org.springframework.security.oauth2.provider.token.store

Class JwtTokenStore

java.lang.Object

org.springframework.security.oauth2.provider.token.store.JwtTokenStore

All Implemented Interfaces:

TokenStore

public class JwtTokenStore
extends Object
implements TokenStore

A TokenStore implementation that just reads data from the tokens themselves. Not really a store since it never persists anything, and methods like getAccessToken(OAuth2Authentication) always return null. But nevertheless a useful tool since it translates access tokens to and from authentications. Use this wherever a TokenStore is needed, but remember to use the same JwtAccessTokenConverter instance (or one with the same verifier) as was used when the tokens were minted.

Author:

Dave Syer

Constructor Summary

Constructors

Constructor and Description
JwtTokenStore(JwtAccessTokenConverter jwtTokenEnhancer) Create a JwtTokenStore with this token enhancer (should be shared with the DefaultTokenServices if used).

Method Summary

Modifier and Type	Method and Description
Collection<OAuth2AccessToken>	findTokensByClientId(String clientId)
Collection<OAuth2AccessToken>	findTokensByClientIdAndUserName(String clientId, String userName)
OAuth2AccessToken	getAccessToken(OAuth2Authentication authentication) Retrieve an access token stored against the provided authentication key, if it exists.
OAuth2AccessToken	readAccessToken(String tokenValue) Read an access token from the store.
OAuth2Authentication	readAuthentication(OAuth2AccessToken token) Read the authentication stored under the specified token value.
OAuth2Authentication	readAuthentication(String token) Read the authentication stored under the specified token value.
OAuth2Authentication	readAuthenticationForRefreshToken(OAuth2RefreshToken token)
OAuth2RefreshToken	readRefreshToken(String tokenValue) Read a refresh token from the store.
void	removeAccessToken(OAuth2AccessToken token) Remove an access token from the database.
void	removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken) Remove an access token using a refresh token.
void	removeRefreshToken(OAuth2RefreshToken token) Remove a refresh token from the database.
void	setApprovalStore(ApprovalStore approvalStore) ApprovalStore to be used to validate and restrict refresh tokens.
void	setTokenEnhancer(JwtAccessTokenConverter tokenEnhancer)
void	storeAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication) Store an access token.
void	storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authentication authentication) Store the specified refresh token in the database.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JwtTokenStore

public JwtTokenStore(JwtAccessTokenConverter jwtTokenEnhancer)

Create a JwtTokenStore with this token enhancer (should be shared with the DefaultTokenServices if used).

Parameters:

jwtTokenEnhancer -

Method Detail

setApprovalStore

public void setApprovalStore(ApprovalStore approvalStore)

ApprovalStore to be used to validate and restrict refresh tokens.

Parameters:

approvalStore - the approvalStore to set

readAuthentication

public OAuth2Authentication readAuthentication(OAuth2AccessToken token)

Description copied from interface: TokenStore

Read the authentication stored under the specified token value.

Specified by:

readAuthentication in interface TokenStore

Parameters:

token - The token value under which the authentication is stored.

Returns:

The authentication, or null if none.

readAuthentication

public OAuth2Authentication readAuthentication(String token)

Description copied from interface: TokenStore

Read the authentication stored under the specified token value.

Specified by:

readAuthentication in interface TokenStore

Parameters:

token - The token value under which the authentication is stored.

Returns:

The authentication, or null if none.

storeAccessToken

public void storeAccessToken(OAuth2AccessToken token,
                             OAuth2Authentication authentication)

Description copied from interface: TokenStore

Store an access token.

Specified by:

storeAccessToken in interface TokenStore

Parameters:

token - The token to store.

authentication - The authentication associated with the token.

readAccessToken

public OAuth2AccessToken readAccessToken(String tokenValue)

Description copied from interface: TokenStore

Read an access token from the store.

Specified by:

readAccessToken in interface TokenStore

Parameters:

tokenValue - The token value.

Returns:

The access token to read.

removeAccessToken

public void removeAccessToken(OAuth2AccessToken token)

Description copied from interface: TokenStore

Remove an access token from the database.

Specified by:

removeAccessToken in interface TokenStore

Parameters:

token - The token to remove from the database.

storeRefreshToken

public void storeRefreshToken(OAuth2RefreshToken refreshToken,
                              OAuth2Authentication authentication)

Description copied from interface: TokenStore

Store the specified refresh token in the database.

Specified by:

storeRefreshToken in interface TokenStore

Parameters:

refreshToken - The refresh token to store.

authentication - The authentication associated with the refresh token.

readRefreshToken

public OAuth2RefreshToken readRefreshToken(String tokenValue)

Description copied from interface: TokenStore

Read a refresh token from the store.

Specified by:

readRefreshToken in interface TokenStore

Parameters:

tokenValue - The value of the token to read.

Returns:

The token.

readAuthenticationForRefreshToken

public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token)

Specified by:

readAuthenticationForRefreshToken in interface TokenStore

Parameters:

token - a refresh token

Returns:

the authentication originally used to grant the refresh token

removeRefreshToken

public void removeRefreshToken(OAuth2RefreshToken token)

Description copied from interface: TokenStore

Remove a refresh token from the database.

Specified by:

removeRefreshToken in interface TokenStore

Parameters:

token - The token to remove from the database.

removeAccessTokenUsingRefreshToken

public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken)

Description copied from interface: TokenStore

Remove an access token using a refresh token. This functionality is necessary so refresh tokens can't be used to create an unlimited number of access tokens.

Specified by:

removeAccessTokenUsingRefreshToken in interface TokenStore

Parameters:

refreshToken - The refresh token.

getAccessToken

public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication)

Description copied from interface: TokenStore

Retrieve an access token stored against the provided authentication key, if it exists.

Specified by:

getAccessToken in interface TokenStore

Parameters:

authentication - the authentication key for the access token

Returns:

the access token or null if there was none

findTokensByClientIdAndUserName

public Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String clientId,
                                                                     String userName)

Specified by:

findTokensByClientIdAndUserName in interface TokenStore

Parameters:

clientId - the client id to search

userName - the user name to search

Returns:

a collection of access tokens

findTokensByClientId

public Collection<OAuth2AccessToken> findTokensByClientId(String clientId)

Specified by:

findTokensByClientId in interface TokenStore

Parameters:

clientId - the client id to search

Returns:

a collection of access tokens

setTokenEnhancer

public void setTokenEnhancer(JwtAccessTokenConverter tokenEnhancer)