Package org.springframework.security.authentication.ott

Class JdbcOneTimeTokenService

java.lang.Object
org.springframework.security.authentication.ott.JdbcOneTimeTokenService
All Implemented Interfaces:
org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, OneTimeTokenService
public final class JdbcOneTimeTokenService extends Object implements OneTimeTokenService, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean
A JDBC implementation of an OneTimeTokenService that uses a JdbcOperations for OneTimeToken persistence.

NOTE: This JdbcOneTimeTokenService depends on the table definition described in "classpath:org/springframework/security/core/ott/jdbc/one-time-tokens-schema.sql" and therefore MUST be defined in the database schema.

Since:
6.4

  • Constructor Details

    • JdbcOneTimeTokenService

      public JdbcOneTimeTokenService(org.springframework.jdbc.core.JdbcOperations jdbcOperations)
      Constructs a JdbcOneTimeTokenService using the provide parameters.
      Parameters:
      jdbcOperations - the JDBC operations

  • Method Details

    • setCleanupCron

      public void setCleanupCron(String cleanupCron)
      Sets the chron expression used for cleaning up expired tokens. The default is to run hourly. For more advanced use cases the cleanupCron may be set to null which will disable the built-in cleanup. Users can then invoke cleanupExpiredTokens() using custom logic.
      Parameters:
      cleanupCron - the chron expression passed to CronTrigger used for determining how frequent to perform cleanup. The default is "@hourly".
      See Also:

    • generate

      public OneTimeToken generate(GenerateOneTimeTokenRequest request)
      Description copied from interface: OneTimeTokenService
      Generates a one-time token based on the provided generate request.
      Specified by:
      generate in interface OneTimeTokenService
      Parameters:
      request - the generate request containing the necessary information to generate the token
      Returns:
      the generated OneTimeToken, never null.

    • consume

      public @Nullable OneTimeToken consume(OneTimeTokenAuthenticationToken authenticationToken)
      Description copied from interface: OneTimeTokenService
      Consumes a one-time token based on the provided authentication token.
      Specified by:
      consume in interface OneTimeTokenService
      Parameters:
      authenticationToken - the authentication token containing the one-time token value to be consumed
      Returns:
      the consumed OneTimeToken or null if the token is invalid

    • cleanupExpiredTokens

      public void cleanupExpiredTokens()

    • afterPropertiesSet

      public void afterPropertiesSet() throws Exception
      Specified by:
      afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
      Throws:
      Exception

    • destroy

      public void destroy() throws Exception
      Specified by:
      destroy in interface org.springframework.beans.factory.DisposableBean
      Throws:
      Exception

    • setClock

      public void setClock(Clock clock)
      Sets the Clock used when generating one-time token and checking token expiry.
      Parameters:
      clock - the clock