public boolean revokeToken(String tokenValue) { OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue); if (accessToken == null) { return false; } if (accessToken.getRefreshToken() != null) { tokenStore.removeRefreshToken(accessToken.getRefreshToken()); } tokenStore.removeAccessToken(accessToken); return true; }
tokenStore.removeRefreshToken(refreshToken);
tokenStore.removeRefreshToken(refreshToken); throw new InvalidTokenException("Invalid refresh token (expired): " + refreshToken); tokenStore.removeRefreshToken(refreshToken); refreshToken = createRefreshToken(authentication);
@Override public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { Assert.notNull(tokenStore, "tokenStore must be set"); String token = request.getHeader("Authorization"); Assert.hasText(token, "token must be set"); if (isJwtBearerToken(token)) { token = token.substring(6).trim(); OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token); OAuth2RefreshToken refreshToken; if (existingAccessToken != null) { if (existingAccessToken.getRefreshToken() != null) { LOGGER.info("remove refreshToken!", existingAccessToken.getRefreshToken()); refreshToken = existingAccessToken.getRefreshToken(); tokenStore.removeRefreshToken(refreshToken); } LOGGER.info("remove existingAccessToken!", existingAccessToken); tokenStore.removeAccessToken(existingAccessToken); } return; } else { throw new BadClientCredentialsException(); } }
@Override public OAuth2AccessToken refreshAccessToken(String refreshTokenValue, TokenRequest tokenRequest) throws AuthenticationException { log.info("authentication-provider is refreshing token"); // Note: scope is ignored by the current implementation // - uri, Mar 14, 2012 ExpiringOAuth2RefreshToken refreshToken = (ExpiringOAuth2RefreshToken) tokenStore.readRefreshToken(refreshTokenValue); if (refreshToken == null) { throw new InvalidGrantException("Invalid refresh token: " + refreshTokenValue); } else if (isExpired(refreshToken)) { tokenStore.removeRefreshToken(refreshToken); throw new InvalidGrantException("Invalid refresh token: " + refreshToken); } OAuth2Authentication authentication = tokenStore.readAuthenticationForRefreshToken(refreshToken); tokenStore.removeRefreshToken(refreshToken); return createAccessToken(authentication); }
@Override public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { Assert.notNull(tokenStore, "tokenStore must be set"); String token = request.getHeader("Authorization"); Assert.hasText(token, "token must be set"); if (isJwtBearerToken(token)) { token = token.substring(6); OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token); OAuth2RefreshToken refreshToken; if (existingAccessToken != null) { if (existingAccessToken.getRefreshToken() != null) { LOGGER.info("remove refreshToken!", existingAccessToken.getRefreshToken()); refreshToken = existingAccessToken.getRefreshToken(); tokenStore.removeRefreshToken(refreshToken); } LOGGER.info("remove existingAccessToken!", existingAccessToken); tokenStore.removeAccessToken(existingAccessToken); } return; } else { throw new BadClientCredentialsException(); } }
@Override public boolean revokeToken(String tokenValue) { OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue); if (accessToken == null) { return false; } if (accessToken.getRefreshToken() != null) { tokenStore.removeRefreshToken(accessToken.getRefreshToken()); } tokenStore.removeAccessToken(accessToken); return true; }
public boolean revokeToken(String tokenValue) { OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue); if (accessToken == null) { return false; } if (accessToken.getRefreshToken() != null) { tokenStore.removeRefreshToken(accessToken.getRefreshToken()); } tokenStore.removeAccessToken(accessToken); return true; }
@Override public boolean revokeToken(String tokenValue) { OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue); if (accessToken == null) { return false; } if (accessToken.getRefreshToken() != null) { tokenStore.removeRefreshToken(accessToken.getRefreshToken()); } tokenStore.removeAccessToken(accessToken); return true; }
