/** * Compute the SHA hash of a token * * @param signingAlg * @param token * @return */ public static Base64URL getAccessTokenHash(JWSAlgorithm signingAlg, OAuth2AccessTokenEntity token) { byte[] tokenBytes = token.getJwt().serialize().getBytes(); return getHash(signingAlg, tokenBytes); }
private OAuth2AccessTokenEntity rotateRegistrationTokenIfNecessary(OAuth2Authentication auth, ClientDetailsEntity client) { OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails(); OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue()); if (config.getRegTokenLifeTime() != null) { try { // Re-issue the token if it has been issued before [currentTime - validity] Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000); if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) { logger.info("Rotating the registration access token for " + client.getClientId()); tokenService.revokeAccessToken(token); OAuth2AccessTokenEntity newToken = connectTokenService.createRegistrationAccessToken(client); tokenService.saveAccessToken(newToken); return newToken; } else { // it's not expired, keep going return token; } } catch (ParseException e) { logger.error("Couldn't parse a known-valid token?", e); return token; } } else { // tokens don't expire, just return it return token; } }
private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) { OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails(); OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue()); if (config.getRegTokenLifeTime() != null) { try { // Re-issue the token if it has been issued before [currentTime - validity] Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000); if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) { logger.info("Rotating the registration access token for " + client.getClientId()); tokenService.revokeAccessToken(token); OAuth2AccessTokenEntity newToken = connectTokenService.createResourceAccessToken(client); tokenService.saveAccessToken(newToken); return newToken; } else { // it's not expired, keep going return token; } } catch (ParseException e) { logger.error("Couldn't parse a known-valid token?", e); return token; } } else { // tokens don't expire, just return it return token; } }
@Override public JWT getJwt() { return this.rootToken.getJwt(); }
/** * Compute the SHA hash of a token * * @param signingAlg * @param token * @return */ public static Base64URL getAccessTokenHash(JWSAlgorithm signingAlg, OAuth2AccessTokenEntity token) { byte[] tokenBytes = token.getJwt().serialize().getBytes(); return getHash(signingAlg, tokenBytes); }
private OAuth2AccessTokenEntity rotateRegistrationTokenIfNecessary(OAuth2Authentication auth, ClientDetailsEntity client) { OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails(); OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue()); if (config.getRegTokenLifeTime() != null) { try { // Re-issue the token if it has been issued before [currentTime - validity] Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000); if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) { logger.info("Rotating the registration access token for " + client.getClientId()); tokenService.revokeAccessToken(token); OAuth2AccessTokenEntity newToken = connectTokenService.createRegistrationAccessToken(client); tokenService.saveAccessToken(newToken); return newToken; } else { // it's not expired, keep going return token; } } catch (ParseException e) { logger.error("Couldn't parse a known-valid token?", e); return token; } } else { // tokens don't expire, just return it return token; } }
private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) { OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails(); OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue()); if (config.getRegTokenLifeTime() != null) { try { // Re-issue the token if it has been issued before [currentTime - validity] Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000); if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) { logger.info("Rotating the registration access token for " + client.getClientId()); tokenService.revokeAccessToken(token); OAuth2AccessTokenEntity newToken = connectTokenService.createResourceAccessToken(client); tokenService.saveAccessToken(newToken); return newToken; } else { // it's not expired, keep going return token; } } catch (ParseException e) { logger.error("Couldn't parse a known-valid token?", e); return token; } } else { // tokens don't expire, just return it return token; } }