Example usage for org.springframework.security.oauth2.common DefaultOAuth2RefreshToken DefaultOAuth2RefreshToken

List of usage examples for org.springframework.security.oauth2.common DefaultOAuth2RefreshToken DefaultOAuth2RefreshToken

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.oauth2.common.*
  5. DefaultOAuth2RefreshToken
  6. DefaultOAuth2RefreshToken

Introduction

In this page you can find the example usage for org.springframework.security.oauth2.common DefaultOAuth2RefreshToken DefaultOAuth2RefreshToken.

Prototype

@JsonCreator
public DefaultOAuth2RefreshToken(String value)

Source Link

Document

Create a new refresh token.

Usage

From source file:org.cloudfoundry.identity.uaa.oauth.token.UaaTokenServices.java

private OAuth2AccessToken createAccessToken(String userId, String username, String userEmail,
        int validitySeconds, Collection<GrantedAuthority> clientScopes, Set<String> requestedScopes,
        String clientId, Set<String> resourceIds, String grantType, String refreshToken,
        Map<String, String> additionalAuthorizationAttributes, Set<String> responseTypes)
        throws AuthenticationException {
    String tokenId = UUID.randomUUID().toString();
    OpenIdToken accessToken = new OpenIdToken(tokenId);
    if (validitySeconds > 0) {
        accessToken.setExpiration(new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
    }//  www . j  a va 2 s . c  om
    accessToken.setRefreshToken(refreshToken == null ? null : new DefaultOAuth2RefreshToken(refreshToken));

    if (null == requestedScopes || requestedScopes.size() == 0) {
        logger.debug("No scopes were granted");
        throw new InvalidTokenException("No scopes were granted");
    }

    accessToken.setScope(requestedScopes);

    Map<String, Object> info = new HashMap<String, Object>();
    info.put(JTI, accessToken.getValue());
    if (null != additionalAuthorizationAttributes) {
        info.put(ADDITIONAL_AZ_ATTR, additionalAuthorizationAttributes);
    }
    accessToken.setAdditionalInformation(info);

    String content;
    try {
        content = mapper.writeValueAsString(createJWTAccessToken(accessToken, userId, username, userEmail,
                clientScopes, requestedScopes, clientId, resourceIds, grantType, refreshToken));
    } catch (Exception e) {
        throw new IllegalStateException("Cannot convert access token to JSON", e);
    }
    String token = JwtHelper.encode(content, signerProvider.getSigner()).getEncoded();

    // This setter copies the value and returns. Don't change.
    accessToken.setValue(token);
    populateIdToken(accessToken, requestedScopes, responseTypes);
    publish(new TokenIssuedEvent(accessToken, SecurityContextHolder.getContext().getAuthentication()));

    return accessToken;
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServices.java

private CompositeAccessToken createAccessToken(String tokenId, String userId, UaaUser user,
        Date userAuthenticationTime, int validitySeconds, Collection<GrantedAuthority> clientScopes,
        Set<String> requestedScopes, String clientId, Set<String> resourceIds, String grantType,
        String refreshToken, String nonce, Map<String, String> additionalAuthorizationAttributes,
        Map<String, String> externalAttributes, Set<String> responseTypes, String revocableHashSignature,
        boolean forceIdTokenCreation, Set<String> externalGroupsForIdToken,
        Map<String, List<String>> userAttributesForIdToken, boolean revocable,
        Set<String> authenticationMethods, Set<String> authNContextClassRef) throws AuthenticationException {
    CompositeAccessToken accessToken = new CompositeAccessToken(tokenId);
    accessToken.setExpiration(new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
    accessToken.setRefreshToken(refreshToken == null ? null : new DefaultOAuth2RefreshToken(refreshToken));

    if (null == requestedScopes || requestedScopes.size() == 0) {
        logger.debug("No scopes were granted");
        throw new InvalidTokenException("No scopes were granted");
    }/*w ww.  jav a  2 s.  c om*/

    accessToken.setScope(requestedScopes);

