Class InternalTokenController

java.lang.Object
de.xima.fc.security.token.InternalTokenController
public class InternalTokenController extends Object
Helper class for internal tokens.

  • Constructor Details

    • InternalTokenController

      public InternalTokenController()

  • Method Details

    • buildIssuer

      public static String buildIssuer(IClientDescriptor clientDescriptor, org.pac4j.core.context.WebContext webContext)
      Builds the issuer URL for the given client descriptor.
      Parameters:
      clientDescriptor - The client descriptor to build the issuer for.
      webContext - The web context to build the issuer for.
      Returns:
      The issuer URL.

    • readRefreshTokenId

      public static UUID readRefreshTokenId(String accessToken)
      Reads the refresh token id from the given access token.
      Parameters:
      accessToken - The access token to read the refresh token id from.
      Returns:
      The refresh token id or null if it could not be read.

    • buildAccessToken

      public static String buildAccessToken(TokenConfiguration tokensConfig, Instant issuedAt, org.pac4j.core.profile.UserProfile userProfile, String issuer, String refreshTokenId) throws TokenCreateException
      Builds an access token for the given user profile.
      Parameters:
      tokensConfig - The token configuration to use.
      issuedAt - The time the token was issued.
      userProfile - The user profile to build the token for.
      issuer - The issuer of the token.
      refreshTokenId - The id of the refresh token.
      Returns:
      The access token.
      Throws:
      TokenCreateException - If the token could not be created.

    • buildIdToken

      public static String buildIdToken(TokenConfiguration tokensConfig, Instant issuedAt, org.pac4j.core.profile.UserProfile userProfile, String issuer, String refreshTokenId) throws TokenCreateException
      Builds an id token for the given user profile.
      Parameters:
      tokensConfig - The token configuration to use.
      issuedAt - The time the token was issued.
      userProfile - The user profile to build the token for.
      issuer - The issuer of the token.
      refreshTokenId - The id of the refresh token.
      Returns:
      The id token.
      Throws:
      TokenCreateException - If the token could not be created.

    • buildRefreshToken

      public static String buildRefreshToken(UserRefreshToken token, String userId, String issuer, String refreshTokenSecret, com.nimbusds.jose.JWSAlgorithm signAlgorithm) throws com.nimbusds.jose.JOSEException
      Builds a refresh token for the given user profile.
      Parameters:
      token - The refresh token to build the token for.
      userId - The id of the user.
      issuer - The issuer of the token.
      refreshTokenSecret - The secret to sign the token with.
      signAlgorithm - The algorithm to sign the token with.
      Returns:
      The refresh token.
      Throws:
      com.nimbusds.jose.JOSEException - If the token could not be created.

    • verifyTokenAndReadPayload

      public static com.alibaba.fastjson.JSONObject verifyTokenAndReadPayload(String token, String tokenSecret) throws InvalidTokenException
      Verifies the given token and reads the payload.
      Parameters:
      token - The token to verify.
      tokenSecret - The secret to verify the token with.
      Returns:
      The payload of the token.
      Throws:
      InvalidTokenException - If the token is invalid.

    • restoreTokenProfile

      public static org.apache.commons.lang3.tuple.Pair<org.pac4j.core.profile.UserProfile, Map<String, Serializable>> restoreTokenProfile(org.pac4j.core.profile.UserProfile profile, String accessToken)
      Tries to restore a user profile from an internal token and sets the session data accordingly.
      Parameters:
      profile - The user profile to evaluate for restoration.
      Returns:
      A pair of the restored user profile and the session data.