Interface AccessTokenService
-
- All Known Implementing Classes:
AccessTokenServiceImpl
public interface AccessTokenService
Defines all operations related to access and refresh tokens- Since:
- 4.0
- Author:
- joseross
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description PersistentAccessToken
createAccessToken(String label, Instant expiresOn)
Creates a new access token for the current userAccessToken
createTokens(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletResponse response)
Creates the access & refresh tokens for the given authenticationvoid
deleteAccessToken(long id)
Deletes an access token for the current uservoid
deleteExpiredRefreshTokens()
Deletes all expired refresh tokensvoid
deleteRefreshToken(org.springframework.security.core.Authentication auth)
Deletes the refresh token for the given authenticationList<PersistentAccessToken>
getAccessTokens()
Get all existing access tokens for the current userString
getUsername(String token)
Returns the username for the given access tokenboolean
hasValidRefreshToken(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
Checks if the given request contains a valid refresh tokenPersistentAccessToken
updateAccessToken(long id, boolean enabled)
Updates an access token for the current uservoid
updateRefreshToken(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletResponse response)
Updates the refresh token for the given responsevoid
updateUserActivity(org.springframework.security.core.Authentication authentication)
Updates the user activity record to extend the timeout
-
-
-
Method Detail
-
hasValidRefreshToken
boolean hasValidRefreshToken(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
Checks if the given request contains a valid refresh token- Parameters:
auth
- the current authenticationrequest
- the request to checkresponse
- the response- Returns:
- true if the request contains a valid refresh token
-
updateRefreshToken
void updateRefreshToken(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletResponse response)
Updates the refresh token for the given response- Parameters:
auth
- the current authenticationresponse
- the response
-
createTokens
AccessToken createTokens(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletResponse response) throws ServiceLayerException
Creates the access & refresh tokens for the given authentication- Parameters:
auth
- the current authenticationresponse
- the response- Returns:
- the access token
- Throws:
ServiceLayerException
- if there is any error creating the access token
-
deleteRefreshToken
void deleteRefreshToken(org.springframework.security.core.Authentication auth)
Deletes the refresh token for the given authentication- Parameters:
auth
- the current authentication
-
deleteExpiredRefreshTokens
void deleteExpiredRefreshTokens()
Deletes all expired refresh tokens
-
createAccessToken
PersistentAccessToken createAccessToken(String label, Instant expiresOn) throws ServiceLayerException
Creates a new access token for the current user- Parameters:
label
- the label of the access tokenexpiresOn
- the date of expiration of the access token- Returns:
- the access token
- Throws:
ServiceLayerException
- if there is any error creating the access token
-
getAccessTokens
List<PersistentAccessToken> getAccessTokens()
Get all existing access tokens for the current user- Returns:
- the list of access tokens
-
updateAccessToken
PersistentAccessToken updateAccessToken(long id, boolean enabled)
Updates an access token for the current user- Parameters:
id
- the id of the access tokenenabled
- indicates if the token is enabled or not- Returns:
- the updated access token
-
deleteAccessToken
void deleteAccessToken(long id)
Deletes an access token for the current user- Parameters:
id
- the id of the access token
-
getUsername
String getUsername(String token)
Returns the username for the given access token- Parameters:
token
- the access token- Returns:
- the username, null if the access token is invalid
-
updateUserActivity
void updateUserActivity(org.springframework.security.core.Authentication authentication)
Updates the user activity record to extend the timeout- Parameters:
authentication
- the current authentication
-
-