Class JpaRefreshToken1
- java.lang.Object
-
- com.broadleafcommerce.auth.token.provider.jpa.domain.JpaRefreshToken1
-
- All Implemented Interfaces:
RefreshToken
,Serializable
@Entity public class JpaRefreshToken1 extends Object implements Serializable, RefreshToken
JPA Shard partition for recording a refresh token assignment- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description JpaRefreshToken1()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected boolean
canEqual(Object other)
boolean
equals(Object o)
String
getAncestor()
The primary key value of the first refresh token assigned in the current inheritance line.Long
getExpiration()
The maximum lifespan of a refresh token.String
getId()
The primary key of the refresh token.Long
getRotationExpiration()
Refresh token rotation allows for a configurable window of time in which a refresh token may be used multiple times without failure.int
hashCode()
boolean
isRotated()
Whether or not this refresh token instance has been used as part of a refresh attemptvoid
setAncestor(String ancestor)
void
setExpiration(Long expiration)
void
setId(String id)
void
setRotated(boolean isRotated)
void
setRotationExpiration(Long rotationExpiration)
String
toString()
-
-
-
Method Detail
-
getId
public String getId()
Description copied from interface:RefreshToken
The primary key of the refresh token. Aligns with theJTI
param in the refresh token JWT. Note, for a rotatable token, the JTI is two-part. The first segment is the partition identifier (e.g. seeJpaRefreshToken1
as an integer. The second segment is the id captured in this field.- Specified by:
getId
in interfaceRefreshToken
- Returns:
- The primary key of the refresh token
-
getAncestor
public String getAncestor()
Description copied from interface:RefreshToken
The primary key value of the first refresh token assigned in the current inheritance line. Every time a refresh token is used to get a new access token, the rotated refresh token returned in the access token / refresh token pair will reference the original refresh token used at the beginning. Any attempt to re-use a refresh token outside of theRefreshToken.setRotationExpiration(Long)
timeline will result in immediate revocation of the entire inheritance line of refresh tokens.- Specified by:
getAncestor
in interfaceRefreshToken
- Returns:
- The primary key value of the first refresh token assigned in the current inheritance line
-
isRotated
public boolean isRotated()
Description copied from interface:RefreshToken
Whether or not this refresh token instance has been used as part of a refresh attempt- Specified by:
isRotated
in interfaceRefreshToken
- Returns:
- Whether or not this refresh token instance has been used as part of a refresh attempt
-
getRotationExpiration
public Long getRotationExpiration()
Description copied from interface:RefreshToken
Refresh token rotation allows for a configurable window of time in which a refresh token may be used multiple times without failure. Once this point in time is exceeded, the security response detailed inRefreshToken.getAncestor()
is triggered. This window is designed to allow for system irregularities like network latency or outage in which an application may be forced to quickly retry a rotation. Represented as milliseconds after epoch.JpaAuthorizedClient.getRefreshTokenRotationIntervalSeconds()
and the system harvests from there and converts to millis based on the current client being used in the oauth flow.- Specified by:
getRotationExpiration
in interfaceRefreshToken
- Returns:
- The configurable window of time in which a refresh token may be used multiple times without failure
-
getExpiration
public Long getExpiration()
Description copied from interface:RefreshToken
The maximum lifespan of a refresh token. Any attempt (even valid) to use this refresh token after this point in time will result in an invalid security response. Represented as milliseconds after epoch.JpaAuthorizedClient.getRefreshTokenTimeoutSeconds()
and the system harvest from there and converts to millis based on the current client being used in the oauth flow.- Specified by:
getExpiration
in interfaceRefreshToken
- Returns:
- The maximum lifespan of a refresh token
-
setId
public void setId(String id)
- Specified by:
setId
in interfaceRefreshToken
- See Also:
RefreshToken.getId()
-
setAncestor
public void setAncestor(String ancestor)
- Specified by:
setAncestor
in interfaceRefreshToken
- See Also:
RefreshToken.getAncestor()
-
setRotated
public void setRotated(boolean isRotated)
- Specified by:
setRotated
in interfaceRefreshToken
- See Also:
RefreshToken.isRotated()
-
setRotationExpiration
public void setRotationExpiration(Long rotationExpiration)
- Specified by:
setRotationExpiration
in interfaceRefreshToken
- See Also:
RefreshToken.getRotationExpiration()
-
setExpiration
public void setExpiration(Long expiration)
- Specified by:
setExpiration
in interfaceRefreshToken
- See Also:
RefreshToken.getExpiration()
-
canEqual
protected boolean canEqual(Object other)
-
-