com.atlassian.oauth2.provider.api.token

Interface TokenService

public interface TokenService

Method Summary

Modifier and Type	Method and Description
AccessToken	createAccessToken(String clientId, String userKey, String authorizationCode, long authorizationDate, Scope scope) Creates an Access Token
RefreshToken	createRefreshToken(String clientId, String userKey, long authorizationDate, String accessTokenId, Scope scope, String authorizationCode, int refreshCount) Creates a Refresh Token
List<AccessToken>	findAccessTokensByUserKey(com.atlassian.sal.api.user.UserKey userKey) Finds access tokens for userKey
Optional<AccessToken>	findByAccessTokenId(String tokenId) Tries to find a AccessToken using the raw token
Optional<RefreshToken>	findByRefreshTokenId(String tokenId) Tries to find a RefreshToken using the raw token
List<RefreshToken>	findRefreshTokensByUserKey(com.atlassian.sal.api.user.UserKey userKey) Finds refresh tokens for userKey
List<RefreshToken>	findRefreshTokensForClientId(String clientId) Finds refresh tokens for a client id
List<String>	findUserKeysByClientId(String clientId) Finds user keys of tokens for a client id
boolean	isAccessTokenValid(String clientId, String accessTokenId) Checks if the provided access token is stored against the provided client ID
boolean	isCodeRedeemed(String authorizationCode) Checks if the provided authorization code is held against an existing token
boolean	isRefreshTokenValid(String clientId, String refreshTokenId) Checks if the provided refresh token is stored against the provided client ID
Optional<AccessToken>	removeAccessTokenAssociatedWith(String refreshTokenId) Removes token associated with refresh token
Optional<AccessToken>	removeAccessTokenById(String tokenId) Removes stored token using raw token
void	removeByClientId(String clientId) Removes all tokens for client id
List<AccessToken>	removeByUserKey(String userKey) Removes all tokens for user key
void	removeExpiredAccessTokens(Duration expirationPeriod) Removes all expired access tokens
void	removeExpiredRefreshTokens(Duration expirationPeriod) Removes all expired refresh tokens
Optional<RefreshToken>	removeRefreshToken(String refreshTokenId) Removes refresh token
Optional<RefreshToken>	removeRefreshTokenAssociatedWith(String accessTokenId) Removes token associated with access token
List<RefreshToken>	removeTokensByAuthorizationCode(String authorizationCode) Removes stored tokens using the provided authorization code
boolean	removeTokensById(String tokenId) Removes tokens for tokenId, treating it as an access or refresh token and removing either
void	updateAccessTokenLastAccessed(String tokenId) Updates last accessed time for access token

Method Detail

createAccessToken

@Nonnull
AccessToken createAccessToken(String clientId,
                                       String userKey,
                                       String authorizationCode,
                                       long authorizationDate,
                                       Scope scope)

Creates an Access Token

Parameters:

clientId - client id for the token

userKey - userKey for token

authorizationCode - authorization code used to redeem token

authorizationDate - date when authorization was given

scope - scope for access token

Returns:

created access token

createRefreshToken

@Nonnull
RefreshToken createRefreshToken(String clientId,
                                         String userKey,
                                         long authorizationDate,
                                         String accessTokenId,
                                         Scope scope,
                                         String authorizationCode,
                                         int refreshCount)

Creates a Refresh Token

Parameters:

clientId - client id for the token

userKey - userKey for token

authorizationDate - date when authorization was given

accessTokenId - associated with refresh token

scope - scope for refresh token

refreshCount - the number of refreshes

authorizationCode - authorization code used to redeem token

Returns:

created refresh token

updateAccessTokenLastAccessed

void updateAccessTokenLastAccessed(String tokenId)

Updates last accessed time for access token

Parameters:

tokenId - token to update

findByAccessTokenId

@Nonnull
Optional<AccessToken> findByAccessTokenId(String tokenId)

Tries to find a AccessToken using the raw token

Parameters:

tokenId - raw token to search database with

Returns:

an optional token

findByRefreshTokenId

@Nonnull
Optional<RefreshToken> findByRefreshTokenId(String tokenId)

