStamp = System.currentTimeMillis();
                 } else {
                     //authorized failed,throw exception to kill process
                     throw new AuthenticationFailedException("Authentication failed! you should configure the correct username and password.");