@Nullable public String revokeRefreshToken(String tokenValue, Authentication clientAuth) { OAuth2RefreshToken refreshToken = tokenStore.readRefreshToken(tokenValue); if (refreshToken != null) { OAuth2Authentication authToRevoke = tokenStore.readAuthenticationForRefreshToken(refreshToken); checkIfTokenIsIssuedToClient(clientAuth, authToRevoke); tokenStore.removeAccessTokenUsingRefreshToken(refreshToken); tokenStore.removeRefreshToken(refreshToken); log.debug("Successfully removed refresh token {} (and any associated access token).", tokenMasker.maskToken(refreshToken.getValue())); return refreshToken.getValue(); } log.debug("No refresh token {} found in the token store.", tokenMasker.maskToken(tokenValue)); return null; }
@Nullable protected String revokeAccessToken(String token, @Nullable Authentication clientAuth, TokenRevocationInitiator revocationInitiator) { OAuth2AccessToken accessToken = tokenStore.readAccessToken(token); if (accessToken != null) { OAuth2Authentication authToRevoke = tokenStore.readAuthentication(accessToken); if (revocationInitiator == TokenRevocationInitiator.CLIENT) { checkIfTokenIsIssuedToClient(clientAuth, authToRevoke); } if (accessToken.getRefreshToken() != null) { tokenStore.removeRefreshToken(accessToken.getRefreshToken()); } tokenStore.removeAccessToken(accessToken); log.debug("Access token removed: {}", tokenMasker.maskToken(token)); if (events != null) { events.publish(new OAuthTokenRevokedEvent(accessToken, revocationInitiator)); } return accessToken.getValue(); } log.debug("No access token {} found in the token store", tokenMasker.maskToken(token)); return null; }
@Override @Transactional public OAuth2AccessToken createAccessToken(OAuth2Authentication authentication) throws AuthenticationException { OAuth2AccessToken existingAccessToken = tokenStore.getAccessToken(authentication); OAuth2RefreshToken refreshToken; if (existingAccessToken != null) { if (existingAccessToken.getRefreshToken() != null) { refreshToken = existingAccessToken.getRefreshToken(); tokenStore.removeRefreshToken(refreshToken); } tokenStore.removeAccessToken(existingAccessToken); } //recreate a refreshToken refreshToken = createRefreshToken(authentication); OAuth2AccessToken accessToken = createAccessToken(authentication, refreshToken); if (accessToken != null) { tokenStore.storeAccessToken(accessToken, authentication); } refreshToken = accessToken.getRefreshToken(); if (refreshToken != null) { tokenStore.storeRefreshToken(refreshToken, authentication); } return accessToken; }
@Override @Transactional public OAuth2AccessToken createAccessToken(OAuth2Authentication authentication) throws AuthenticationException { OAuth2AccessToken existingAccessToken = tokenStore.getAccessToken(authentication); OAuth2RefreshToken refreshToken; if (existingAccessToken != null) { if (existingAccessToken.getRefreshToken() != null) { refreshToken = existingAccessToken.getRefreshToken(); tokenStore.removeRefreshToken(refreshToken); } tokenStore.removeAccessToken(existingAccessToken); } //recreate a refreshToken refreshToken = createRefreshToken(authentication); OAuth2AccessToken accessToken = createAccessToken(authentication, refreshToken); if (accessToken != null) { tokenStore.storeAccessToken(accessToken, authentication); } refreshToken = accessToken.getRefreshToken(); if (refreshToken != null) { tokenStore.storeRefreshToken(refreshToken, authentication); } return accessToken; }
tokenStore.removeRefreshToken(refreshToken);
tokenStore.removeRefreshToken(refreshToken); throw new InvalidTokenException("Invalid refresh token (expired): " + refreshToken); tokenStore.removeRefreshToken(refreshToken); refreshToken = createRefreshToken(authentication);
tokenStore.removeRefreshToken(refreshToken); throw new InvalidTokenException("Invalid refresh token (expired): " + refreshToken); tokenStore.removeRefreshToken(refreshToken); refreshToken = createRefreshToken(authentication);
tokenStore.removeRefreshToken(refreshToken); throw new InvalidTokenException("Invalid refresh token (expired): " + refreshToken); tokenStore.removeRefreshToken(refreshToken); refreshToken = createRefreshToken(authentication);