Java Code Examples for org.springframework.security.oauth2.common.OAuth2RefreshToken#getValue()
The following examples show how to use
org.springframework.security.oauth2.common.OAuth2RefreshToken#getValue() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: OAuth2CookieHelper.java From cubeai with Apache License 2.0 | 6 votes |
/** * Create a cookie out of the given refresh token. * Refresh token cookies contain the base64 encoded refresh token (a JWT token). * They also contain a hint whether the refresh token was for remember me or not. * If not, then the cookie will be prefixed by the timestamp it was created at followed by a pipe '|'. * This gives us the chance to expire session cookies regardless of the token duration. */ private Cookie createRefreshTokenCookie(OAuth2RefreshToken refreshToken, boolean rememberMe) { int maxAge = -1; String name = SESSION_TOKEN_COOKIE; String value = refreshToken.getValue(); if (rememberMe) { name = REFRESH_TOKEN_COOKIE; //get expiration in seconds from the token's "exp" claim Integer exp = getClaim(refreshToken.getValue(), AccessTokenConverter.EXP, Integer.class); if (exp != null) { int now = (int) (System.currentTimeMillis() / 1000L); maxAge = exp - now; log.debug("refresh token valid for another {} secs", maxAge); //let cookie expire a bit earlier than the token to avoid race conditions maxAge -= REFRESH_TOKEN_EXPIRATION_WINDOW_SECS; } } Cookie refreshTokenCookie = new Cookie(name, value); refreshTokenCookie.setMaxAge(maxAge); return refreshTokenCookie; }
Example 2
Source File: OAuth2CookieHelper.java From tutorials with MIT License | 6 votes |
/** * Create a cookie out of the given refresh token. * Refresh token cookies contain the base64 encoded refresh token (a JWT token). * They also contain a hint whether the refresh token was for remember me or not. * If not, then the cookie will be prefixed by the timestamp it was created at followed by a pipe '|'. * This gives us the chance to expire session cookies regardless of the token duration. */ private Cookie createRefreshTokenCookie(OAuth2RefreshToken refreshToken, boolean rememberMe) { int maxAge = -1; String name = SESSION_TOKEN_COOKIE; String value = refreshToken.getValue(); if (rememberMe) { name = REFRESH_TOKEN_COOKIE; //get expiration in seconds from the token's "exp" claim Integer exp = getClaim(refreshToken.getValue(), AccessTokenConverter.EXP, Integer.class); if (exp != null) { int now = (int) (System.currentTimeMillis() / 1000L); maxAge = exp - now; log.debug("refresh token valid for another {} secs", maxAge); //let cookie expire a bit earlier than the token to avoid race conditions maxAge -= REFRESH_TOKEN_EXPIRATION_WINDOW_SECS; } } Cookie refreshTokenCookie = new Cookie(name, value); refreshTokenCookie.setMaxAge(maxAge); return refreshTokenCookie; }
Example 3
Source File: _OAuth2AuthenticationRefreshToken.java From jhipster-ribbon-hystrix with GNU General Public License v3.0 | 4 votes |
public OAuth2AuthenticationRefreshToken(OAuth2RefreshToken oAuth2RefreshToken, OAuth2Authentication authentication) { this.id = UUID.randomUUID().toString(); this.oAuth2RefreshToken = oAuth2RefreshToken; this.authentication = authentication; this.tokenId = oAuth2RefreshToken.getValue(); }