Package org.craftercms.studio.api.v2.service.security

Interface AccessTokenService

All Known Implementing Classes:
AccessTokenServiceImpl
public interface AccessTokenService
Defines all operations related to access and refresh tokens
Since:
4.0
Author:
joseross

  • Method Summary

    Modifier and Type
    Method
    Description
    PersistentAccessToken
    createAccessToken(String label, Instant expiresOn)
    Creates a new access token for the current user
    AccessToken
    createTokens(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletResponse response)
    Creates the access & refresh tokens for the given authentication
    void
    deleteAccessToken(long id)
    Deletes an access token for the current user
    void
    deleteExpiredRefreshTokens()
    Deletes all expired refresh tokens
    void
    deleteRefreshToken(org.springframework.security.core.Authentication auth)
    Deletes the refresh token for the given authentication
    List<PersistentAccessToken>
    getAccessTokens()
    Get all existing access tokens for the current user
    String
    getUsername(String token)
    Returns the username for the given access token
    boolean
    hasValidRefreshToken(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
    Checks if the given request contains a valid refresh token
    PersistentAccessToken
    updateAccessToken(long id, boolean enabled)
    Updates an access token for the current user
    void
    updateRefreshToken(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletResponse response)
    Updates the refresh token for the given response
    void
    updateUserActivity(org.springframework.security.core.Authentication authentication)
    Updates the user activity record to extend the timeout

  • Method Details

    • hasValidRefreshToken

      boolean hasValidRefreshToken(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Checks if the given request contains a valid refresh token
      Parameters:
      auth - the current authentication
      request - the request to check
      response - the response
      Returns:
      true if the request contains a valid refresh token

    • updateRefreshToken

      void updateRefreshToken(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletResponse response)
      Updates the refresh token for the given response
      Parameters:
      auth - the current authentication
      response - the response

    • createTokens

      AccessToken createTokens(org.springframework.security.core.Authentication auth, javax.servlet.http.HttpServletResponse response) throws ServiceLayerException
      Creates the access & refresh tokens for the given authentication
      Parameters:
      auth - the current authentication
      response - the response
      Returns:
      the access token
      Throws:
      ServiceLayerException - if there is any error creating the access token

    • deleteRefreshToken

      void deleteRefreshToken(org.springframework.security.core.Authentication auth)
      Deletes the refresh token for the given authentication
      Parameters:
      auth - the current authentication

    • deleteExpiredRefreshTokens

      void deleteExpiredRefreshTokens()
      Deletes all expired refresh tokens

    • createAccessToken

      PersistentAccessToken createAccessToken(String label, Instant expiresOn) throws ServiceLayerException
      Creates a new access token for the current user
      Parameters:
      label - the label of the access token
      expiresOn - the date of expiration of the access token
      Returns:
      the access token
      Throws:
      ServiceLayerException - if there is any error creating the access token

    • getAccessTokens

      List<PersistentAccessToken> getAccessTokens()
      Get all existing access tokens for the current user
      Returns:
      the list of access tokens

    • updateAccessToken

      PersistentAccessToken updateAccessToken(long id, boolean enabled)
      Updates an access token for the current user
      Parameters:
      id - the id of the access token
      enabled - indicates if the token is enabled or not
      Returns:
      the updated access token

    • deleteAccessToken

      void deleteAccessToken(long id)
      Deletes an access token for the current user
      Parameters:
      id - the id of the access token

    • getUsername

      String getUsername(String token)
      Returns the username for the given access token
      Parameters:
      token - the access token
      Returns:
      the username, null if the access token is invalid

    • updateUserActivity

      void updateUserActivity(org.springframework.security.core.Authentication authentication)
      Updates the user activity record to extend the timeout
      Parameters:
      authentication - the current authentication