org.xdi.oxauth.model.common.AccessToken クラス

org.xdi.oxauth.model.common.AccessToken の継承関係図

org.xdi.oxauth.model.common.AccessToken 連携図

公開メンバ関数
	AccessToken (int lifeTime)
	AccessToken (String tokenCode, Date creationDate, Date expirationDate)
TokenType	getTokenType ()
void	checkExpired ()
void	checkExpired (Date now)
boolean	isValid ()
String	getCode ()
void	setCode (String code)
Date	getCreationDate ()
void	setCreationDate (Date creationDate)
Date	getExpirationDate ()
void	setExpirationDate (Date expirationDate)
boolean	isRevoked ()
synchronized void	setRevoked (boolean revoked)
boolean	isExpired ()
synchronized void	setExpired (boolean expired)
String	getAuthMode ()
void	setAuthMode (String authMode)
String	getSessionDn ()
void	setSessionDn (String sessionDn)
int	getExpiresIn ()
String	getHash (SignatureAlgorithm signatureAlgorithm)

非公開変数類
TokenType	tokenType

詳解

Access token (as well as any access token type-specific attributes) MUST be kept confidential in transit and storage, and only shared among the authorization server, the resource servers the access token is valid for, and the client to whom the access token is issued.

When using the implicit grant type, the access token is transmitted in the URI fragment, which can expose it to unauthorized parties.

The authorization server MUST ensure that access tokens cannot be generated, modified, or guessed to produce valid access tokens by unauthorized parties.

The client SHOULD request access tokens with the minimal scope and lifetime necessary. The authorization server SHOULD take the client identity into account when choosing how to honor the requested scope and lifetime, and MAY issue an access token with a less rights than requested.

著者

Javier Rojas Blum Date: 09.29.2011

構築子と解体子

AccessToken() [1/2]

org.xdi.oxauth.model.common.AccessToken.AccessToken ( int  lifeTime )

inline

Constructs an access token.

When created, a token is valid for a given lifetime, and after this period of time, it will be marked as expired automatically by a background process.

When required, the token can be marked as revoked.

引数

lifeTime

The life time of the token.

                                     {
        super(lifeTime);
        this.tokenType = TokenType.BEARER;
    }

AccessToken() [2/2]

org.xdi.oxauth.model.common.AccessToken.AccessToken ( String  tokenCode, Date  creationDate, Date  expirationDate  )

inline

                                                                                 {
        super(tokenCode, creationDate, expirationDate);
    }

関数詳解

checkExpired() [1/2]

void org.xdi.oxauth.model.common.AbstractToken.checkExpired ( )

inlineinherited

Checks whether the token has expired and if true, marks itself as expired.

                               {
        checkExpired(new Date());
    }

checkExpired() [2/2]

void org.xdi.oxauth.model.common.AbstractToken.checkExpired ( Date  now )

inlineinherited

Checks whether the token has expired and if true, marks itself as expired.

                                       {
        if (now.after(expirationDate)) {
            expired = true;
        }
    }

getAuthMode()

String org.xdi.oxauth.model.common.AbstractToken.getAuthMode ( )

inlineinherited

Returns the authentication mode.

戻り値

The authentication mode.

                                {
        return authMode;
    }

getCode()

String org.xdi.oxauth.model.common.AbstractToken.getCode ( )

inlineinherited

Returns the token code.

戻り値

The Code of the token.

                            {
        return code;
    }

getCreationDate()

Date org.xdi.oxauth.model.common.AbstractToken.getCreationDate ( )

inlineinherited

Returns the creation date of the token.

戻り値

The creation date.

                                  {
        return creationDate != null ? new Date(creationDate.getTime()) : null;
    }

getExpirationDate()

Date org.xdi.oxauth.model.common.AbstractToken.getExpirationDate ( )

inlineinherited

Returns the expiration date of the token.

戻り値

The expiration date.

                                    {
        return expirationDate != null ? new Date(expirationDate.getTime()) : null;
    }

getExpiresIn()

int org.xdi.oxauth.model.common.AbstractToken.getExpiresIn ( )

inlineinherited

Returns the lifetime in seconds of the token.

戻り値

The lifetime in seconds of the token.

