@Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException{ // Token revocation OAuth2AccessToken oAuth2AccessToken = tokenServices.getAccessToken((OAuth2Authentication) authentication); tokenServices.revokeToken(oAuth2AccessToken.getValue()); // Instead of redirecting like SimpleUrlLogoutSuccessHandler, we do nothing (no redirect) - will return status 200 (OK) return; } }
@RequestMapping(value = "/validation", method = RequestMethod.POST) @ResponseBody public AccessToken tokenValidation(@RequestHeader("Authorization") final String authorization) { String token = getToken(authorization); OAuth2Authentication auth = tokenServices.loadAuthentication(token); OAuth2AccessToken accessToken = tokenServices.getAccessToken(auth); AuthorizationRequest authReq = auth.getAuthorizationRequest(); AccessToken.Builder tokenBuilder = new AccessToken.Builder(token).setClientId(authReq.getClientId()); if(auth.getUserAuthentication() != null && auth.getPrincipal() instanceof User) { User user = (User) auth.getPrincipal(); tokenBuilder.setUserName(user.getUserName()); tokenBuilder.setUserId(user.getId()); } tokenBuilder.setExpiresAt(accessToken.getExpiration()); for (String scopeString : authReq.getScope()) { tokenBuilder.addScope(new Scope(scopeString)); } return tokenBuilder.build(); }