Package de.xima.fc.security.token

Class InternalTokenController

java.lang.Object

de.xima.fc.security.token.InternalTokenController

public class InternalTokenController
extends Object

Helper class for internal tokens.

Constructor Summary

Constructors

Constructor	Description
InternalTokenController()

Method Summary

Modifier and Type	Method	Description
static String	buildAccessToken(TokenConfiguration tokensConfig, Instant issuedAt, org.pac4j.core.profile.UserProfile userProfile, String issuer, String refreshTokenId)	Builds an access token for the given user profile.
static String	buildIdToken(TokenConfiguration tokensConfig, Instant issuedAt, org.pac4j.core.profile.UserProfile userProfile, String issuer, String refreshTokenId)	Builds an id token for the given user profile.
static String	buildIssuer(IClientDescriptor clientDescriptor, org.pac4j.core.context.WebContext webContext)	Builds the issuer URL for the given client descriptor.
static String	buildRefreshToken(UserRefreshToken token, String userId, String issuer, String refreshTokenSecret, com.nimbusds.jose.JWSAlgorithm signAlgorithm)	Builds a refresh token for the given user profile.
static UUID	readRefreshTokenId(String accessToken)	Reads the refresh token id from the given access token.
static org.apache.commons.lang3.tuple.Pair<org.pac4j.core.profile.UserProfile,Map<String,Serializable>>	restoreTokenProfile(org.pac4j.core.profile.UserProfile profile, String accessToken)	Tries to restore a user profile from an internal token and sets the session data accordingly.
static com.alibaba.fastjson.JSONObject	verifyTokenAndReadPayload(String token, String tokenSecret)	Verifies the given token and reads the payload.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

InternalTokenController

public InternalTokenController()

Method Detail

buildIssuer

public static String buildIssuer(IClientDescriptor clientDescriptor,
                                 org.pac4j.core.context.WebContext webContext)

Builds the issuer URL for the given client descriptor.

Parameters:

clientDescriptor - The client descriptor to build the issuer for.

webContext - The web context to build the issuer for.

Returns:

The issuer URL.

readRefreshTokenId

public static UUID readRefreshTokenId(String accessToken)

Reads the refresh token id from the given access token.

Parameters:

accessToken - The access token to read the refresh token id from.

Returns:

The refresh token id or null if it could not be read.

buildAccessToken

public static String buildAccessToken(TokenConfiguration tokensConfig,
                                      Instant issuedAt,
                                      org.pac4j.core.profile.UserProfile userProfile,
                                      String issuer,
                                      String refreshTokenId)
                               throws TokenCreateException

Builds an access token for the given user profile.

Parameters:

tokensConfig - The token configuration to use.

issuedAt - The time the token was issued.

userProfile - The user profile to build the token for.

issuer - The issuer of the token.

refreshTokenId - The id of the refresh token.

Returns:

The access token.

Throws:

TokenCreateException - If the token could not be created.

buildIdToken

public static String buildIdToken(TokenConfiguration tokensConfig,
                                  Instant issuedAt,
                                  org.pac4j.core.profile.UserProfile userProfile,
                                  String issuer,
                                  String refreshTokenId)
                           throws TokenCreateException

Builds an id token for the given user profile.

Parameters:

tokensConfig - The token configuration to use.

issuedAt - The time the token was issued.

userProfile - The user profile to build the token for.

issuer - The issuer of the token.

refreshTokenId - The id of the refresh token.

Returns:

The id token.

Throws:

TokenCreateException - If the token could not be created.

buildRefreshToken

public static String buildRefreshToken(UserRefreshToken token,
                                       String userId,
                                       String issuer,
                                       String refreshTokenSecret,
                                       com.nimbusds.jose.JWSAlgorithm signAlgorithm)
                                throws com.nimbusds.jose.JOSEException

Builds a refresh token for the given user profile.

Parameters:

token - The refresh token to build the token for.

userId - The id of the user.

issuer - The issuer of the token.

refreshTokenSecret - The secret to sign the token with.

signAlgorithm - The algorithm to sign the token with.

Returns:

The refresh token.

Throws:

com.nimbusds.jose.JOSEException - If the token could not be created.

verifyTokenAndReadPayload

public static com.alibaba.fastjson.JSONObject verifyTokenAndReadPayload(String token,
                                                                        String tokenSecret)
                                                                 throws InvalidTokenException

Verifies the given token and reads the payload.

Parameters:

token - The token to verify.

tokenSecret - The secret to verify the token with.

Returns:

The payload of the token.

Throws:

InvalidTokenException - If the token is invalid.

restoreTokenProfile

public static org.apache.commons.lang3.tuple.Pair<org.pac4j.core.profile.UserProfile,Map<String,Serializable>> restoreTokenProfile(org.pac4j.core.profile.UserProfile profile,
                                                                                                                                               String accessToken)

Tries to restore a user profile from an internal token and sets the session data accordingly.

Parameters:

profile - The user profile to evaluate for restoration.

Returns:

A pair of the restored user profile and the session data.