public boolean isTokenExpired() { return tokenInfo.isExpired(); }
protected Token extractTokenFromString(String token, Map<String, Object> params) { if(null == token || token.length() == 0) { return null; } if(isJwt(token)){ return new SimpleToken(OAuth2Constants.JWT_TYPE, token); }else{ return new SimpleToken(token); } }
public AccessToken getAccessToken(Request request){ AccessToken at= TokenContext.getAccessToken(); if(at!=null){ return at; } Token token= tokenExtractor.extractTokenFromRequest(request); if(token==null){ return null; } String clientAt=token.getToken(); at=mapToSelfToken(clientAt); return at; }
protected TokenInfo createTokenInfo(Map<String, Object> map) { SimpleTokenInfo info = new SimpleTokenInfo(); info.setClientId((String)map.get("client_id")); info.setUserId((String)map.get("user_id")); info.setCreated(System.currentTimeMillis()); info.setExpiresIn(((Integer)map.get("expires_in"))); info.setScope((String)map.get("scope")); info.setClaims(map); return info; } }
protected TokenInfo doVerifyToken(Token token) { try { Map<String, Object> claims = server.verifyToken(token.getToken()); String clientId = (String)claims.get(JWT.CLAIM_AUDIENCE); OAuth2Client client = server.getClient(clientId); SimpleTokenInfo tokenInfo = new SimpleTokenInfo(); tokenInfo.setClientId(clientId); tokenInfo.setCreated(System.currentTimeMillis()); tokenInfo.setScope(client.getScope()); Object exp = claims.get(JWT.CLAIM_EXPIRATION_TIME); if (null != exp && exp instanceof Number) { long expirationTimeSecond = ((Number) exp).longValue(); long nowTimeInSecond = System.currentTimeMillis()/1000L; tokenInfo.setExpiresIn((int)(expirationTimeSecond-nowTimeInSecond)); } return tokenInfo; }catch (TokenVerifyException e) { if(isInternalOnly()) { throw e; } return null; } }
log.debug("Access token '{}' was expired", at.getToken()); removeCachedAuthentication(at, cached); return null; removeCachedAuthentication(at, cached); }else{ log.debug("Returns the cached authentication of access token : {}", at.getToken()); return cached.authentication; if(!Strings.isEmpty(at.getType())) { TokenVerifier verifier = typedAccessTokenVerifiers.get(at.getType()); if(null == verifier) { throw new AppConfigException("Cannot handle access token type '" + at.getType() + "'"); tokenInfo = verifier.verifyToken(at); }else{ tokenInfo = tokenInfoLookup.lookupByAccessToken(at.getToken()); log.info("Access token '{}' not found", at.getToken()); return null; if(tokenInfo.isExpired()) { log.info("Access token '{}' was expired", at.getToken()); return null; String clientId = tokenInfo.getClientId(); String userId = tokenInfo.getUserId(); UserPrincipal user = tokenInfo.getUserInfo();
@Override public State handleAuthenticationResolved(Request request, Response response, AuthenticationContext context) throws Throwable { Authentication authc = context.getAuthentication(); if(null != authc) { AccessToken at; if(authc instanceof OAuth2LoginAuthentication) { at = ((OAuth2LoginAuthentication) authc).getAccessToken(); if(null != at) { accessTokenStore.saveAccessToken(request, context, at); } }else{ at = accessTokenStore.loadAccessToken(request, context); } if(null != at) { if(at.isExpired()) { log.info("AT '{}' expired, refresh it", at.getToken()); at = accessTokenStore.refreshAndSaveAccessToken(request, context, at); } TokenContext.setAccessToken(request, at); } } return State.CONTINUE; }
protected CachedAuthentication getCachedAuthentication(Token at) { return cache.get(at.getToken()); }
@Override public TokenInfo verifyToken(Token token) throws TokenVerifyException { if(null == verifier) { if(Strings.isEmpty(config.getPublicKeyUrl())) { throw new AppConfigException("publicKeyUrl must be configured"); } refreshJwtVerifier(); } return verify(verifier, token.getToken()); }
Token token = tokenExtractor.extractTokenFromRequest(request); if(null == token) { return State.CONTINUE; OAuth2Authentication authc = authenticator.authenticate(token); if(null == authc) { log.warn("Invalid access token '{}'", token.getToken()); return State.CONTINUE;
public static AccessToken getAccessToken() { Request request = Request.tryGetCurrent(); return null == request ? null : getAccessToken(request); }
@Override public Token extractTokenFromRequest(Request request) { String v = extractToken(request.getServletRequest()); return extractTokenFromString(v,request.getParameters()); }
protected String extractToken(HttpServletRequest request) { // first check the header... String token = extractHeaderToken(request); // bearer type allows a request parameter as well if (token == null) { log.debug("Token not found in headers. Trying request parameters."); token = request.getParameter(OAuth2Constants.ACCESS_TOKEN); if (token == null) { log.debug("Token not found in request parameters. Not an OAuth2 request."); } } return token; }
if(Strings.isEmpty(error)) { log.info("Request token info from oauth2 server use {}ms", sw.getElapsedMilliseconds()); return createTokenInfo(map); }else{ String desc = Objects.toString(map.get("error_description"));
protected TokenInfo verify(JwtVerifier verifier, String token) throws TokenVerifyException { Map<String,Object> jwtDetail; try { jwtDetail = verifier.verify(token); }catch (TokenVerifyException e) { refreshJwtVerifier(); jwtDetail = verifier.verify(token); } SimpleTokenInfo tokenInfo = new SimpleTokenInfo(); String userId = (String)jwtDetail.get(JWT.CLAIM_SUBJECT); tokenInfo.setUserId(userId); tokenInfo.setScope((String)jwtDetail.get("scope")); tokenInfo.setClientId((String)jwtDetail.get("client_id")); tokenInfo.setCreated(System.currentTimeMillis()); Object exp = jwtDetail.get(JWT.CLAIM_EXPIRATION_TIME); if (null != exp && exp instanceof Number) { long expirationTimeSecond = ((Number) exp).longValue(); long nowTimeInSecond = System.currentTimeMillis()/1000L; tokenInfo.setExpiresIn((int)(expirationTimeSecond-nowTimeInSecond)); } tokenInfo.setClaims(jwtDetail); return tokenInfo; }
public String getAccessToken() { return null == authc ? null : authc.getCredentials().getToken(); }
protected void removeCachedAuthentication(Token at, CachedAuthentication cached) { cache.remove(at.getToken()); }
protected void cacheAuthentication(Token at, TokenInfo tokenDetails, OAuth2Authentication authc) { int cachedMs=cacheExpiresInMs; if(tokenDetails instanceof TimeExpirableSeconds){ cachedMs=((TimeExpirableSeconds)tokenDetails).getExpiresInFormNow()*1000; } cache.put(at.getToken(), new CachedAuthentication(tokenDetails, authc, cachedMs)); }