    Map<String, Object> info = new HashMap<String, Object>();
    info.put(JTI, accessToken.getValue());
    if (null != additionalAuthorizationAttributes) {
        info.put(ADDITIONAL_AZ_ATTR, additionalAuthorizationAttributes);
    }
    if (null != externalAttributes) {
        info.put(EXTERNAL_ATTR, externalAttributes);
    }
    if (nonce != null) {
        info.put(NONCE, nonce);
    }
    accessToken.setAdditionalInformation(info);

    String content;
    Map<String, ?> jwtAccessToken = createJWTAccessToken(accessToken, userId, user, userAuthenticationTime,
            clientScopes, requestedScopes, clientId, resourceIds, grantType, refreshToken,
            revocableHashSignature, revocable);
    try {
        content = JsonUtils.writeValueAsString(jwtAccessToken);
    } catch (JsonUtils.JsonUtilException e) {
        throw new IllegalStateException("Cannot convert access token to JSON", e);
    }
    String token = JwtHelper.encode(content, KeyInfo.getActiveKey().getSigner()).getEncoded();
    // This setter copies the value and returns. Don't change.
    accessToken.setValue(token);
    populateIdToken(accessToken, jwtAccessToken, requestedScopes, responseTypes, clientId, forceIdTokenCreation,
            externalGroupsForIdToken, user, userAttributesForIdToken, authenticationMethods,
            authNContextClassRef);
    publish(new TokenIssuedEvent(accessToken, SecurityContextHolder.getContext().getAuthentication()));

    return accessToken;
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServices.java

public CompositeAccessToken persistRevocableToken(String tokenId, String refreshTokenId,
        CompositeAccessToken token, OAuth2RefreshToken refreshToken, String clientId, String userId,
        boolean opaque, boolean revocable) {
    String scope = token.getScope().toString();
    if (StringUtils.hasText(scope) && scope.length() > 1000) {
        scope = scope.substring(0, 1000);
    }/*from w w w .j a  v  a 2 s .  c om*/

    long now = System.currentTimeMillis();
    if (revocable) {
        RevocableToken revocableAccessToken = new RevocableToken().setTokenId(tokenId).setClientId(clientId)
                .setExpiresAt(token.getExpiration().getTime()).setIssuedAt(now)
                .setFormat(opaque ? OPAQUE.name() : JWT.name())
                .setResponseType(RevocableToken.TokenType.ACCESS_TOKEN)
                .setZoneId(IdentityZoneHolder.get().getId()).setUserId(userId).setScope(scope)
                .setValue(token.getValue());
        try {
            tokenProvisioning.create(revocableAccessToken);
        } catch (DuplicateKeyException updateInstead) {
            //TODO this is an uninteded side effect of reusing access token IDs
            tokenProvisioning.update(tokenId, revocableAccessToken);
        }
    }

    boolean refreshTokenOpaque = opaque || TokenConstants.TokenFormat.OPAQUE.getStringValue()
            .equals(IdentityZoneHolder.get().getConfig().getTokenPolicy().getRefreshTokenFormat());
    boolean refreshTokenRevocable = refreshTokenOpaque
            || IdentityZoneHolder.get().getConfig().getTokenPolicy().isJwtRevocable();
    boolean refreshTokenUnique = IdentityZoneHolder.get().getConfig().getTokenPolicy().isRefreshTokenUnique();
    if (refreshToken != null && refreshTokenRevocable) {
        RevocableToken revocableRefreshToken = new RevocableToken().setTokenId(refreshTokenId)
                .setClientId(clientId)
                .setExpiresAt(((ExpiringOAuth2RefreshToken) refreshToken).getExpiration().getTime())
                .setIssuedAt(now).setFormat(refreshTokenOpaque ? OPAQUE.name() : JWT.name())
                .setResponseType(RevocableToken.TokenType.REFRESH_TOKEN)
                .setZoneId(IdentityZoneHolder.get().getId()).setUserId(userId).setScope(scope)
                .setValue(refreshToken.getValue());
        try {
            if (refreshTokenUnique) {
                tokenProvisioning.deleteRefreshTokensForClientAndUserId(clientId, userId);
            }
            tokenProvisioning.create(revocableRefreshToken);
        } catch (DuplicateKeyException ignore) {
            //no need to store refresh tokens again
        }
    }

