Package com.jalios.jcms.authentication.accesstoken

Class AccessTokenManager

  • public class AccessTokenManager
extends java.lang.Object
    Provides utility methods to manage AccessToken.
    Since:
    JCMS-4770
    See Also:
    AccessToken

    • Field Detail

      • EXPIRING_REMINDER_ALERT_NAME

        public static final java.lang.String EXPIRING_REMINDER_ALERT_NAME
        See Also:
        Constant Field Values

      • EXPIRING_REMINDER_DEFAULT_RECIPIENT

        public static final java.lang.String EXPIRING_REMINDER_DEFAULT_RECIPIENT
        See Also:
        Constant Field Values

    • Method Detail

      • canManageAccessToken

        public static boolean canManageAccessToken​(Member member)
        Check if the specified member is authorized to manage access tokens
        Parameters:
        member - true if member can manage access tokens, false otherwise
        Returns:
        the member to check

      • createAccessToken

        public static final AccessToken createAccessToken​(Member member,
                                                  java.lang.String url,
                                                  AccessTokenOptions hints,
                                                  java.lang.String fingerprint,
                                                  AccessTokenManager.TokenType tokenType)
        Create a new AccessToken in the db for the specified token.
        Parameters:
        member - the member for which token was generated, must not be null
        url - the URL for which token was generated
        hints - the AccessTokenHints instance containing all token information used to generate the token, must not be null
        fingerprint - the unique value identifying the token that was computed, must not be null
        tokenType - the type of token being generated
        Returns:
        a new AccessToken instance

      • getAccessToken

        public static final AccessToken getAccessToken​(Member member,
                                               java.lang.String fingerprint)
        Retrieve the AccessToken stored in DB and matching the specified criteria
        Parameters:
        member - the Member for which the key has been emitted
        fingerprint - a unique value identifying the token that should be retrieved from DB, cf computeTokenFingerprint(String)
        Returns:
        an AccessToken or null

      • deleteAccessToken

        public static void deleteAccessToken​(Member member,
                                     java.lang.String fingerprint)
        Delete AccessToken matching specified parameter.

        Parameters are all required, no operation is performed if any of them are null or empty.

        Parameters:
        member - the member for which AccessToken was emitted.
        fingerprint - the fingerprint of the token that must be deleted, cf computeTokenFingerprint(String)

      • deleteExpiredAccessToken

        public static void deleteExpiredAccessToken()
        Delete all AccessToken whose expiration date is prior to now.

      • sendAccessTokenCreatedAlert

        public static void sendAccessTokenCreatedAlert​(AccessToken accessToken)
        Send the security alert informing the member that a new AccessToken was created
        Parameters:
        accessToken - the token newly created

      • sendAccessTokenDeletedAlert

        public static void sendAccessTokenDeletedAlert​(AccessToken accessToken)
        Send the security alert informing the member that an AccessToken was deleted/revoked
        Parameters:
        accessToken - the token deleted/revoked

      • computeTokenFingerprint

        public static java.lang.String computeTokenFingerprint​(java.lang.String tokenValue)
        Compute a fingerprint of the specified token. Use this method when your access token does not have any simple unique id that can be refenced. This methods computes the SHA256 signature of the specified token value.
        Parameters:
        tokenValue - the value
        Returns:
        a SHA256 fingerprint of the specified tokenValue

      • trackAccessTokenUse

        public static void trackAccessTokenUse​(AccessToken accessToken)
        Update the last used data of the specified AccessToken
        Parameters:
        accessToken - the AccessToken to track (null value authorized, no operation is performed)

      • getExpiringAccessTokenIdList

        protected static java.util.List<java.lang.String> getExpiringAccessTokenIdList()
        Get list of all AccessToken about to expire in the next 30 days (by default).
        Returns:
        id list of token
        Since:
        jcms-10.0.8 / JCMS-4770

      • getExpiringReminderDaysUntilExpiration

        protected static int getExpiringReminderDaysUntilExpiration()
        Returns:
        count of next days during which access token will expire
        Since:
        jcms-10.0.8 / JCMS-4770

      • sendExpiringAccessTokenReminderAlert

        public static void sendExpiringAccessTokenReminderAlert()
        Notifies all members for their expiring soon AccessToken.

        Tokens of invalid accounts will be notified to a default recipient.

        Since:
        jcms-10.0.8 / JCMS-4770