@Override public OAuth2AccessTokenEntity getRegistrationAccessTokenForClient(ClientDetailsEntity client) { List<OAuth2AccessTokenEntity> allTokens = getAccessTokensForClient(client); for (OAuth2AccessTokenEntity token : allTokens) { if ((token.getScope().contains(SystemScopeService.REGISTRATION_TOKEN_SCOPE) || token.getScope().contains(SystemScopeService.RESOURCE_TOKEN_SCOPE)) && token.getScope().size() == 1) { // if it only has the registration scope, then it's a registration token return token; } } return null; } }
@Override public OAuth2AccessTokenEntity rotateRegistrationAccessTokenForClient(ClientDetailsEntity client) { // revoke any previous tokens OAuth2AccessTokenEntity oldToken = tokenService.getRegistrationAccessTokenForClient(client); if (oldToken != null) { Set<String> scope = oldToken.getScope(); tokenService.revokeAccessToken(oldToken); return createAssociatedToken(client, scope); } else { return null; } }
/** * @param writer */ private void writeAccessTokens(JsonWriter writer) throws IOException { for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) { writer.beginObject(); writer.name(ID).value(token.getId()); writer.name(EXPIRATION).value(toUTCString(token.getExpiration())); writer.name(CLIENT_ID) .value((token.getClient() != null) ? token.getClient().getClientId() : null); writer.name(AUTHENTICATION_HOLDER_ID) .value((token.getAuthenticationHolder() != null) ? token.getAuthenticationHolder().getId() : null); writer.name(REFRESH_TOKEN_ID) .value((token.getRefreshToken() != null) ? token.getRefreshToken().getId() : null); writer.name(SCOPE); writer.beginArray(); for (String s : token.getScope()) { writer.value(s); } writer.endArray(); writer.name(TYPE).value(token.getTokenType()); writer.name(VALUE).value(token.getValue()); writer.endObject(); logger.debug("Wrote access token {}", token.getId()); } logger.info("Done writing access tokens"); }
@Override public JsonElement serialize(OAuth2AccessTokenEntity src, Type typeOfSrc, JsonSerializationContext context) { JsonObject o = new JsonObject(); o.addProperty("value", src.getValue()); o.addProperty("id", src.getId()); o.addProperty("refreshTokenId", src.getRefreshToken() != null ? src.getRefreshToken().getId() : null); o.add("scopes", context.serialize(src.getScope())); o.addProperty("clientId", src.getClient().getClientId()); o.addProperty("userId", src.getAuthenticationHolder().getAuthentication().getName()); o.add("expiration", context.serialize(src.getExpiration())); return o; }
Set<String> scopes = Sets.intersection(authScopes, accessToken.getScope());
Set<String> approvedScopes = incomingToken.getScope(); Set<String> requestedScopes = tokenRequest.getScope();
if (client.isAllowRefresh() && token.getScope().contains(SystemScopeService.OFFLINE_ACCESS)) { OAuth2RefreshTokenEntity savedRefreshToken = createRefreshToken(client, authHolder);
@Override public Set<String> getScope() { return this.rootToken.getScope(); }
@Override public OAuth2AccessTokenEntity getRegistrationAccessTokenForClient(ClientDetailsEntity client) { List<OAuth2AccessTokenEntity> allTokens = getAccessTokensForClient(client); for (OAuth2AccessTokenEntity token : allTokens) { if ((token.getScope().contains(SystemScopeService.REGISTRATION_TOKEN_SCOPE) || token.getScope().contains(SystemScopeService.RESOURCE_TOKEN_SCOPE)) && token.getScope().size() == 1) { // if it only has the registration scope, then it's a registration token return token; } } return null; }
@Override public OAuth2AccessTokenEntity rotateRegistrationAccessTokenForClient(final ClientDetailsEntity client) { // revoke any previous tokens final OAuth2AccessTokenEntity oldToken = tokenService.getRegistrationAccessTokenForClient(client); if (oldToken != null) { final Set<String> scope = oldToken.getScope(); tokenService.revokeAccessToken(oldToken); return createAssociatedToken(client, scope); } else { return null; } }
@Override public OAuth2AccessTokenEntity rotateRegistrationAccessTokenForClient(ClientDetailsEntity client) { // revoke any previous tokens OAuth2AccessTokenEntity oldToken = tokenService.getRegistrationAccessTokenForClient(client); if (oldToken != null) { Set<String> scope = oldToken.getScope(); tokenService.revokeAccessToken(oldToken); return createAssociatedToken(client, scope); } else { return null; } }
@Override public JsonElement serialize(OAuth2AccessTokenEntity src, Type typeOfSrc, JsonSerializationContext context) { JsonObject o = new JsonObject(); o.addProperty("value", src.getValue()); o.addProperty("id", src.getId()); o.addProperty("refreshTokenId", src.getRefreshToken() != null ? src.getRefreshToken().getId() : null); o.add("scopes", context.serialize(src.getScope())); o.addProperty("clientId", src.getClient().getClientId()); o.addProperty("userId", src.getAuthenticationHolder().getAuthentication().getName()); o.add("expiration", context.serialize(src.getExpiration())); return o; }
/** * @param writer */ private void writeAccessTokens(JsonWriter writer) throws IOException { for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) { writer.beginObject(); writer.name(ID).value(token.getId()); writer.name(EXPIRATION).value(toUTCString(token.getExpiration())); writer.name(CLIENT_ID) .value((token.getClient() != null) ? token.getClient().getClientId() : null); writer.name(AUTHENTICATION_HOLDER_ID) .value((token.getAuthenticationHolder() != null) ? token.getAuthenticationHolder().getId() : null); writer.name(REFRESH_TOKEN_ID) .value((token.getRefreshToken() != null) ? token.getRefreshToken().getId() : null); writer.name(SCOPE); writer.beginArray(); for (String s : token.getScope()) { writer.value(s); } writer.endArray(); writer.name(TYPE).value(token.getTokenType()); writer.name(VALUE).value(token.getValue()); writer.endObject(); logger.debug("Wrote access token {}", token.getId()); } logger.info("Done writing access tokens"); }
Set<String> scopes = Sets.intersection(authScopes, accessToken.getScope());
Set<String> approvedScopes = incomingToken.getScope(); Set<String> requestedScopes = tokenRequest.getScope();
if (client.isAllowRefresh() && token.getScope().contains(SystemScopeService.OFFLINE_ACCESS)) { OAuth2RefreshTokenEntity savedRefreshToken = createRefreshToken(client, authHolder);