Class UserTokenController
java.lang.Object
de.xima.fc.api.rest.pub.impl.security.controller.UserTokenController
Controller for user token operations.
-
Constructor Summary
ConstructorsConstructorDescriptionUserTokenController(org.pac4j.core.context.WebContext webContext, org.pac4j.core.context.session.SessionStore sessionStore, org.pac4j.core.config.Config pac4jConfig) Constructor. -
Method Summary
Modifier and TypeMethodDescriptionauthenticate(String clientName, String userName, String password) Authenticates the user profile and returns the tokens.static UserTokenControllerforRestApi(javax.servlet.http.HttpServletRequest servletRequest, javax.servlet.http.HttpServletResponse servletResponse) Factory method to create a UserTokenController for REST API usage.getTokenResponseFromProfile(org.pac4j.core.profile.UserProfile pac4jProfile) Returns the tokens from the user profile and creates anAuthenticationTokenResponse.refreshMfaTempToken(String token) refreshTokens(String clientName, String refreshToken) Refreshes the tokens and returns the new tokens.booleanrevokeRefreshToken(String refreshToken) Revokes the refresh token.verifyMfaCode(String mfaCode, String mfaToken, boolean saveAuthentication)
-
Constructor Details
-
UserTokenController
public UserTokenController(org.pac4j.core.context.WebContext webContext, org.pac4j.core.context.session.SessionStore sessionStore, org.pac4j.core.config.Config pac4jConfig) Constructor.- Parameters:
webContext- the web contextsessionStore- the session storepac4jConfig- the pac4j configuration
-
-
Method Details
-
forRestApi
public static UserTokenController forRestApi(javax.servlet.http.HttpServletRequest servletRequest, javax.servlet.http.HttpServletResponse servletResponse) Factory method to create a UserTokenController for REST API usage.- Parameters:
servletRequest- the HTTP servlet requestservletResponse- the HTTP servlet response- Returns:
- a new UserTokenController instance
-
getTokenResponseFromProfile
public AuthenticationTokenResponse getTokenResponseFromProfile(org.pac4j.core.profile.UserProfile pac4jProfile) Returns the tokens from the user profile and creates anAuthenticationTokenResponse.- Parameters:
pac4jProfile- the Pac4J user profile- Returns:
- the token response
-
authenticate
public AuthenticationResponse authenticate(String clientName, String userName, String password) throws TokenCreateException, UserMfaTempTokenMaxException Authenticates the user profile and returns the tokens.- Parameters:
clientName- the client for which the user should be authenticateduserName- the usernamepassword- the password- Returns:
- the authentication response, which may require MFA
- Throws:
TokenCreateException- if the token creation failsjavax.ws.rs.NotFoundException- if the client or user profile is not foundUserMfaTempTokenMaxException- if the user has reached the maximum number of temporary tokens for MFA
-
refreshMfaTempToken
public MfaTempTokenResponse refreshMfaTempToken(String token) throws UserMfaTempTokenMaxException, UserMfaTempTokenNotFoundException, UserMfaTempTokenExpiredException -
refreshTokens
public AuthenticationTokenResponse refreshTokens(String clientName, String refreshToken) throws InvalidTokenException, UnknownTokenException, TokenCreateException Refreshes the tokens and returns the new tokens.- Parameters:
clientName- the name of the client for which the tokens should be refreshedrefreshToken- the refresh token- Returns:
- the token response
- Throws:
InvalidTokenException- if the token is invalidUnknownTokenException- if the token is unknownTokenCreateException- if the token creation fails
-
revokeRefreshToken
Revokes the refresh token.- Parameters:
refreshToken- the refresh token- Returns:
- true if the refresh token was revoked, false otherwise
-
verifyMfaCode
public MfaVerificationResponse verifyMfaCode(String mfaCode, String mfaToken, boolean saveAuthentication) throws UserMfaTempTokenMaxException, UserMfaTempTokenNotFoundException, UserMfaTempTokenExpiredException, TokenCreateException
-