private boolean expired(ClientAccessToken token) { if (token.getExpiresIn() != -1) { return (((token.getIssuedAt()+token.getExpiresIn())-System.currentTimeMillis()) < 0); } return false; }
private boolean expired(ClientAccessToken token) { if (token.getExpiresIn() != -1) { return (((token.getIssuedAt()+token.getExpiresIn())-System.currentTimeMillis()) < 0); } return false; }
private ClientAccessToken refreshAccessTokenIfExpired(ClientAccessToken at) { if (at.getRefreshToken() != null && ((expiryThreshold > 0 && OAuthUtils.isExpired(at.getIssuedAt(), at.getExpiresIn() - expiryThreshold)) || OAuthUtils.isExpired(at.getIssuedAt(), at.getExpiresIn()))) { return OAuthClientUtils.refreshAccessToken(accessTokenServiceClient, consumer, at); } return null; }
private ClientAccessToken refreshAccessTokenIfExpired(ClientAccessToken at) { if (at.getRefreshToken() != null && ((expiryThreshold > 0 && OAuthUtils.isExpired(at.getIssuedAt(), at.getExpiresIn() - expiryThreshold)) || OAuthUtils.isExpired(at.getIssuedAt(), at.getExpiresIn()))) { return OAuthClientUtils.refreshAccessToken(accessTokenServiceClient, consumer, at); } return null; }
protected StringBuilder prepareRedirectResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) { ClientAccessToken clientToken = getClientAccessToken(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken); // return the token by appending it as a fragment parameter to the redirect URI StringBuilder sb = getUriWithFragment(state.getRedirectUri()); sb.append(OAuthConstants.ACCESS_TOKEN).append("=").append(clientToken.getTokenKey()); sb.append("&"); sb.append(OAuthConstants.ACCESS_TOKEN_TYPE).append("=").append(clientToken.getTokenType()); if (isWriteOptionalParameters()) { sb.append("&").append(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN) .append("=").append(clientToken.getExpiresIn()); if (!StringUtils.isEmpty(clientToken.getApprovedScope())) { sb.append("&").append(OAuthConstants.SCOPE).append("=") .append(HttpUtils.queryEncode(clientToken.getApprovedScope())); } for (Map.Entry<String, String> entry : clientToken.getParameters().entrySet()) { sb.append("&").append(entry.getKey()).append("=").append(HttpUtils.queryEncode(entry.getValue())); } } if (clientToken.getRefreshToken() != null) { processRefreshToken(sb, clientToken.getRefreshToken()); } finalizeResponse(sb, state); return sb; }
private void writeAccessToken(ClientAccessToken obj, OutputStream os) throws IOException { StringBuilder sb = new StringBuilder(); sb.append("{"); appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN, obj.getTokenKey()); sb.append(","); appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN_TYPE, obj.getTokenType()); if (obj.getExpiresIn() != -1) { sb.append(","); appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN_EXPIRES_IN, obj.getExpiresIn(), false); } if (obj.getApprovedScope() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.SCOPE, obj.getApprovedScope()); } if (obj.getRefreshToken() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.REFRESH_TOKEN, obj.getRefreshToken()); } Map<String, String> parameters = obj.getParameters(); for (Map.Entry<String, String> entry : parameters.entrySet()) { sb.append(","); appendJsonPair(sb, entry.getKey(), entry.getValue()); } sb.append("}"); String result = sb.toString(); os.write(result.getBytes(StandardCharsets.UTF_8)); os.flush(); }
private void writeAccessToken(ClientAccessToken obj, OutputStream os) throws IOException { StringBuilder sb = new StringBuilder(); sb.append("{"); appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN, obj.getTokenKey()); sb.append(","); appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN_TYPE, obj.getTokenType()); if (obj.getExpiresIn() != -1) { sb.append(","); appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN_EXPIRES_IN, obj.getExpiresIn(), false); } if (obj.getApprovedScope() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.SCOPE, obj.getApprovedScope()); } if (obj.getRefreshToken() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.REFRESH_TOKEN, obj.getRefreshToken()); } Map<String, String> parameters = obj.getParameters(); for (Map.Entry<String, String> entry : parameters.entrySet()) { sb.append(","); appendJsonPair(sb, entry.getKey(), entry.getValue()); } sb.append("}"); String result = sb.toString(); os.write(result.getBytes(StandardCharsets.UTF_8)); os.flush(); }
