org.springframework.security.oauth2.provider.token
Interface AuthorizationServerTokenServices

All Known Implementing Classes:
DefaultTokenServices

public interface AuthorizationServerTokenServices

Author:
Ryan Heaton, Dave Syer

Method Summary
 OAuth2AccessToken createAccessToken(OAuth2Authentication authentication)
          Create an access token associated with the specified credentials.
 OAuth2AccessToken getAccessToken(OAuth2Authentication authentication)
          Retrieve an access token stored against the provided authentication key, if it exists.
 OAuth2AccessToken refreshAccessToken(String refreshToken, AuthorizationRequest request)
          Refresh an access token.
 

Method Detail

createAccessToken

OAuth2AccessToken createAccessToken(OAuth2Authentication authentication)
                                    throws org.springframework.security.core.AuthenticationException
Create an access token associated with the specified credentials.

Parameters:
authentication - The credentials associated with the access token.
Returns:
The access token.
Throws:
org.springframework.security.core.AuthenticationException - If the credentials are inadequate.

refreshAccessToken

OAuth2AccessToken refreshAccessToken(String refreshToken,
                                     AuthorizationRequest request)
                                     throws org.springframework.security.core.AuthenticationException
Refresh an access token. The authorization request should be used for 2 things (at least): to validate that the client id of the original access token is the same as the one requesting the refresh, and to narrow the scopes (if provided).

Parameters:
refreshToken - The details about the refresh token.
request - The incoming authorization request.
Returns:
The (new) access token.
Throws:
org.springframework.security.core.AuthenticationException - If the refresh token is invalid or expired.

getAccessToken

OAuth2AccessToken getAccessToken(OAuth2Authentication authentication)
Retrieve an access token stored against the provided authentication key, if it exists.

Parameters:
authentication - the authentication key for the access token
Returns:
the access token or null if there was none


Copyright © 2012. All Rights Reserved.