Package org.yamcs.http.auth

Class TokenStore

  • public class TokenStore
extends Object
    Store capable of generating a chain of refresh tokens. When a token is exchanged for a new token, the old token remains valid for a limited lifetime. This property is useful do deal with a burst of identical refresh requests.

    This class maintains a cache from a JWT bearer token to the original authentication info. This allows skipping the login process as long as the bearer is valid.

    • Constructor Detail

      • TokenStore

        public TokenStore()

    • Method Detail

      • revokeAccessToken

        public void revokeAccessToken​(String accessToken)

      • forgetUser

        public void forgetUser​(String username)

      • verifyRefreshToken

        public org.yamcs.http.auth.TokenStore.RefreshResult verifyRefreshToken​(String refreshToken)
        Validate the provided refresh token, and exchange it for a new one. The provided refresh token is invalidated, and will stop working after a certain time.

        Attempts to exchange a previously exchanged token will always return the same result, as long as it has not expired yet.

        Returns:
        a new refresh token, or null if the token could not be exchanged.

      • revokeRefreshToken

        public void revokeRefreshToken​(String refreshToken)