public class JwtTokenStore extends Object implements TokenStore
TokenStore
implementation that just reads data from the tokens themselves. Not really a store since it
never persists anything, and methods like getAccessToken(OAuth2Authentication)
always return null. But
nevertheless a useful tool since it translates access tokens to and from authentications. Use this wherever a
TokenStore
is needed, but remember to use the same JwtAccessTokenConverter
instance (or one with the same
verifier) as was used when the tokens were minted.Constructor and Description |
---|
JwtTokenStore(JwtAccessTokenConverter jwtTokenEnhancer)
Create a JwtTokenStore with this token enhancer (should be shared with the DefaultTokenServices if used).
|
Modifier and Type | Method and Description |
---|---|
Collection<OAuth2AccessToken> |
findTokensByClientId(String clientId) |
Collection<OAuth2AccessToken> |
findTokensByClientIdAndUserName(String clientId,
String userName) |
OAuth2AccessToken |
getAccessToken(OAuth2Authentication authentication)
Retrieve an access token stored against the provided authentication key, if it exists.
|
OAuth2AccessToken |
readAccessToken(String tokenValue)
Read an access token from the store.
|
OAuth2Authentication |
readAuthentication(OAuth2AccessToken token)
Read the authentication stored under the specified token value.
|
OAuth2Authentication |
readAuthentication(String token)
Read the authentication stored under the specified token value.
|
OAuth2Authentication |
readAuthenticationForRefreshToken(OAuth2RefreshToken token) |
OAuth2RefreshToken |
readRefreshToken(String tokenValue)
Read a refresh token from the store.
|
void |
removeAccessToken(OAuth2AccessToken token)
Remove an access token from the store.
|
void |
removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken)
Remove an access token using a refresh token.
|
void |
removeRefreshToken(OAuth2RefreshToken token)
Remove a refresh token from the store.
|
void |
setApprovalStore(ApprovalStore approvalStore)
ApprovalStore to be used to validate and restrict refresh tokens.
|
void |
setTokenEnhancer(JwtAccessTokenConverter tokenEnhancer) |
void |
storeAccessToken(OAuth2AccessToken token,
OAuth2Authentication authentication)
Store an access token.
|
void |
storeRefreshToken(OAuth2RefreshToken refreshToken,
OAuth2Authentication authentication)
Store the specified refresh token in the store.
|
public JwtTokenStore(JwtAccessTokenConverter jwtTokenEnhancer)
jwtTokenEnhancer
- public void setApprovalStore(ApprovalStore approvalStore)
approvalStore
- the approvalStore to setpublic OAuth2Authentication readAuthentication(OAuth2AccessToken token)
TokenStore
readAuthentication
in interface TokenStore
token
- The token value under which the authentication is stored.public OAuth2Authentication readAuthentication(String token)
TokenStore
readAuthentication
in interface TokenStore
token
- The token value under which the authentication is stored.public void storeAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication)
TokenStore
storeAccessToken
in interface TokenStore
token
- The token to store.authentication
- The authentication associated with the token.public OAuth2AccessToken readAccessToken(String tokenValue)
TokenStore
readAccessToken
in interface TokenStore
tokenValue
- The token value.public void removeAccessToken(OAuth2AccessToken token)
TokenStore
removeAccessToken
in interface TokenStore
token
- The token to remove from the store.public void storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authentication authentication)
TokenStore
storeRefreshToken
in interface TokenStore
refreshToken
- The refresh token to store.authentication
- The authentication associated with the refresh token.public OAuth2RefreshToken readRefreshToken(String tokenValue)
TokenStore
readRefreshToken
in interface TokenStore
tokenValue
- The value of the token to read.public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token)
readAuthenticationForRefreshToken
in interface TokenStore
token
- a refresh tokenpublic void removeRefreshToken(OAuth2RefreshToken token)
TokenStore
removeRefreshToken
in interface TokenStore
token
- The token to remove from the store.public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken)
TokenStore
removeAccessTokenUsingRefreshToken
in interface TokenStore
refreshToken
- The refresh token.public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication)
TokenStore
getAccessToken
in interface TokenStore
authentication
- the authentication key for the access tokenpublic Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String clientId, String userName)
findTokensByClientIdAndUserName
in interface TokenStore
clientId
- the client id to searchuserName
- the user name to searchpublic Collection<OAuth2AccessToken> findTokensByClientId(String clientId)
findTokensByClientId
in interface TokenStore
clientId
- the client id to searchpublic void setTokenEnhancer(JwtAccessTokenConverter tokenEnhancer)
Copyright © 2019. All rights reserved.