protected StringBuilder prepareRedirectResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) { ClientAccessToken clientToken = getClientAccessToken(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken); // return the token by appending it as a fragment parameter to the redirect URI StringBuilder sb = getUriWithFragment(state.getRedirectUri()); sb.append(OAuthConstants.ACCESS_TOKEN).append("=").append(clientToken.getTokenKey()); sb.append("&"); sb.append(OAuthConstants.ACCESS_TOKEN_TYPE).append("=").append(clientToken.getTokenType()); if (isWriteOptionalParameters()) { sb.append("&").append(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN) .append("=").append(clientToken.getExpiresIn()); if (!StringUtils.isEmpty(clientToken.getApprovedScope())) { sb.append("&").append(OAuthConstants.SCOPE).append("=") .append(HttpUtils.queryEncode(clientToken.getApprovedScope())); } for (Map.Entry<String, String> entry : clientToken.getParameters().entrySet()) { sb.append("&").append(entry.getKey()).append("=").append(HttpUtils.queryEncode(entry.getValue())); } } if (clientToken.getRefreshToken() != null) { processRefreshToken(sb, clientToken.getRefreshToken()); } finalizeResponse(sb, state); return sb; }
private void refreshAccessTokenIfExpired(AuthorizationPolicy authPolicy) { ClientAccessToken at = getClientAccessToken(); if (OAuthUtils.isExpired(at.getIssuedAt(), at.getExpiresIn())) { refreshAccessToken(authPolicy); } }
private void refreshAccessTokenIfExpired(AuthorizationPolicy authPolicy) { ClientAccessToken at = getClientAccessToken(); if (OAuthUtils.isExpired(at.getIssuedAt(), at.getExpiresIn())) { refreshAccessToken(authPolicy); } }
expires.setTime(expires.getTime() + (accessToken.getExpiresIn() * 1000L)); SecurityToken idpToken = new SecurityToken(IDGenerator.generateID(null), null, expires); SamlAssertionWrapper assertion =
protected AbstractFormImplicitResponse prepareFormResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) { ClientAccessToken clientToken = getClientAccessToken(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken); FormTokenResponse bean = new FormTokenResponse(); bean.setResponseType(OAuthConstants.TOKEN_RESPONSE_TYPE); bean.setRedirectUri(state.getRedirectUri()); bean.setState(state.getState()); bean.setAccessToken(clientToken.getTokenKey()); bean.setAccessTokenType(clientToken.getTokenType()); bean.setAccessTokenExpiresIn(clientToken.getExpiresIn()); bean.getParameters().putAll(clientToken.getParameters()); return bean; }
protected AbstractFormImplicitResponse prepareFormResponse(OAuthRedirectionState state, Client client, List<String> requestedScope, List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) { ClientAccessToken clientToken = getClientAccessToken(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken); FormTokenResponse bean = new FormTokenResponse(); bean.setResponseType(OAuthConstants.TOKEN_RESPONSE_TYPE); bean.setRedirectUri(state.getRedirectUri()); bean.setState(state.getState()); bean.setAccessToken(clientToken.getTokenKey()); bean.setAccessTokenType(clientToken.getTokenType()); bean.setAccessTokenExpiresIn(clientToken.getExpiresIn()); bean.getParameters().putAll(clientToken.getParameters()); return bean; }
assertEquals(tokenIntrospection.getScope(), accessToken.getApprovedScope()); Long validity = tokenIntrospection.getExp() - tokenIntrospection.getIat(); assertTrue(validity == accessToken.getExpiresIn()); assertEquals(tokenIntrospection.getAud().get(0), audience);
assertEquals(tokenIntrospection.getScope(), accessToken.getApprovedScope()); Long validity = tokenIntrospection.getExp() - tokenIntrospection.getIat(); assertTrue(validity == accessToken.getExpiresIn()); Long nbf = tokenIntrospection.getNbf(); long now = System.currentTimeMillis() / 1000L;
assertEquals(tokenIntrospection.getScope(), accessToken.getApprovedScope()); Long validity = tokenIntrospection.getExp() - tokenIntrospection.getIat(); assertTrue(validity == accessToken.getExpiresIn());