public final class JwkTokenStore extends Object implements TokenStore
TokenStore
implementation that provides support for verifying the
JSON Web Signature (JWS) for a JSON Web Token (JWT) using a JSON Web Key (JWK).
TokenStore
implementation is exclusively meant to be used by a Resource Server as
it's sole responsibility is to decode a JWT and verify it's signature (JWS) using the corresponding JWK.
TokenStore
that are not applicable for a Resource Server.
In these cases, the method implementation will explicitly throw a
JwkException
reporting "This operation is not supported".
storeAccessToken(OAuth2AccessToken, OAuth2Authentication)
removeAccessToken(OAuth2AccessToken)
storeRefreshToken(OAuth2RefreshToken, OAuth2Authentication)
readRefreshToken(String)
readAuthenticationForRefreshToken(OAuth2RefreshToken)
removeRefreshToken(OAuth2RefreshToken)
removeAccessTokenUsingRefreshToken(OAuth2RefreshToken)
getAccessToken(OAuth2Authentication)
findTokensByClientIdAndUserName(String, String)
findTokensByClientId(String)
JwtTokenStore
which uses a
specialized extension of JwtAccessTokenConverter
.
This specialized JwtAccessTokenConverter
is capable of fetching (and caching)
the JWK Set (a set of JWKs) from the URL supplied to the constructor of this implementation.
JwtAccessTokenConverter
will verify the JWS in the following step sequence:
SignatureVerifier
associated with the JWK and verify the signature.JwtTokenStore
,
JSON Web Key (JWK),
JSON Web Token (JWT),
JSON Web Signature (JWS)Constructor and Description |
---|
JwkTokenStore(List<String> jwkSetUrls)
Creates a new instance using the provided URLs as the location for the JWK Sets.
|
JwkTokenStore(List<String> jwkSetUrls,
AccessTokenConverter accessTokenConverter,
JwtClaimsSetVerifier jwtClaimsSetVerifier)
Creates a new instance using the provided URLs as the location for the JWK Sets
and a custom
AccessTokenConverter and JwtClaimsSetVerifier . |
JwkTokenStore(String jwkSetUrl)
Creates a new instance using the provided URL as the location for the JWK Set.
|
JwkTokenStore(String jwkSetUrl,
AccessTokenConverter accessTokenConverter)
Creates a new instance using the provided URL as the location for the JWK Set
and a custom
AccessTokenConverter . |
JwkTokenStore(String jwkSetUrl,
AccessTokenConverter accessTokenConverter,
JwtClaimsSetVerifier jwtClaimsSetVerifier)
Creates a new instance using the provided URL as the location for the JWK Set
and a custom
AccessTokenConverter and JwtClaimsSetVerifier . |
JwkTokenStore(String jwkSetUrl,
JwtClaimsSetVerifier jwtClaimsSetVerifier)
Creates a new instance using the provided URL as the location for the JWK Set
and a custom
JwtClaimsSetVerifier . |
Modifier and Type | Method and Description |
---|---|
Collection<OAuth2AccessToken> |
findTokensByClientId(String clientId)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
Collection<OAuth2AccessToken> |
findTokensByClientIdAndUserName(String clientId,
String userName)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
OAuth2AccessToken |
getAccessToken(OAuth2Authentication authentication)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
OAuth2AccessToken |
readAccessToken(String tokenValue)
Delegates to the internal instance
JwtTokenStore.readAccessToken(String) . |
OAuth2Authentication |
readAuthentication(OAuth2AccessToken token)
Delegates to the internal instance
JwtTokenStore.readAuthentication(OAuth2AccessToken) . |
OAuth2Authentication |
readAuthentication(String tokenValue)
Delegates to the internal instance
JwtTokenStore.readAuthentication(String) . |
OAuth2Authentication |
readAuthenticationForRefreshToken(OAuth2RefreshToken token)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
OAuth2RefreshToken |
readRefreshToken(String tokenValue)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
void |
removeAccessToken(OAuth2AccessToken token)
Delegates to the internal instance
JwtTokenStore.removeAccessToken(OAuth2AccessToken) . |
void |
removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
void |
removeRefreshToken(OAuth2RefreshToken token)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
void |
storeAccessToken(OAuth2AccessToken token,
OAuth2Authentication authentication)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
void |
storeRefreshToken(OAuth2RefreshToken refreshToken,
OAuth2Authentication authentication)
