001/******************************************************************************* 002 * Copyright 2018 The MIT Internet Trust Consortium 003 * 004 * Portions copyright 2011-2013 The MITRE Corporation 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); 007 * you may not use this file except in compliance with the License. 008 * You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 *******************************************************************************/ 018/** 019 * 020 */ 021package org.mitre.oauth2.model; 022 023import java.util.Date; 024 025import javax.persistence.Basic; 026import javax.persistence.Column; 027import javax.persistence.Convert; 028import javax.persistence.Entity; 029import javax.persistence.FetchType; 030import javax.persistence.GeneratedValue; 031import javax.persistence.GenerationType; 032import javax.persistence.Id; 033import javax.persistence.JoinColumn; 034import javax.persistence.ManyToOne; 035import javax.persistence.NamedQueries; 036import javax.persistence.NamedQuery; 037import javax.persistence.Table; 038import javax.persistence.Temporal; 039import javax.persistence.Transient; 040 041import org.mitre.oauth2.model.convert.JWTStringConverter; 042import org.springframework.security.oauth2.common.OAuth2RefreshToken; 043 044import com.nimbusds.jwt.JWT; 045 046/** 047 * @author jricher 048 * 049 */ 050@Entity 051@Table(name = "refresh_token") 052@NamedQueries({ 053 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_ALL, query = "select r from OAuth2RefreshTokenEntity r"), 054 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_EXPIRED_BY_DATE, query = "select r from OAuth2RefreshTokenEntity r where r.expiration <= :" + OAuth2RefreshTokenEntity.PARAM_DATE), 055 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_CLIENT, query = "select r from OAuth2RefreshTokenEntity r where r.client = :" + OAuth2RefreshTokenEntity.PARAM_CLIENT), 056 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_TOKEN_VALUE, query = "select r from OAuth2RefreshTokenEntity r where r.jwt = :" + OAuth2RefreshTokenEntity.PARAM_TOKEN_VALUE), 057 @NamedQuery(name = OAuth2RefreshTokenEntity.QUERY_BY_NAME, query = "select r from OAuth2RefreshTokenEntity r where r.authenticationHolder.userAuth.name = :" + OAuth2RefreshTokenEntity.PARAM_NAME) 058}) 059public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { 060 061 public static final String QUERY_BY_TOKEN_VALUE = "OAuth2RefreshTokenEntity.getByTokenValue"; 062 public static final String QUERY_BY_CLIENT = "OAuth2RefreshTokenEntity.getByClient"; 063 public static final String QUERY_EXPIRED_BY_DATE = "OAuth2RefreshTokenEntity.getAllExpiredByDate"; 064 public static final String QUERY_ALL = "OAuth2RefreshTokenEntity.getAll"; 065 public static final String QUERY_BY_NAME = "OAuth2RefreshTokenEntity.getByName"; 066 067 public static final String PARAM_TOKEN_VALUE = "tokenValue"; 068 public static final String PARAM_CLIENT = "client"; 069 public static final String PARAM_DATE = "date"; 070 public static final String PARAM_NAME = "name"; 071 072 private Long id; 073 074 private AuthenticationHolderEntity authenticationHolder; 075 076 private ClientDetailsEntity client; 077 078 //JWT-encoded representation of this access token entity 079 private JWT jwt; 080 081 // our refresh tokens might expire 082 private Date expiration; 083 084 /** 085 * 086 */ 087 public OAuth2RefreshTokenEntity() { 088 089 } 090 091 /** 092 * @return the id 093 */ 094 @Id 095 @GeneratedValue(strategy = GenerationType.IDENTITY) 096 @Column(name = "id") 097 public Long getId() { 098 return id; 099 } 100 101 /** 102 * @param id the id to set 103 */ 104 public void setId(Long id) { 105 this.id = id; 106 } 107 108 /** 109 * The authentication in place when the original access token was 110 * created 111 * 112 * @return the authentication 113 */ 114 @ManyToOne 115 @JoinColumn(name = "auth_holder_id") 116 public AuthenticationHolderEntity getAuthenticationHolder() { 117 return authenticationHolder; 118 } 119 120 /** 121 * @param authentication the authentication to set 122 */ 123 public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) { 124 this.authenticationHolder = authenticationHolder; 125 } 126 127 /** 128 * Get the JWT-encoded value of this token 129 */ 130 @Override 131 @Transient 132 public String getValue() { 133 return jwt.serialize(); 134 } 135 136 @Basic 137 @Temporal(javax.persistence.TemporalType.TIMESTAMP) 138 @Column(name = "expiration") 139 public Date getExpiration() { 140 return expiration; 141 } 142 143 /* (non-Javadoc) 144 * @see org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken#setExpiration(java.util.Date) 145 */ 146 147 public void setExpiration(Date expiration) { 148 this.expiration = expiration; 149 } 150 151 /** 152 * Has this token expired? 153 * @return true if it has a timeout set and the timeout has passed 154 */ 155 @Transient 156 public boolean isExpired() { 157 return getExpiration() == null ? false : System.currentTimeMillis() > getExpiration().getTime(); 158 } 159 160 /** 161 * @return the client 162 */ 163 @ManyToOne(fetch = FetchType.EAGER) 164 @JoinColumn(name = "client_id") 165 public ClientDetailsEntity getClient() { 166 return client; 167 } 168 169 /** 170 * @param client the client to set 171 */ 172 public void setClient(ClientDetailsEntity client) { 173 this.client = client; 174 } 175 176 /** 177 * Get the JWT object directly 178 * @return the jwt 179 */ 180 @Basic 181 @Column(name="token_value") 182 @Convert(converter = JWTStringConverter.class) 183 public JWT getJwt() { 184 return jwt; 185 } 186 187 /** 188 * @param jwt the jwt to set 189 */ 190 public void setJwt(JWT jwt) { 191 this.jwt = jwt; 192 } 193 194}