                              {
        int expiresIn = 0;

        checkExpired();
        if (isValid()) {
            long diff = expirationDate.getTime() - new Date().getTime();
            expiresIn = diff != 0 ? (int) (diff / 1000) : 0;
        }

        return expiresIn;
    }

getHash()

String org.xdi.oxauth.model.common.AbstractToken.getHash ( SignatureAlgorithm  signatureAlgorithm )

inlineinherited

                                                                 {
        String hash = null;

        try {
            byte[] digest;
            if (signatureAlgorithm == SignatureAlgorithm.HS256 ||
                    signatureAlgorithm == SignatureAlgorithm.RS256 ||
                    signatureAlgorithm == SignatureAlgorithm.ES256) {
                digest = JwtUtil.getMessageDigestSHA256(code);
            } else if (signatureAlgorithm == SignatureAlgorithm.HS384 ||
                    signatureAlgorithm == SignatureAlgorithm.RS384 ||
                    signatureAlgorithm == SignatureAlgorithm.ES512) {
                digest = JwtUtil.getMessageDigestSHA384(code);
            } else if (signatureAlgorithm == SignatureAlgorithm.HS512 ||
                    signatureAlgorithm == SignatureAlgorithm.RS384 ||
                    signatureAlgorithm == SignatureAlgorithm.ES512) {
                digest = JwtUtil.getMessageDigestSHA512(code);
            } else { // Default
                digest = JwtUtil.getMessageDigestSHA256(code);
            }

            if (digest != null) {
                byte[] lefMostHalf = new byte[digest.length / 2];
                System.arraycopy(digest, 0, lefMostHalf, 0, lefMostHalf.length);
                hash = Base64Util.base64urlencode(lefMostHalf);
            }
        } catch (NoSuchAlgorithmException e) {
        } catch (UnsupportedEncodingException e) {
        } catch (NoSuchProviderException e) {
        } catch (Exception e) {
        }

        return hash;
    }

getSessionDn()

String org.xdi.oxauth.model.common.AbstractToken.getSessionDn ( )

inlineinherited

                                 {
        return sessionDn;
    }

getTokenType()

TokenType org.xdi.oxauth.model.common.AccessToken.getTokenType ( )

inline

Returns the TokenType.

戻り値

The token type.

                                    {
        return tokenType;
    }

isExpired()

boolean org.xdi.oxauth.model.common.AbstractToken.isExpired ( )

inlineinherited

Return true if the token has expired.

戻り値

true if the token has expired.

                               {
        return expired;
    }

isRevoked()

boolean org.xdi.oxauth.model.common.AbstractToken.isRevoked ( )

inlineinherited

Returns true if the token has been revoked.

戻り値

true if the token has been revoked.

                               {
        return revoked;
    }

isValid()

boolean org.xdi.oxauth.model.common.AbstractToken.isValid ( )

inlineinherited

Checks whether a token is valid, it is valid if it is not revoked and not expired.

戻り値

Returns true if the token is valid.

                             {
        return !revoked && !expired;
    }

setAuthMode()

void org.xdi.oxauth.model.common.AbstractToken.setAuthMode ( String  authMode )

inlineinherited

Sets the authentication mode.

引数

authMode

The authentication mode.

                                             {
        this.authMode = authMode;
    }

setCode()

void org.xdi.oxauth.model.common.AbstractToken.setCode ( String  code )

inlineinherited

Sets the token code.

引数

code	The code of the token.

                                     {
        this.code = code;
    }

setCreationDate()

void org.xdi.oxauth.model.common.AbstractToken.setCreationDate ( Date  creationDate )

inlineinherited

Sets the creation date of the token.

引数

creationDate

The creation date.

                                                   {
        this.creationDate = creationDate != null ? new Date(creationDate.getTime()) : null;
    }

setExpirationDate()

void org.xdi.oxauth.model.common.AbstractToken.setExpirationDate ( Date  expirationDate )

inlineinherited

Sets the expiration date of the token.

引数

expirationDate

The expiration date.

                                                       {
        this.expirationDate = expirationDate != null ? new Date(expirationDate.getTime()) : null;
    }

setExpired()

synchronized void org.xdi.oxauth.model.common.AbstractToken.setExpired ( boolean  expired )

inlineinherited

Sets the value of the expired flag to indicate whether the token has expired.

引数

expired

Expire or not.

                                                         {
        this.expired = expired;
    }

setRevoked()

synchronized void org.xdi.oxauth.model.common.AbstractToken.setRevoked ( boolean  revoked )

inlineinherited

Sets the value of the revoked flag to indicate whether the token has been revoked.

引数

revoked

Revoke or not.

                                                         {
        this.revoked = revoked;
    }

setSessionDn()

void org.xdi.oxauth.model.common.AbstractToken.setSessionDn ( String  sessionDn )

inlineinherited

                                               {
        this.sessionDn = sessionDn;
    }

メンバ詳解

tokenType

TokenType org.xdi.oxauth.model.common.AccessToken.tokenType

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/model/common/AccessToken.java