001/*******************************************************************************
002 * Copyright 2018 The MIT Internet Trust Consortium
003 *
004 * Portions copyright 2011-2013 The MITRE Corporation
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License");
007 * you may not use this file except in compliance with the License.
008 * You may obtain a copy of the License at
009 *
010 *   http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 *******************************************************************************/
018/**
019 *
020 */
021package org.mitre.oauth2.model;
022
023import java.util.Date;
024
025import javax.persistence.Basic;
026import javax.persistence.Column;
027import javax.persistence.Convert;
028import javax.persistence.Entity;
029import javax.persistence.FetchType;
030import javax.persistence.GeneratedValue;
031import javax.persistence.GenerationType;
032import javax.persistence.Id;
033import javax.persistence.JoinColumn;
034import javax.persistence.ManyToOne;
035import javax.persistence.NamedQueries;
036import javax.persistence.NamedQuery;
037import javax.persistence.Table;
038import javax.persistence.Temporal;
039import javax.persistence.Transient;
040
041import org.mitre.oauth2.model.convert.JWTStringConverter;
042import org.springframework.security.oauth2.common.OAuth2RefreshToken;
043
044import com.nimbusds.jwt.JWT;
045
046/**
047 * @author jricher
048 *
049 */
050@Entity
051@Table(name = "refresh_token")
052@NamedQueries({
053        @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_ALL, query = "select r from OAuth2RefreshTokenEntity r"),
054        @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_EXPIRED_BY_DATE, query = "select r from OAuth2RefreshTokenEntity r where r.expiration <= :" + OAuth2RefreshTokenEntity.PARAM_DATE),
055        @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_CLIENT, query = "select r from OAuth2RefreshTokenEntity r where r.client = :" + OAuth2RefreshTokenEntity.PARAM_CLIENT),
056        @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_TOKEN_VALUE, query = "select r from OAuth2RefreshTokenEntity r where r.jwt = :" + OAuth2RefreshTokenEntity.PARAM_TOKEN_VALUE),
057        @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_NAME, query = "select r from OAuth2RefreshTokenEntity r where r.authenticationHolder.userAuth.name = :" + OAuth2RefreshTokenEntity.PARAM_NAME)
058})
059public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken {
060
061        public static final String QUERY_BY_TOKEN_VALUE = "OAuth2RefreshTokenEntity.getByTokenValue";
062        public static final String QUERY_BY_CLIENT = "OAuth2RefreshTokenEntity.getByClient";
063        public static final String QUERY_EXPIRED_BY_DATE = "OAuth2RefreshTokenEntity.getAllExpiredByDate";
064        public static final String QUERY_ALL = "OAuth2RefreshTokenEntity.getAll";
065        public static final String QUERY_BY_NAME = "OAuth2RefreshTokenEntity.getByName";
066
067        public static final String PARAM_TOKEN_VALUE = "tokenValue";
068        public static final String PARAM_CLIENT = "client";
069        public static final String PARAM_DATE = "date";
070        public static final String PARAM_NAME = "name";
071
072        private Long id;
073
074        private AuthenticationHolderEntity authenticationHolder;
075
076        private ClientDetailsEntity client;
077
078        //JWT-encoded representation of this access token entity
079        private JWT jwt;
080
081        // our refresh tokens might expire
082        private Date expiration;
083
084        /**
085         *
086         */
087        public OAuth2RefreshTokenEntity() {
088
089        }
090
091        /**
092         * @return the id
093         */
094        @Id
095        @GeneratedValue(strategy = GenerationType.IDENTITY)
096        @Column(name = "id")
097        public Long getId() {
098                return id;
099        }
100
101        /**
102         * @param id the id to set
103         */
104        public void setId(Long id) {
105                this.id = id;
106        }
107
108        /**
109         * The authentication in place when the original access token was
110         * created
111         *
112         * @return the authentication
113         */
114        @ManyToOne
115        @JoinColumn(name = "auth_holder_id")
116        public AuthenticationHolderEntity getAuthenticationHolder() {
117                return authenticationHolder;
118        }
119
120        /**
121         * @param authentication the authentication to set
122         */
123        public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) {
124                this.authenticationHolder = authenticationHolder;
125        }
126
127        /**
128         * Get the JWT-encoded value of this token
129         */
130        @Override
131        @Transient
132        public String getValue() {
133                return jwt.serialize();
134        }
135
136        @Basic
137        @Temporal(javax.persistence.TemporalType.TIMESTAMP)
138        @Column(name = "expiration")
139        public Date getExpiration() {
140                return expiration;
141        }
142
143        /* (non-Javadoc)
144         * @see org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken#setExpiration(java.util.Date)
145         */
146
147        public void setExpiration(Date expiration) {
148                this.expiration = expiration;
149        }
150
151        /**
152         * Has this token expired?
153         * @return true if it has a timeout set and the timeout has passed
154         */
155        @Transient
156        public boolean isExpired() {
157                return getExpiration() == null ? false : System.currentTimeMillis() > getExpiration().getTime();
158        }
159
160        /**
161         * @return the client
162         */
163        @ManyToOne(fetch = FetchType.EAGER)
164        @JoinColumn(name = "client_id")
165        public ClientDetailsEntity getClient() {
166                return client;
167        }
168
169        /**
170         * @param client the client to set
171         */
172        public void setClient(ClientDetailsEntity client) {
173                this.client = client;
174        }
175
176        /**
177         * Get the JWT object directly
178         * @return the jwt
179         */
180        @Basic
181        @Column(name="token_value")
182        @Convert(converter = JWTStringConverter.class)
183        public JWT getJwt() {
184                return jwt;
185        }
186
187        /**
188         * @param jwt the jwt to set
189         */
190        public void setJwt(JWT jwt) {
191                this.jwt = jwt;
192        }
193
194}