Package org.craftercms.studio.impl.v2.service.security.internal

Class AccessTokenServiceInternalImpl

java.lang.Object
org.craftercms.studio.impl.v2.service.security.internal.AccessTokenServiceInternalImpl
All Implemented Interfaces:
AccessTokenServiceInternal, org.springframework.beans.factory.InitializingBean
public class AccessTokenServiceInternalImpl extends Object implements AccessTokenServiceInternal, org.springframework.beans.factory.InitializingBean
Default implementation of AccessTokenServiceInternal
Since:
4.0
Author:
joseross

  • Field Details

    • ACTIVITY_CACHE_CONFIG_KEY

      public static final String ACTIVITY_CACHE_CONFIG_KEY
      See Also:

    • issuer

      protected final String issuer
      The issuer for generation access tokens

    • validIssuers

      protected final String[] validIssuers
      List of accepted issuers for validation of access tokens

    • audience

      protected String audience
      The audience for generation and validation of access tokens

    • accessTokenExpiration

      protected final int accessTokenExpiration
      The time in minutes for the expiration of the generated access tokens

    • signPassword

      protected final String signPassword
      The password for signing the access tokens

    • encryptPassword

      protected final String encryptPassword
      The password for encrypting the access tokens

    • sessionTimeout

      protected final int sessionTimeout
      Time in minutes after which active users will be required to login again

    • inactivityTimeout

      protected final int inactivityTimeout
      Time in minutes after which inactive users will be required to login again

    • userActivity

      protected com.google.common.cache.Cache<Long,Instant> userActivity
      Cache used to track the activity of the users

    • jwtSignKey

      protected Key jwtSignKey

    • jwtEncryptKey

      protected Key jwtEncryptKey

    • securityDao

      protected final SecurityDAO securityDao

    • securityService

      protected final SecurityService securityService

    • instanceService

      protected final InstanceService instanceService

    • auditService

      protected final AuditServiceInternal auditService

    • studioConfiguration

      protected final StudioConfiguration studioConfiguration

    • siteService

      protected final SiteService siteService

    • retryingDatabaseOperationFacade

      protected final RetryingDatabaseOperationFacade retryingDatabaseOperationFacade

    • systemStatusProvider

      protected final SystemStatusProvider systemStatusProvider

    • previewTokenEncryptor

      protected final org.craftercms.commons.crypto.TextEncryptor previewTokenEncryptor

  • Constructor Details

  • Method Details

    • setAudience

      public void setAudience(String audience)

    • afterPropertiesSet

      public void afterPropertiesSet()
      Specified by:
      afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

    • hasValidRefreshToken

      public boolean hasValidRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Description copied from interface: AccessTokenServiceInternal
      Checks if the given request contains a valid refresh token
      Specified by:
      hasValidRefreshToken in interface AccessTokenServiceInternal
      Parameters:
      auth - the current authentication
      request - the request to check
      response - the response
      Returns:
      true if the request contains a valid refresh token

    • updateRefreshToken

      public void updateRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletResponse response)
      Description copied from interface: AccessTokenServiceInternal
      Updates the refresh token for the given response
      Specified by:
      updateRefreshToken in interface AccessTokenServiceInternal
      Parameters:
      auth - the current authentication
      response - the response

    • refreshPreviewCookie

      public void refreshPreviewCookie(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, boolean silent) throws ServiceLayerException
      Description copied from interface: AccessTokenServiceInternal
      Refresh the preview site cookie. This method will either update the cookie (or create it) with the current preview site if the user has access to it, or remove it if they do not.
      Specified by:
      refreshPreviewCookie in interface AccessTokenServiceInternal
      Parameters:
      auth - the current authentication
      request - the request
      response - the response
      silent - if false, the method will throw an exception if the user does not have access to the preview site
      Throws:
      ServiceLayerException

    • deletePreviewCookie

      public void deletePreviewCookie(jakarta.servlet.http.HttpServletResponse response)
      Description copied from interface: AccessTokenServiceInternal
      Deletes the preview cookie
      Specified by:
      deletePreviewCookie in interface AccessTokenServiceInternal
      Parameters:
      response - the response

