Package org.springframework.security.oauth2.server.authorization.settings

Class TokenSettings.Builder

java.lang.Object

org.springframework.security.oauth2.server.authorization.settings.AbstractSettings.AbstractBuilder<TokenSettings,TokenSettings.Builder>

org.springframework.security.oauth2.server.authorization.settings.TokenSettings.Builder

Enclosing class:

TokenSettings

public static final class TokenSettings.Builder
extends AbstractSettings.AbstractBuilder<TokenSettings,TokenSettings.Builder>

A builder for TokenSettings.

Method Summary

Modifier and Type	Method	Description
TokenSettings.Builder	accessTokenFormat(OAuth2TokenFormat accessTokenFormat)	Set the token format for an access token.
TokenSettings.Builder	accessTokenTimeToLive(Duration accessTokenTimeToLive)	Set the time-to-live for an access token.
TokenSettings.Builder	authorizationCodeTimeToLive(Duration authorizationCodeTimeToLive)	Set the time-to-live for an authorization code.
TokenSettings	build()	Builds the TokenSettings.
TokenSettings.Builder	deviceCodeTimeToLive(Duration deviceCodeTimeToLive)	Set the time-to-live for a device code.
TokenSettings.Builder	idTokenSignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm idTokenSignatureAlgorithm)	Sets the JWS algorithm for signing the ID Token.
TokenSettings.Builder	refreshTokenTimeToLive(Duration refreshTokenTimeToLive)	Set the time-to-live for a refresh token.
TokenSettings.Builder	reuseRefreshTokens(boolean reuseRefreshTokens)	Set to true if refresh tokens are reused when returning the access token response, or false if a new refresh token is issued.
TokenSettings.Builder	x509CertificateBoundAccessTokens(boolean x509CertificateBoundAccessTokens)	Set to true if access tokens must be bound to the client X509Certificate received during client authentication when using the tls_client_auth or self_signed_tls_client_auth method.

Methods inherited from class org.springframework.security.oauth2.server.authorization.settings.AbstractSettings.AbstractBuilder

getSettings, getThis, setting, settings

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

authorizationCodeTimeToLive

public TokenSettings.Builder authorizationCodeTimeToLive(Duration authorizationCodeTimeToLive)

Set the time-to-live for an authorization code. Must be greater than Duration.ZERO. A maximum authorization code lifetime of 10 minutes is RECOMMENDED.

Parameters:

authorizationCodeTimeToLive - the time-to-live for an authorization code

Returns:

the TokenSettings.Builder for further configuration

Since:

0.4.0

accessTokenTimeToLive

public TokenSettings.Builder accessTokenTimeToLive(Duration accessTokenTimeToLive)

Set the time-to-live for an access token. Must be greater than Duration.ZERO.

Parameters:

accessTokenTimeToLive - the time-to-live for an access token

Returns:

the TokenSettings.Builder for further configuration

accessTokenFormat

public TokenSettings.Builder accessTokenFormat(OAuth2TokenFormat accessTokenFormat)

Set the token format for an access token.

Parameters:

accessTokenFormat - the token format for an access token

Returns:

the TokenSettings.Builder for further configuration

Since:

0.2.3

deviceCodeTimeToLive

public TokenSettings.Builder deviceCodeTimeToLive(Duration deviceCodeTimeToLive)

Set the time-to-live for a device code. Must be greater than Duration.ZERO.

Parameters:

deviceCodeTimeToLive - the time-to-live for a device code

Returns:

the TokenSettings.Builder for further configuration

Since:

1.1

reuseRefreshTokens

public TokenSettings.Builder reuseRefreshTokens(boolean reuseRefreshTokens)

Set to true if refresh tokens are reused when returning the access token response, or false if a new refresh token is issued.

Parameters:

reuseRefreshTokens - true to reuse refresh tokens, false to issue new refresh tokens

Returns:

the TokenSettings.Builder for further configuration

refreshTokenTimeToLive

public TokenSettings.Builder refreshTokenTimeToLive(Duration refreshTokenTimeToLive)

Set the time-to-live for a refresh token. Must be greater than Duration.ZERO.

Parameters:

refreshTokenTimeToLive - the time-to-live for a refresh token

Returns:

the TokenSettings.Builder for further configuration

idTokenSignatureAlgorithm

public TokenSettings.Builder idTokenSignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm idTokenSignatureAlgorithm)

Sets the JWS algorithm for signing the ID Token.

Parameters:

idTokenSignatureAlgorithm - the JWS algorithm for signing the ID Token

Returns:

the TokenSettings.Builder for further configuration

x509CertificateBoundAccessTokens

public TokenSettings.Builder x509CertificateBoundAccessTokens(boolean x509CertificateBoundAccessTokens)

Set to true if access tokens must be bound to the client X509Certificate received during client authentication when using the tls_client_auth or self_signed_tls_client_auth method.

Parameters:

x509CertificateBoundAccessTokens - true if access tokens must be bound to the client X509Certificate, false otherwise

Returns:

the TokenSettings.Builder for further configuration

Since:

1.3

build

public TokenSettings build()

Builds the TokenSettings.

Specified by:

build in class AbstractSettings.AbstractBuilder<TokenSettings,TokenSettings.Builder>

Returns:

the TokenSettings