Tries to find a RefreshToken using the raw token

Parameters:

tokenId - raw token to search database with

Returns:

an optional token

removeAccessTokenById

@Nonnull
Optional<AccessToken> removeAccessTokenById(String tokenId)

Removes stored token using raw token

Parameters:

tokenId - id of the token to remove

Returns:

removed token or empty

removeTokensByAuthorizationCode

@Nonnull
List<RefreshToken> removeTokensByAuthorizationCode(String authorizationCode)

Removes stored tokens using the provided authorization code

Parameters:

authorizationCode - authorization code to search for

Returns:

removed tokens or empty

removeByClientId

void removeByClientId(String clientId)

Removes all tokens for client id

Parameters:

clientId - client id whose tokens are to be removed

removeByUserKey

@Nonnull
List<AccessToken> removeByUserKey(String userKey)

Removes all tokens for user key

Parameters:

userKey - user key for whose tokens are to be removed

Returns:

removed tokens or empty

removeExpiredAccessTokens

void removeExpiredAccessTokens(@Nonnull
                               Duration expirationPeriod)

Removes all expired access tokens

Parameters:

expirationPeriod - the period of time after which we remove access tokens

removeExpiredRefreshTokens

void removeExpiredRefreshTokens(@Nonnull
                                Duration expirationPeriod)

Removes all expired refresh tokens

Parameters:

expirationPeriod - the period of time after which we remove refresh tokens

findUserKeysByClientId

@Nonnull
List<String> findUserKeysByClientId(String clientId)

Finds user keys of tokens for a client id

Parameters:

clientId - client id with tokens to search for

Returns:

found userKeys as strings or an empty list

findRefreshTokensForClientId

@Nonnull
List<RefreshToken> findRefreshTokensForClientId(String clientId)

Finds refresh tokens for a client id

Parameters:

clientId - client id with tokens to search for

Returns:

found refreshTokens or an empty list

findAccessTokensByUserKey

List<AccessToken> findAccessTokensByUserKey(@Nonnull
                                            com.atlassian.sal.api.user.UserKey userKey)

Finds access tokens for userKey

Parameters:

userKey - user key to search with

Returns:

found tokens or an empty list

findRefreshTokensByUserKey

List<RefreshToken> findRefreshTokensByUserKey(@Nonnull
                                              com.atlassian.sal.api.user.UserKey userKey)

Finds refresh tokens for userKey

Parameters:

userKey - user key to search with

Returns:

found tokens or an empty list

removeAccessTokenAssociatedWith

Optional<AccessToken> removeAccessTokenAssociatedWith(String refreshTokenId)

Removes token associated with refresh token

Returns:

revoked access token

removeRefreshTokenAssociatedWith

Optional<RefreshToken> removeRefreshTokenAssociatedWith(String accessTokenId)

Removes token associated with access token

Returns:

revoked refresh token

isAccessTokenValid

boolean isAccessTokenValid(@Nonnull
                           String clientId,
                           @Nonnull
                           String accessTokenId)

Checks if the provided access token is stored against the provided client ID

Parameters:

clientId - id of the client

accessTokenId - id of the access token to validate

Returns:

true if the refresh token is valid

isRefreshTokenValid

boolean isRefreshTokenValid(@Nonnull
                            String clientId,
                            @Nonnull
                            String refreshTokenId)

Checks if the provided refresh token is stored against the provided client ID

Parameters:

clientId - id of the client

refreshTokenId - id of the refresh token to validate

Returns:

true if the refresh token is valid

removeRefreshToken

Optional<RefreshToken> removeRefreshToken(String refreshTokenId)

Removes refresh token

Parameters:

refreshTokenId - - id of the refresh token to remove

Returns:

removed RefreshToken or empty

isCodeRedeemed

boolean isCodeRedeemed(String authorizationCode)

Checks if the provided authorization code is held against an existing token

Parameters:

authorizationCode - code to search for

Returns:

true if the authorization code is found

removeTokensById

boolean removeTokensById(@Nonnull
                         String tokenId)

Removes tokens for tokenId, treating it as an access or refresh token and removing either

Parameters:

tokenId - access or refresh token id

Returns:

true if tokens removed, false if no tokens removed