    • createTokens

      public AccessToken createTokens(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws ServiceLayerException
      Description copied from interface: AccessTokenServiceInternal
      Creates the access & refresh tokens for the given authentication
      Specified by:
      createTokens in interface AccessTokenServiceInternal
      Parameters:
      auth - the current authentication
      request - the request
      response - the response
      Returns:
      the access token
      Throws:
      ServiceLayerException - if there is any error creating the access token

    • deleteRefreshToken

      public void deleteRefreshToken(long userId)
      Description copied from interface: AccessTokenServiceInternal
      Deletes the refresh token for the given user
      Specified by:
      deleteRefreshToken in interface AccessTokenServiceInternal
      Parameters:
      userId - the id of the user

    • deleteExpiredRefreshTokens

      public void deleteExpiredRefreshTokens()
      Description copied from interface: AccessTokenServiceInternal
      Deletes all expired refresh tokens
      Specified by:
      deleteExpiredRefreshTokens in interface AccessTokenServiceInternal

    • createAccessToken

      public PersistentAccessToken createAccessToken(String label, Instant expiresAt) throws ServiceLayerException
      Description copied from interface: AccessTokenServiceInternal
      Creates a new access token for the current user
      Specified by:
      createAccessToken in interface AccessTokenServiceInternal
      Parameters:
      label - the label of the access token
      expiresAt - the date of expiration of the access token
      Returns:
      the access token
      Throws:
      ServiceLayerException - if there is any error creating the access token

    • getAccessTokens

      public List<PersistentAccessToken> getAccessTokens()
      Description copied from interface: AccessTokenServiceInternal
      Get all existing access tokens for the current user
      Specified by:
      getAccessTokens in interface AccessTokenServiceInternal
      Returns:
      the list of access tokens

    • updateAccessToken

      public PersistentAccessToken updateAccessToken(long tokenId, boolean enabled)
      Description copied from interface: AccessTokenServiceInternal
      Updates an access token for the current user
      Specified by:
      updateAccessToken in interface AccessTokenServiceInternal
      Parameters:
      tokenId - the id of the access token
      enabled - indicates if the token is enabled or not
      Returns:
      the updated access token

    • deleteAccessToken

      public void deleteAccessToken(long tokenId)
      Description copied from interface: AccessTokenServiceInternal
      Deletes an access token for the current user
      Specified by:
      deleteAccessToken in interface AccessTokenServiceInternal
      Parameters:
      tokenId - the id of the access token

    • deleteUsersTokens

      public void deleteUsersTokens(List<Long> userIds)
      Description copied from interface: AccessTokenServiceInternal
      Deletes all the tokens for the given users
      Specified by:
      deleteUsersTokens in interface AccessTokenServiceInternal
      Parameters:
      userIds - the user ids list

    • getActualAudience

      protected String getActualAudience()

    • getUsername

      public String getUsername(String token)
      Description copied from interface: AccessTokenServiceInternal
      Returns the username for the given access token
      Specified by:
      getUsername in interface AccessTokenServiceInternal
      Parameters:
      token - the access token
      Returns:
      the username, null if the access token is invalid

    • getUserId

      protected long getUserId(org.springframework.security.core.Authentication auth)

    • createToken

      protected String createToken(Instant issuedAt, Instant expiresAt, String username, Long id) throws ServiceLayerException
      Throws:
      ServiceLayerException

    • createAuditLog

      protected void createAuditLog(org.springframework.security.core.Authentication auth, long tokenId, String type, String operation)

    • createAuditLog

      protected void createAuditLog(String actor, long tokenId, String type, String operation)

    • createAuditLog

      protected void createAuditLog(String actor, long tokenId, String type, String value, String operation)

    • updateUserActivity

      public void updateUserActivity(org.springframework.security.core.Authentication authentication)
      Description copied from interface: AccessTokenServiceInternal
      Updates the user activity record to extend the timeout
      Specified by:
      updateUserActivity in interface AccessTokenServiceInternal
      Parameters:
      authentication - the current authentication

    • setRefreshTokenCookieGenerator

      public void setRefreshTokenCookieGenerator(org.springframework.web.util.CookieGenerator refreshTokenCookieGenerator)

    • setPreviewCookieGenerator

      public void setPreviewCookieGenerator(org.springframework.web.util.CookieGenerator previewCookieGenerator)