Package org.craftercms.studio.api.v2.service.security

Interface AccessTokenService

  • All Known Implementing Classes:
    AccessTokenServiceImpl
    public interface AccessTokenService
    Defines all operations related to access and refresh tokens
    Since:
    4.0
    Author:
    joseross

    • Method Detail

      • hasValidRefreshToken

        boolean hasValidRefreshToken​(org.springframework.security.core.Authentication auth,
                             javax.servlet.http.HttpServletRequest request,
                             javax.servlet.http.HttpServletResponse response)
        Checks if the given request contains a valid refresh token
        Parameters:
        auth - the current authentication
        request - the request to check
        response - the response
        Returns:
        true if the request contains a valid refresh token

      • updateRefreshToken

        void updateRefreshToken​(org.springframework.security.core.Authentication auth,
                        javax.servlet.http.HttpServletResponse response)
        Updates the refresh token for the given response
        Parameters:
        auth - the current authentication
        response - the response

      • createTokens

        AccessToken createTokens​(org.springframework.security.core.Authentication auth,
                         javax.servlet.http.HttpServletResponse response)
                  throws ServiceLayerException
        Creates the access & refresh tokens for the given authentication
        Parameters:
        auth - the current authentication
        response - the response
        Returns:
        the access token
        Throws:
        ServiceLayerException - if there is any error creating the access token

      • deleteRefreshToken

        void deleteRefreshToken​(org.springframework.security.core.Authentication auth)
        Deletes the refresh token for the given authentication
        Parameters:
        auth - the current authentication

      • deleteExpiredRefreshTokens

        void deleteExpiredRefreshTokens()
        Deletes all expired refresh tokens

      • createAccessToken

        PersistentAccessToken createAccessToken​(String label,
                                        Instant expiresOn)
                                 throws ServiceLayerException
        Creates a new access token for the current user
        Parameters:
        label - the label of the access token
        expiresOn - the date of expiration of the access token
        Returns:
        the access token
        Throws:
        ServiceLayerException - if there is any error creating the access token

      • getAccessTokens

        List<PersistentAccessToken> getAccessTokens()
        Get all existing access tokens for the current user
        Returns:
        the list of access tokens

      • updateAccessToken

        PersistentAccessToken updateAccessToken​(long id,
                                        boolean enabled)
        Updates an access token for the current user
        Parameters:
        id - the id of the access token
        enabled - indicates if the token is enabled or not
        Returns:
        the updated access token

      • deleteAccessToken

        void deleteAccessToken​(long id)
        Deletes an access token for the current user
        Parameters:
        id - the id of the access token

      • getUsername

        String getUsername​(String token)
        Returns the username for the given access token
        Parameters:
        token - the access token
        Returns:
        the username, null if the access token is invalid

      • updateUserActivity

        void updateUserActivity​(org.springframework.security.core.Authentication authentication)
        Updates the user activity record to extend the timeout
        Parameters:
        authentication - the current authentication