Package org.yamcs.http.auth
Class TokenStore
- java.lang.Object
-
- org.yamcs.http.auth.TokenStore
-
public class TokenStore extends Object
Store capable of generating a chain of refresh tokens. When a token is exchanged for a new token, the old token remains valid for a limited lifetime. This property is useful do deal with a burst of identical refresh requests.This class maintains a cache from a JWT bearer token to the original authentication info. This allows skipping the login process as long as the bearer is valid.
-
-
Constructor Summary
Constructors Constructor Description TokenStore()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
forgetUser(String username)
String
generateRefreshToken(AuthenticationInfo authenticationInfo)
void
registerAccessToken(String accessToken, AuthenticationInfo authenticationInfo)
void
revokeAccessToken(String accessToken)
void
revokeRefreshToken(String refreshToken)
AuthenticationInfo
verifyAccessToken(String accessToken)
org.yamcs.http.auth.TokenStore.RefreshResult
verifyRefreshToken(String refreshToken)
Validate the provided refresh token, and exchange it for a new one.
-
-
-
Method Detail
-
registerAccessToken
public void registerAccessToken(String accessToken, AuthenticationInfo authenticationInfo)
-
revokeAccessToken
public void revokeAccessToken(String accessToken)
-
verifyAccessToken
public AuthenticationInfo verifyAccessToken(String accessToken) throws UnauthorizedException
- Throws:
UnauthorizedException
-
forgetUser
public void forgetUser(String username)
-
generateRefreshToken
public String generateRefreshToken(AuthenticationInfo authenticationInfo)
-
verifyRefreshToken
public org.yamcs.http.auth.TokenStore.RefreshResult verifyRefreshToken(String refreshToken)
Validate the provided refresh token, and exchange it for a new one. The provided refresh token is invalidated, and will stop working after a certain time.Attempts to exchange a previously exchanged token will always return the same result, as long as it has not expired yet.
- Returns:
- a new refresh token, or null if the token could not be exchanged.
-
revokeRefreshToken
public void revokeRefreshToken(String refreshToken)
-
-