1 package org.springframework.security.oauth2.provider.token;
2
3 import java.util.Collection;
4
5 import org.springframework.security.oauth2.common.OAuth2AccessToken;
6 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
7 import org.springframework.security.oauth2.provider.OAuth2Authentication;
8
9 /**
10 * Persistence interface for OAuth2 tokens.
11 */
12 public interface TokenStore {
13
14 /**
15 * Read the authentication stored under the specified token value.
16 *
17 * @param token The token value under which the authentication is stored.
18 * @return The authentication, or null if none.
19 */
20 OAuth2Authentication readAuthentication(OAuth2AccessToken token);
21
22 /**
23 * Read the authentication stored under the specified token value.
24 *
25 * @param token The token value under which the authentication is stored.
26 * @return The authentication, or null if none.
27 */
28 OAuth2Authentication readAuthentication(String token);
29
30 /**
31 * Store an access token.
32 *
33 * @param token The token to store.
34 * @param authentication The authentication associated with the token.
35 */
36 void storeAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication);
37
38 /**
39 * Read an access token from the store.
40 *
41 * @param tokenValue The token value.
42 * @return The access token to read.
43 */
44 OAuth2AccessToken readAccessToken(String tokenValue);
45
46 /**
47 * Remove an access token from the store.
48 *
49 * @param token The token to remove from the store.
50 */
51 void removeAccessToken(OAuth2AccessToken token);
52
53 /**
54 * Store the specified refresh token in the store.
55 *
56 * @param refreshToken The refresh token to store.
57 * @param authentication The authentication associated with the refresh token.
58 */
59 void storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authentication authentication);
60
61 /**
62 * Read a refresh token from the store.
63 *
64 * @param tokenValue The value of the token to read.
65 * @return The token.
66 */
67 OAuth2RefreshToken readRefreshToken(String tokenValue);
68
69 /**
70 * @param token a refresh token
71 * @return the authentication originally used to grant the refresh token
72 */
73 OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token);
74
75 /**
76 * Remove a refresh token from the store.
77 *
78 * @param token The token to remove from the store.
79 */
80 void removeRefreshToken(OAuth2RefreshToken token);
81
82 /**
83 * Remove an access token using a refresh token. This functionality is necessary so refresh tokens can't be used to
84 * create an unlimited number of access tokens.
85 *
86 * @param refreshToken The refresh token.
87 */
88 void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken);
89
90 /**
91 * Retrieve an access token stored against the provided authentication key, if it exists.
92 *
93 * @param authentication the authentication key for the access token
94 *
95 * @return the access token or null if there was none
96 */
97 OAuth2AccessToken getAccessToken(OAuth2Authentication authentication);
98
99 /**
100 * @param clientId the client id to search
101 * @param userName the user name to search
102 * @return a collection of access tokens
103 */
104 Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String clientId, String userName);
105
106 /**
107 * @param clientId the client id to search
108 * @return a collection of access tokens
109 */
110 Collection<OAuth2AccessToken> findTokensByClientId(String clientId);
111
112 }