    CompositeAccessToken result = new CompositeAccessToken(opaque ? tokenId : token.getValue());
    result.setIdTokenValue(token.getIdTokenValue());
    result.setExpiration(token.getExpiration());
    result.setAdditionalInformation(token.getAdditionalInformation());
    result.setScope(token.getScope());
    result.setTokenType(token.getTokenType());
    result.setRefreshToken(refreshToken == null ? null
            : new DefaultOAuth2RefreshToken(refreshTokenOpaque ? refreshTokenId : refreshToken.getValue()));
    return result;
}

From source file:org.orcid.core.oauth.service.OrcidTokenStoreServiceImpl.java

private OAuth2AccessToken getOauth2AccessTokenFromDetails(OrcidOauth2TokenDetail detail) {
    DefaultOAuth2AccessToken token = null;
    if (detail != null && StringUtils.isNotBlank(detail.getTokenValue())) {
        token = new DefaultOAuth2AccessToken(detail.getTokenValue());
        token.setExpiration(detail.getTokenExpiration());
        token.setScope(OAuth2Utils.parseParameterList(detail.getScope()));
        token.setTokenType(detail.getTokenType());
        String refreshToken = detail.getRefreshTokenValue();
        OAuth2RefreshToken rt;/*from  ww w . ja v  a  2 s . com*/
        if (StringUtils.isNotBlank(refreshToken)) {
            if (detail.getRefreshTokenExpiration() != null) {
                rt = new DefaultExpiringOAuth2RefreshToken(detail.getRefreshTokenValue(),
                        detail.getRefreshTokenExpiration());
            } else {
                rt = new DefaultOAuth2RefreshToken(detail.getRefreshTokenValue());
            }
            token.setRefreshToken(rt);
        }
        ProfileEntity profile = detail.getProfile();
        if (profile != null) {
            Map<String, Object> additionalInfo = new HashMap<String, Object>();
            additionalInfo.put(OrcidOauth2Constants.ORCID, profile.getId());
            additionalInfo.put(OrcidOauth2Constants.PERSISTENT, detail.isPersistent());
            additionalInfo.put(OrcidOauth2Constants.DATE_CREATED, detail.getDateCreated());
            additionalInfo.put(OrcidOauth2Constants.TOKEN_VERSION, detail.getVersion());
            token.setAdditionalInformation(additionalInfo);
        }

        String clientId = detail.getClientDetailsId();
        if (!PojoUtil.isEmpty(clientId)) {
            Map<String, Object> additionalInfo = new HashMap<String, Object>();
            Map<String, Object> additionalInfoInToken = token.getAdditionalInformation();
            if (additionalInfoInToken != null && !additionalInfoInToken.isEmpty()) {
                additionalInfo.putAll(additionalInfoInToken);
            }
            // Copy to a new one to avoid unmodifiable  
            additionalInfo.put(OrcidOauth2Constants.CLIENT_ID, clientId);
            token.setAdditionalInformation(additionalInfo);
        }
    }

    return token;
}

From source file:org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter.java

public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
    DefaultOAuth2AccessToken result = new DefaultOAuth2AccessToken(accessToken);
    Map<String, Object> info = new LinkedHashMap<String, Object>(accessToken.getAdditionalInformation());
    String tokenId = result.getValue();
    if (!info.containsKey(TOKEN_ID)) {
        info.put(TOKEN_ID, tokenId);//from  w w w. ja  v  a2  s. c  om
    }
    result.setAdditionalInformation(info);
    result.setValue(encode(result, authentication));
    OAuth2RefreshToken refreshToken = result.getRefreshToken();
    if (refreshToken != null) {
        DefaultOAuth2AccessToken encodedRefreshToken = new DefaultOAuth2AccessToken(accessToken);
        DefaultOAuth2RefreshToken token = new DefaultOAuth2RefreshToken(
                encode(encodedRefreshToken, authentication));
        if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
            Date expiration = ((ExpiringOAuth2RefreshToken) refreshToken).getExpiration();
            encodedRefreshToken.setExpiration(expiration);
            token = new DefaultExpiringOAuth2RefreshToken(encode(encodedRefreshToken, authentication),
                    expiration);
        }
        result.setRefreshToken(token);
    }
    return result;
}