001/******************************************************************************* 002 * Copyright 2017 The MIT Internet Trust Consortium 003 * 004 * Portions copyright 2011-2013 The MITRE Corporation 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); 007 * you may not use this file except in compliance with the License. 008 * You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 *******************************************************************************/ 018/** 019 * 020 */ 021package org.mitre.oauth2.model; 022 023import java.util.Date; 024 025import javax.persistence.Basic; 026import javax.persistence.Column; 027import javax.persistence.Convert; 028import javax.persistence.Entity; 029import javax.persistence.FetchType; 030import javax.persistence.GeneratedValue; 031import javax.persistence.GenerationType; 032import javax.persistence.Id; 033import javax.persistence.JoinColumn; 034import javax.persistence.ManyToOne; 035import javax.persistence.NamedQueries; 036import javax.persistence.NamedQuery; 037import javax.persistence.Table; 038import javax.persistence.Temporal; 039import javax.persistence.Transient; 040 041import org.mitre.oauth2.model.convert.JWTStringConverter; 042import org.springframework.security.oauth2.common.OAuth2RefreshToken; 043 044import com.nimbusds.jwt.JWT; 045 046/** 047 * @author jricher 048 * 049 */ 050@Entity 051@Table(name = "refresh_token") 052@NamedQueries({ 053 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_ALL, query = "select r from OAuth2RefreshTokenEntity r"), 054 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_EXPIRED_BY_DATE, query = "select r from OAuth2RefreshTokenEntity r where r.expiration <= :" + OAuth2RefreshTokenEntity.PARAM_DATE), 055 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_CLIENT, query = "select r from OAuth2RefreshTokenEntity r where r.client = :" + OAuth2RefreshTokenEntity.PARAM_CLIENT), 056 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_TOKEN_VALUE, query = "select r from OAuth2RefreshTokenEntity r where r.jwt = :" + OAuth2RefreshTokenEntity.PARAM_TOKEN_VALUE) 057}) 058public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { 059 060 public static final String QUERY_BY_TOKEN_VALUE = "OAuth2RefreshTokenEntity.getByTokenValue"; 061 public static final String QUERY_BY_CLIENT = "OAuth2RefreshTokenEntity.getByClient"; 062 public static final String QUERY_EXPIRED_BY_DATE = "OAuth2RefreshTokenEntity.getAllExpiredByDate"; 063 public static final String QUERY_ALL = "OAuth2RefreshTokenEntity.getAll"; 064 065 public static final String PARAM_TOKEN_VALUE = "tokenValue"; 066 public static final String PARAM_CLIENT = "client"; 067 public static final String PARAM_DATE = "date"; 068 069 private Long id; 070 071 private AuthenticationHolderEntity authenticationHolder; 072 073 private ClientDetailsEntity client; 074 075 //JWT-encoded representation of this access token entity 076 private JWT jwt; 077 078 // our refresh tokens might expire 079 private Date expiration; 080 081 /** 082 * 083 */ 084 public OAuth2RefreshTokenEntity() { 085 086 } 087 088 /** 089 * @return the id 090 */ 091 @Id 092 @GeneratedValue(strategy = GenerationType.IDENTITY) 093 @Column(name = "id") 094 public Long getId() { 095 return id; 096 } 097 098 /** 099 * @param id the id to set 100 */ 101 public void setId(Long id) { 102 this.id = id; 103 } 104 105 /** 106 * The authentication in place when the original access token was 107 * created 108 * 109 * @return the authentication 110 */ 111 @ManyToOne 112 @JoinColumn(name = "auth_holder_id") 113 public AuthenticationHolderEntity getAuthenticationHolder() { 114 return authenticationHolder; 115 } 116 117 /** 118 * @param authentication the authentication to set 119 */ 120 public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) { 121 this.authenticationHolder = authenticationHolder; 122 } 123 124 /** 125 * Get the JWT-encoded value of this token 126 */ 127 @Override 128 @Transient 129 public String getValue() { 130 return jwt.serialize(); 131 } 132 133 @Basic 134 @Temporal(javax.persistence.TemporalType.TIMESTAMP) 135 @Column(name = "expiration") 136 public Date getExpiration() { 137 return expiration; 138 } 139 140 /* (non-Javadoc) 141 * @see org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken#setExpiration(java.util.Date) 142 */ 143 144 public void setExpiration(Date expiration) { 145 this.expiration = expiration; 146 } 147 148 /** 149 * Has this token expired? 150 * @return true if it has a timeout set and the timeout has passed 151 */ 152 @Transient 153 public boolean isExpired() { 154 return getExpiration() == null ? false : System.currentTimeMillis() > getExpiration().getTime(); 155 } 156 157 /** 158 * @return the client 159 */ 160 @ManyToOne(fetch = FetchType.EAGER) 161 @JoinColumn(name = "client_id") 162 public ClientDetailsEntity getClient() { 163 return client; 164 } 165 166 /** 167 * @param client the client to set 168 */ 169 public void setClient(ClientDetailsEntity client) { 170 this.client = client; 171 } 172 173 /** 174 * Get the JWT object directly 175 * @return the jwt 176 */ 177 @Basic 178 @Column(name="token_value") 179 @Convert(converter = JWTStringConverter.class) 180 public JWT getJwt() { 181 return jwt; 182 } 183 184 /** 185 * @param jwt the jwt to set 186 */ 187 public void setJwt(JWT jwt) { 188 this.jwt = jwt; 189 } 190 191}