org.xdi.oxauth.model.common.RefreshToken クラス

org.xdi.oxauth.model.common.RefreshToken の継承関係図

org.xdi.oxauth.model.common.RefreshToken 連携図

公開メンバ関数
	RefreshToken (int lifeTime)
	RefreshToken (String code, Date creationDate, Date expirationDate)
void	checkExpired ()
void	checkExpired (Date now)
boolean	isValid ()
String	getCode ()
void	setCode (String code)
Date	getCreationDate ()
void	setCreationDate (Date creationDate)
Date	getExpirationDate ()
void	setExpirationDate (Date expirationDate)
boolean	isRevoked ()
synchronized void	setRevoked (boolean revoked)
boolean	isExpired ()
synchronized void	setExpired (boolean expired)
String	getAuthMode ()
void	setAuthMode (String authMode)
String	getSessionDn ()
void	setSessionDn (String sessionDn)
int	getExpiresIn ()
String	getHash (SignatureAlgorithm signatureAlgorithm)

詳解

Authorization servers MAY issue refresh tokens to web application clients and native application clients.

Refresh tokens MUST be kept confidential in transit and storage, and shared only among the authorization server and the client to whom the refresh tokens were issued.

The authorization server MUST maintain the binding between a refresh token and the client to whom it was issued. The authorization server MUST verify the binding between the refresh token and client identity whenever the client identity can be authenticated. When client authentication is not possible, the authorization server SHOULD deploy other means to detect refresh token abuse.

For example, the authorization server could employ refresh token rotation in which a new refresh token is issued with every access token refresh response. The previous refresh token is invalidated but retained by the authorization server. If a refresh token is compromised and subsequently used by both the attacker and the legitimate client, one of them will present an invalidated refresh token which will inform the authorization server of the breach.

The authorization server MUST ensure that refresh tokens cannot be generated, modified, or guessed to produce valid refresh tokens by unauthorized parties.

著者

Javier Rojas Date: 09.29.2011

構築子と解体子

RefreshToken() [1/2]

org.xdi.oxauth.model.common.RefreshToken.RefreshToken ( int  lifeTime )

inline

Constructs a refresh token.

When created, a token is valid for a given lifetime, and after this period of time, it will be marked as expired automatically by a background process.

When required, the token can be marked as revoked.

引数

lifeTime

The life time of the token.

                                          {
                super(lifeTime);
        }

RefreshToken() [2/2]

org.xdi.oxauth.model.common.RefreshToken.RefreshToken ( String  code, Date  creationDate, Date  expirationDate  )

inline

                                                                             {
        super(code, creationDate, expirationDate);
    }

関数詳解

checkExpired() [1/2]

void org.xdi.oxauth.model.common.AbstractToken.checkExpired ( )

inlineinherited

Checks whether the token has expired and if true, marks itself as expired.

                               {
        checkExpired(new Date());
    }

checkExpired() [2/2]

void org.xdi.oxauth.model.common.AbstractToken.checkExpired ( Date  now )

inlineinherited

Checks whether the token has expired and if true, marks itself as expired.

                                       {
        if (now.after(expirationDate)) {
            expired = true;
        }
    }

getAuthMode()

String org.xdi.oxauth.model.common.AbstractToken.getAuthMode ( )

inlineinherited

Returns the authentication mode.

戻り値

The authentication mode.

                                {
        return authMode;
    }

getCode()

String org.xdi.oxauth.model.common.AbstractToken.getCode ( )

inlineinherited

Returns the token code.

戻り値

The Code of the token.

                            {
        return code;
    }

getCreationDate()

Date org.xdi.oxauth.model.common.AbstractToken.getCreationDate ( )

inlineinherited

Returns the creation date of the token.

戻り値

The creation date.

                                  {
        return creationDate != null ? new Date(creationDate.getTime()) : null;
    }

getExpirationDate()

Date org.xdi.oxauth.model.common.AbstractToken.getExpirationDate ( )

inlineinherited

Returns the expiration date of the token.

戻り値

The expiration date.

                                    {
        return expirationDate != null ? new Date(expirationDate.getTime()) : null;
    }

getExpiresIn()

int org.xdi.oxauth.model.common.AbstractToken.getExpiresIn ( )

inlineinherited

Returns the lifetime in seconds of the token.

戻り値

The lifetime in seconds of the token.

