@Override public Pair<String, Date> create( final String subject, final Map<String, Object> claims, final byte[] authorities, final boolean replace) { AccessToken accessToken = accessTokenDAO.findByOwner(subject); if (accessToken == null) { // no AccessToken found: create new accessToken = entityFactory.newEntity(AccessToken.class); accessToken.setKey(SecureRandomUtils.generateRandomUUID().toString()); accessToken = replace(subject, claims, authorities, accessToken); } else if (replace || accessToken.getExpiryTime() == null || accessToken.getExpiryTime().before(new Date())) { // AccessToken found, but either replace was requested or it is expired: update existing accessToken = replace(subject, claims, authorities, accessToken); } return Pair.of(accessToken.getBody(), accessToken.getExpiryTime()); }
@Override public Pair<String, Date> update(final AccessToken accessToken, final byte[] authorities) { JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(accessToken.getBody()); credentialChecker.checkIsDefaultJWSKeyInUse(); long duration = confDAO.find("jwt.lifetime.minutes", 120L); long currentTime = new Date().getTime() / 1000L; long expiry = currentTime + 60L * duration; consumer.getJwtClaims().setExpiryTime(expiry); Date expiryDate = new Date(expiry * 1000L); JwsHeaders jwsHeaders = new JwsHeaders(JoseType.JWT, jwsSignatureProvider.getAlgorithm()); JwtToken token = new JwtToken(jwsHeaders, consumer.getJwtClaims()); JwsJwtCompactProducer producer = new JwsJwtCompactProducer(token); String body = producer.signWith(jwsSignatureProvider); accessToken.setBody(body); // AccessToken stores expiry time in milliseconds, as opposed to seconds for the JWT tokens. accessToken.setExpiryTime(expiryDate); if (!adminUser.equals(accessToken.getOwner())) { accessToken.setAuthorities(authorities); } accessTokenDAO.save(accessToken); return Pair.of(body, expiryDate); }
@Override public AccessTokenTO getAccessTokenTO(final AccessToken accessToken) { AccessTokenTO accessTokenTO = new AccessTokenTO(); accessTokenTO.setKey(accessToken.getKey()); accessTokenTO.setBody(accessToken.getBody()); accessTokenTO.setExpiryTime(accessToken.getExpiryTime()); accessTokenTO.setOwner(accessToken.getOwner()); return accessTokenTO; } }