1 package org.springframework.security.oauth2.provider.token; 2 3 import java.util.Collection; 4 5 import org.springframework.security.oauth2.common.OAuth2AccessToken; 6 import org.springframework.security.oauth2.common.OAuth2RefreshToken; 7 import org.springframework.security.oauth2.provider.OAuth2Authentication; 8 9 /** 10 * Persistence interface for OAuth2 tokens. 11 */ 12 public interface TokenStore { 13 14 /** 15 * Read the authentication stored under the specified token value. 16 * 17 * @param token The token value under which the authentication is stored. 18 * @return The authentication, or null if none. 19 */ 20 OAuth2Authentication readAuthentication(OAuth2AccessToken token); 21 22 /** 23 * Read the authentication stored under the specified token value. 24 * 25 * @param token The token value under which the authentication is stored. 26 * @return The authentication, or null if none. 27 */ 28 OAuth2Authentication readAuthentication(String token); 29 30 /** 31 * Store an access token. 32 * 33 * @param token The token to store. 34 * @param authentication The authentication associated with the token. 35 */ 36 void storeAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication); 37 38 /** 39 * Read an access token from the store. 40 * 41 * @param tokenValue The token value. 42 * @return The access token to read. 43 */ 44 OAuth2AccessToken readAccessToken(String tokenValue); 45 46 /** 47 * Remove an access token from the store. 48 * 49 * @param token The token to remove from the store. 50 */ 51 void removeAccessToken(OAuth2AccessToken token); 52 53 /** 54 * Store the specified refresh token in the store. 55 * 56 * @param refreshToken The refresh token to store. 57 * @param authentication The authentication associated with the refresh token. 58 */ 59 void storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authentication authentication); 60 61 /** 62 * Read a refresh token from the store. 63 * 64 * @param tokenValue The value of the token to read. 65 * @return The token. 66 */ 67 OAuth2RefreshToken readRefreshToken(String tokenValue); 68 69 /** 70 * @param token a refresh token 71 * @return the authentication originally used to grant the refresh token 72 */ 73 OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token); 74 75 /** 76 * Remove a refresh token from the store. 77 * 78 * @param token The token to remove from the store. 79 */ 80 void removeRefreshToken(OAuth2RefreshToken token); 81 82 /** 83 * Remove an access token using a refresh token. This functionality is necessary so refresh tokens can't be used to 84 * create an unlimited number of access tokens. 85 * 86 * @param refreshToken The refresh token. 87 */ 88 void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken); 89 90 /** 91 * Retrieve an access token stored against the provided authentication key, if it exists. 92 * 93 * @param authentication the authentication key for the access token 94 * 95 * @return the access token or null if there was none 96 */ 97 OAuth2AccessToken getAccessToken(OAuth2Authentication authentication); 98 99 /** 100 * @param clientId the client id to search 101 * @param userName the user name to search 102 * @return a collection of access tokens 103 */ 104 Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String clientId, String userName); 105 106 /** 107 * @param clientId the client id to search 108 * @return a collection of access tokens 109 */ 110 Collection<OAuth2AccessToken> findTokensByClientId(String clientId); 111 112 }