                              {
        int expiresIn = 0;

        checkExpired();
        if (isValid()) {
            long diff = expirationDate.getTime() - new Date().getTime();
            expiresIn = diff != 0 ? (int) (diff / 1000) : 0;
        }

        return expiresIn;
    }

getHash()

String org.xdi.oxauth.model.common.AbstractToken.getHash ( SignatureAlgorithm  signatureAlgorithm )

inlineinherited

                                                                 {
        String hash = null;

        try {
            byte[] digest;
            if (signatureAlgorithm == SignatureAlgorithm.HS256 ||
                    signatureAlgorithm == SignatureAlgorithm.RS256 ||
                    signatureAlgorithm == SignatureAlgorithm.ES256) {
                digest = JwtUtil.getMessageDigestSHA256(code);
            } else if (signatureAlgorithm == SignatureAlgorithm.HS384 ||
                    signatureAlgorithm == SignatureAlgorithm.RS384 ||
                    signatureAlgorithm == SignatureAlgorithm.ES512) {
                digest = JwtUtil.getMessageDigestSHA384(code);
            } else if (signatureAlgorithm == SignatureAlgorithm.HS512 ||
                    signatureAlgorithm == SignatureAlgorithm.RS384 ||
                    signatureAlgorithm == SignatureAlgorithm.ES512) {
                digest = JwtUtil.getMessageDigestSHA512(code);
            } else { // Default
                digest = JwtUtil.getMessageDigestSHA256(code);
            }

            if (digest != null) {
                byte[] lefMostHalf = new byte[digest.length / 2];
                System.arraycopy(digest, 0, lefMostHalf, 0, lefMostHalf.length);
                hash = Base64Util.base64urlencode(lefMostHalf);
            }
        } catch (NoSuchAlgorithmException e) {
        } catch (UnsupportedEncodingException e) {
        } catch (NoSuchProviderException e) {
        } catch (Exception e) {
        }

        return hash;
    }

getSessionDn()

String org.xdi.oxauth.model.common.AbstractToken.getSessionDn ( )

inlineinherited

                                 {
        return sessionDn;
    }

isExpired()

boolean org.xdi.oxauth.model.common.AbstractToken.isExpired ( )

inlineinherited

Return true if the token has expired.

戻り値

true if the token has expired.

                               {
        return expired;
    }

isRevoked()

boolean org.xdi.oxauth.model.common.AbstractToken.isRevoked ( )

inlineinherited

Returns true if the token has been revoked.

戻り値

true if the token has been revoked.

                               {
        return revoked;
    }

isValid()

boolean org.xdi.oxauth.model.common.AbstractToken.isValid ( )

inlineinherited

Checks whether a token is valid, it is valid if it is not revoked and not expired.

戻り値

Returns true if the token is valid.

                             {
        return !revoked && !expired;
    }

setAuthMode()

void org.xdi.oxauth.model.common.AbstractToken.setAuthMode ( String  authMode )

inlineinherited

Sets the authentication mode.

引数

authMode

The authentication mode.

                                             {
        this.authMode = authMode;
    }

setCode()

void org.xdi.oxauth.model.common.AbstractToken.setCode ( String  code )

inlineinherited

Sets the token code.

引数

code	The code of the token.

                                     {
        this.code = code;
    }

setCreationDate()

void org.xdi.oxauth.model.common.AbstractToken.setCreationDate ( Date  creationDate )

inlineinherited

Sets the creation date of the token.

引数

creationDate

The creation date.

                                                   {
        this.creationDate = creationDate != null ? new Date(creationDate.getTime()) : null;
    }

setExpirationDate()

void org.xdi.oxauth.model.common.AbstractToken.setExpirationDate ( Date  expirationDate )

inlineinherited

Sets the expiration date of the token.

引数

expirationDate

The expiration date.

                                                       {
        this.expirationDate = expirationDate != null ? new Date(expirationDate.getTime()) : null;
    }

setExpired()

synchronized void org.xdi.oxauth.model.common.AbstractToken.setExpired ( boolean  expired )

inlineinherited

Sets the value of the expired flag to indicate whether the token has expired.

引数

expired

Expire or not.

                                                         {
        this.expired = expired;
    }

setRevoked()

synchronized void org.xdi.oxauth.model.common.AbstractToken.setRevoked ( boolean  revoked )

inlineinherited

Sets the value of the revoked flag to indicate whether the token has been revoked.

引数

revoked

Revoke or not.

                                                         {
        this.revoked = revoked;
    }

setSessionDn()

void org.xdi.oxauth.model.common.AbstractToken.setSessionDn ( String  sessionDn )

inlineinherited

                                               {
        this.sessionDn = sessionDn;
    }

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/model/common/RefreshToken.java