This operation is not applicable for a Resource Server
and if called, will throw a
JwkException . |
public JwkTokenStore(String jwkSetUrl)
jwkSetUrl
- the JWK Set URLpublic JwkTokenStore(List<String> jwkSetUrls)
jwkSetUrls
- the JWK Set URLspublic JwkTokenStore(String jwkSetUrl, AccessTokenConverter accessTokenConverter)
AccessTokenConverter
.jwkSetUrl
- the JWK Set URLaccessTokenConverter
- a custom AccessTokenConverter
public JwkTokenStore(String jwkSetUrl, JwtClaimsSetVerifier jwtClaimsSetVerifier)
JwtClaimsSetVerifier
.jwkSetUrl
- the JWK Set URLjwtClaimsSetVerifier
- a custom JwtClaimsSetVerifier
public JwkTokenStore(String jwkSetUrl, AccessTokenConverter accessTokenConverter, JwtClaimsSetVerifier jwtClaimsSetVerifier)
AccessTokenConverter
and JwtClaimsSetVerifier
.jwkSetUrl
- the JWK Set URLaccessTokenConverter
- a custom AccessTokenConverter
jwtClaimsSetVerifier
- a custom JwtClaimsSetVerifier
public JwkTokenStore(List<String> jwkSetUrls, AccessTokenConverter accessTokenConverter, JwtClaimsSetVerifier jwtClaimsSetVerifier)
AccessTokenConverter
and JwtClaimsSetVerifier
.jwkSetUrls
- the JWK Set URLsaccessTokenConverter
- a custom AccessTokenConverter
jwtClaimsSetVerifier
- a custom JwtClaimsSetVerifier
public OAuth2Authentication readAuthentication(OAuth2AccessToken token)
JwtTokenStore.readAuthentication(OAuth2AccessToken)
.readAuthentication
in interface TokenStore
token
- the access tokenOAuth2Authentication
representation of the access tokenpublic OAuth2Authentication readAuthentication(String tokenValue)
JwtTokenStore.readAuthentication(String)
.readAuthentication
in interface TokenStore
tokenValue
- the access token valueOAuth2Authentication
representation of the access tokenpublic void storeAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication)
JwkException
.storeAccessToken
in interface TokenStore
token
- The token to store.authentication
- The authentication associated with the token.JwkException
- reporting this operation is not supportedpublic OAuth2AccessToken readAccessToken(String tokenValue)
JwtTokenStore.readAccessToken(String)
.readAccessToken
in interface TokenStore
tokenValue
- the access token valueOAuth2AccessToken
representation of the access token valuepublic void removeAccessToken(OAuth2AccessToken token)
JwtTokenStore.removeAccessToken(OAuth2AccessToken)
.removeAccessToken
in interface TokenStore
token
- the access tokenpublic void storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authentication authentication)
JwkException
.storeRefreshToken
in interface TokenStore
refreshToken
- The refresh token to store.authentication
- The authentication associated with the refresh token.JwkException
- reporting this operation is not supportedpublic OAuth2RefreshToken readRefreshToken(String tokenValue)
JwkException
.readRefreshToken
in interface TokenStore
tokenValue
- The value of the token to read.JwkException
- reporting this operation is not supportedpublic OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token)
JwkException
.readAuthenticationForRefreshToken
in interface TokenStore
token
- a refresh tokenJwkException
- reporting this operation is not supportedpublic void removeRefreshToken(OAuth2RefreshToken token)
JwkException
.removeRefreshToken
in interface TokenStore
token
- The token to remove from the store.JwkException
- reporting this operation is not supportedpublic void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken)
JwkException
.removeAccessTokenUsingRefreshToken
in interface TokenStore
refreshToken
- The refresh token.JwkException
- reporting this operation is not supportedpublic OAuth2AccessToken getAccessToken(OAuth2Authentication authentication)
JwkException
.getAccessToken
in interface TokenStore
authentication
- the authentication key for the access tokenJwkException
- reporting this operation is not supportedpublic Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String clientId, String userName)
JwkException
.findTokensByClientIdAndUserName
in interface TokenStore
clientId
- the client id to searchuserName
- the user name to searchJwkException
- reporting this operation is not supportedpublic Collection<OAuth2AccessToken> findTokensByClientId(String clientId)
JwkException
.findTokensByClientId
in interface TokenStore
clientId
- the client id to searchJwkException
- reporting this operation is not supportedCopyright © 2019. All rights reserved.