Class TokenSettings
java.lang.Object
org.springframework.security.oauth2.server.authorization.settings.AbstractSettings
org.springframework.security.oauth2.server.authorization.settings.TokenSettings
- All Implemented Interfaces:
Serializable
A facility for token configuration settings.
- Since:
- 0.0.2
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class org.springframework.security.oauth2.server.authorization.settings.AbstractSettings
AbstractSettings.AbstractBuilder<T extends AbstractSettings,
B extends AbstractSettings.AbstractBuilder<T, B>> -
Method Summary
Modifier and TypeMethodDescriptionstatic TokenSettings.Builder
builder()
Constructs a newTokenSettings.Builder
with the default settings.Returns the token format for an access token.Returns the time-to-live for an access token.Returns the time-to-live for an authorization code.Returns the time-to-live for a device code.org.springframework.security.oauth2.jose.jws.SignatureAlgorithm
Returns theJWS
algorithm for signing theID Token
.Returns the time-to-live for a refresh token.boolean
Returnstrue
if refresh tokens are reused when returning the access token response, orfalse
if a new refresh token is issued.boolean
Returnstrue
if access tokens must be bound to the clientX509Certificate
received during client authentication when using thetls_client_auth
orself_signed_tls_client_auth
method.static TokenSettings.Builder
withSettings
(Map<String, Object> settings) Constructs a newTokenSettings.Builder
with the provided settings.Methods inherited from class org.springframework.security.oauth2.server.authorization.settings.AbstractSettings
equals, getSetting, getSettings, hashCode, toString
-
Method Details
-
getAuthorizationCodeTimeToLive
Returns the time-to-live for an authorization code. The default is 5 minutes.- Returns:
- the time-to-live for an authorization code
- Since:
- 0.4.0
-
getAccessTokenTimeToLive
Returns the time-to-live for an access token. The default is 5 minutes.- Returns:
- the time-to-live for an access token
-
getAccessTokenFormat
Returns the token format for an access token. The default isOAuth2TokenFormat.SELF_CONTAINED
.- Returns:
- the token format for an access token
- Since:
- 0.2.3
-
getDeviceCodeTimeToLive
Returns the time-to-live for a device code. The default is 5 minutes.- Returns:
- the time-to-live for a device code
- Since:
- 1.1
-
isReuseRefreshTokens
public boolean isReuseRefreshTokens()Returnstrue
if refresh tokens are reused when returning the access token response, orfalse
if a new refresh token is issued. The default istrue
.- Returns:
true
if refresh tokens are reused when returning the access token response,false
otherwise
-
getRefreshTokenTimeToLive
Returns the time-to-live for a refresh token. The default is 60 minutes.- Returns:
- the time-to-live for a refresh token
-
getIdTokenSignatureAlgorithm
public org.springframework.security.oauth2.jose.jws.SignatureAlgorithm getIdTokenSignatureAlgorithm()Returns theJWS
algorithm for signing theID Token
. The default isRS256
.- Returns:
- the
JWS
algorithm for signing theID Token
-
isX509CertificateBoundAccessTokens
public boolean isX509CertificateBoundAccessTokens()Returnstrue
if access tokens must be bound to the clientX509Certificate
received during client authentication when using thetls_client_auth
orself_signed_tls_client_auth
method. The default isfalse
.- Returns:
true
if access tokens must be bound to the clientX509Certificate
,false
otherwise- Since:
- 1.3
-
builder
Constructs a newTokenSettings.Builder
with the default settings.- Returns:
- the
TokenSettings.Builder
-
withSettings
Constructs a newTokenSettings.Builder
with the provided settings.- Parameters:
settings
- the settings to initialize the builder- Returns:
- the
TokenSettings.Builder
-