Class AccessTokenServiceImpl
java.lang.Object
org.craftercms.studio.impl.v2.service.security.AccessTokenServiceImpl
- All Implemented Interfaces:
AccessTokenService
Default implementation of
AccessTokenService- Since:
- 4.0
- Author:
- joseross
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionAccessTokenServiceImpl(AccessTokenServiceInternal accessTokenServiceInternal) -
Method Summary
Modifier and TypeMethodDescriptioncreateAccessToken(String label, Instant expiresAt) Creates a new access token for the current usercreateTokens(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Creates the access & refresh tokens for the given authenticationvoiddeleteAccessToken(long id) Deletes an access token for the current uservoidDeletes all expired refresh tokensvoiddeletePreviewCookie(jakarta.servlet.http.HttpServletResponse response) Deletes the preview cookievoiddeleteRefreshToken(long userId) Deletes the refresh token for the given userGet all existing access tokens for the current usergetUsername(String token) Returns the username for the given access tokenbooleanhasValidRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Checks if the given request contains a valid refresh tokenvoidrefreshPreviewCookie(org.springframework.security.core.Authentication authentication, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, boolean silent) Refresh the preview site cookie.updateAccessToken(long id, boolean enabled) Updates an access token for the current uservoidupdateRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletResponse response) Updates the refresh token for the given responsevoidupdateUserActivity(org.springframework.security.core.Authentication authentication) Updates the user activity record to extend the timeoutMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.craftercms.studio.api.v2.service.security.AccessTokenService
refreshPreviewCookie
-
Field Details
-
accessTokenServiceInternal
-
-
Constructor Details
-
AccessTokenServiceImpl
@ConstructorProperties("accessTokenServiceInternal") public AccessTokenServiceImpl(AccessTokenServiceInternal accessTokenServiceInternal)
-
-
Method Details
-
hasValidRefreshToken
public boolean hasValidRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Description copied from interface:AccessTokenServiceChecks if the given request contains a valid refresh token- Specified by:
hasValidRefreshTokenin interfaceAccessTokenService- Parameters:
auth- the current authenticationrequest- the request to checkresponse- the response- Returns:
- true if the request contains a valid refresh token
-
updateRefreshToken
public void updateRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletResponse response) Description copied from interface:AccessTokenServiceUpdates the refresh token for the given response- Specified by:
updateRefreshTokenin interfaceAccessTokenService- Parameters:
auth- the current authenticationresponse- the response
-
createTokens
public AccessToken createTokens(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws ServiceLayerException Description copied from interface:AccessTokenServiceCreates the access & refresh tokens for the given authentication- Specified by:
createTokensin interfaceAccessTokenService- Parameters:
auth- the current authenticationrequest- the requestresponse- the response- Returns:
- the access token
- Throws:
ServiceLayerException- if there is any error creating the access token
-
deleteRefreshToken
public void deleteRefreshToken(long userId) Description copied from interface:AccessTokenServiceDeletes the refresh token for the given user- Specified by:
deleteRefreshTokenin interfaceAccessTokenService- Parameters:
userId- the id of the user
-
deleteExpiredRefreshTokens
public void deleteExpiredRefreshTokens()Description copied from interface:AccessTokenServiceDeletes all expired refresh tokens- Specified by:
deleteExpiredRefreshTokensin interfaceAccessTokenService
-
createAccessToken
public PersistentAccessToken createAccessToken(String label, Instant expiresAt) throws ServiceLayerException Description copied from interface:AccessTokenServiceCreates a new access token for the current user- Specified by:
createAccessTokenin interfaceAccessTokenService- Parameters:
label- the label of the access tokenexpiresAt- the date of expiration of the access token- Returns:
- the access token
- Throws:
ServiceLayerException- if there is any error creating the access token
-
getAccessTokens
Description copied from interface:AccessTokenServiceGet all existing access tokens for the current user- Specified by:
getAccessTokensin interfaceAccessTokenService- Returns:
- the list of access tokens
-
updateAccessToken
Description copied from interface:AccessTokenServiceUpdates an access token for the current user- Specified by:
updateAccessTokenin interfaceAccessTokenService- Parameters:
id- the id of the access tokenenabled- indicates if the token is enabled or not- Returns:
- the updated access token
-
deleteAccessToken
public void deleteAccessToken(long id) Description copied from interface:AccessTokenServiceDeletes an access token for the current user- Specified by:
deleteAccessTokenin interfaceAccessTokenService- Parameters:
id- the id of the access token
-
getUsername
Description copied from interface:AccessTokenServiceReturns the username for the given access token- Specified by:
getUsernamein interfaceAccessTokenService- Parameters:
token- the access token- Returns:
- the username, null if the access token is invalid
-
updateUserActivity
public void updateUserActivity(org.springframework.security.core.Authentication authentication) Description copied from interface:AccessTokenServiceUpdates the user activity record to extend the timeout- Specified by:
updateUserActivityin interfaceAccessTokenService- Parameters:
authentication- the current authentication
-
refreshPreviewCookie
public void refreshPreviewCookie(org.springframework.security.core.Authentication authentication, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, boolean silent) throws ServiceLayerException Description copied from interface:AccessTokenServiceRefresh the preview site cookie. This method will either update the cookie (or create it) with the current preview site if the user has access to it, or remove it if they do not.- Specified by:
refreshPreviewCookiein interfaceAccessTokenService- Parameters:
authentication- the current authenticationrequest- the requestresponse- the responsesilent- if false, the method will throw an exception if the user does not have access to the preview site- Throws:
ServiceLayerException
-
deletePreviewCookie
public void deletePreviewCookie(jakarta.servlet.http.HttpServletResponse response) Description copied from interface:AccessTokenServiceDeletes the preview cookie- Specified by:
deletePreviewCookiein interfaceAccessTokenService- Parameters:
response- the response
-