java.lang.Object
- de.xima.fc.api.rest.pub.impl.security.controller.UserTokenController

public class UserTokenController
extends Object

Controller for user token operations.

Constructor Summary

Constructors
Constructor	Description
`UserTokenController(org.pac4j.core.context.WebContext webContext, org.pac4j.core.context.session.SessionStore sessionStore, org.pac4j.core.config.Config pac4jConfig)`	Constructor.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`AuthenticationResponse`	`authenticate(String clientName, String userName, String password)`	Authenticates the user profile and returns the tokens.
`static UserTokenController`	`forRestApi(javax.servlet.http.HttpServletRequest servletRequest, javax.servlet.http.HttpServletResponse servletResponse)`	Factory method to create a UserTokenController for REST API usage.
`AuthenticationTokenResponse`	`getTokenResponseFromProfile(org.pac4j.core.profile.UserProfile pac4jProfile)`	Returns the tokens from the user profile and creates an `AuthenticationTokenResponse`.
`MfaTempTokenResponse`	`refreshMfaTempToken(String token)`
`AuthenticationTokenResponse`	`refreshTokens(String clientName, String refreshToken)`	Refreshes the tokens and returns the new tokens.
`boolean`	`revokeRefreshToken(String refreshToken)`	Revokes the refresh token.
`MfaVerificationResponse`	`verifyMfaCode(String mfaCode, String mfaToken, boolean saveAuthentication)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

UserTokenController

public UserTokenController(org.pac4j.core.context.WebContext webContext,
                           org.pac4j.core.context.session.SessionStore sessionStore,
                           org.pac4j.core.config.Config pac4jConfig)

Constructor.

Parameters:: webContext - the web context; sessionStore - the session store; pac4jConfig - the pac4j configuration

Method Detail

forRestApi
```
public static UserTokenController forRestApi(javax.servlet.http.HttpServletRequest servletRequest,
                                             javax.servlet.http.HttpServletResponse servletResponse)
```
Factory method to create a UserTokenController for REST API usage.

Parameters:

servletRequest - the HTTP servlet request

servletResponse - the HTTP servlet response

Returns:

a new UserTokenController instance

getTokenResponseFromProfile
```
public AuthenticationTokenResponse getTokenResponseFromProfile(org.pac4j.core.profile.UserProfile pac4jProfile)
```
Returns the tokens from the user profile and creates an AuthenticationTokenResponse.

Parameters:

pac4jProfile - the Pac4J user profile

Returns:

the token response

authenticate
```
public AuthenticationResponse authenticate(String clientName,
                                           String userName,
                                           String password)
                                    throws TokenCreateException,
                                           UserMfaTempTokenMaxException
```
Authenticates the user profile and returns the tokens.

Parameters:

clientName - the client for which the user should be authenticated

userName - the username

password - the password

Returns:

the authentication response, which may require MFA

Throws:

TokenCreateException - if the token creation fails

javax.ws.rs.NotFoundException - if the client or user profile is not found

UserMfaTempTokenMaxException - if the user has reached the maximum number of temporary tokens for MFA

refreshMfaTempToken

public MfaTempTokenResponse refreshMfaTempToken(String token)
                                         throws UserMfaTempTokenMaxException,
                                                UserMfaTempTokenNotFoundException,
                                                UserMfaTempTokenExpiredException

Throws:: UserMfaTempTokenMaxException; UserMfaTempTokenNotFoundException; UserMfaTempTokenExpiredException

refreshTokens

public AuthenticationTokenResponse refreshTokens(String clientName,
                                                 String refreshToken)
                                          throws InvalidTokenException,
                                                 UnknownTokenException,
                                                 TokenCreateException

Refreshes the tokens and returns the new tokens.

Parameters:: clientName - the name of the client for which the tokens should be refreshed; refreshToken - the refresh token
Returns:: the token response
Throws:: InvalidTokenException - if the token is invalid; UnknownTokenException - if the token is unknown; TokenCreateException - if the token creation fails

revokeRefreshToken
```
public boolean revokeRefreshToken(String refreshToken)
```
Revokes the refresh token.

Parameters:

refreshToken - the refresh token

Returns:

true if the refresh token was revoked, false otherwise

verifyMfaCode

public MfaVerificationResponse verifyMfaCode(String mfaCode,
                                             String mfaToken,
                                             boolean saveAuthentication)
                                      throws UserMfaTempTokenMaxException,
                                             UserMfaTempTokenNotFoundException,
                                             UserMfaTempTokenExpiredException,
                                             TokenCreateException

Throws:: UserMfaTempTokenMaxException; UserMfaTempTokenNotFoundException; UserMfaTempTokenExpiredException; TokenCreateException

Class UserTokenController

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

UserTokenController

Method Detail

forRestApi

getTokenResponseFromProfile

authenticate

refreshMfaTempToken

refreshTokens

revokeRefreshToken

verifyMfaCode