From c069692ab97e9a8640caf4d9dd8855c08e318548 Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Mon, 2 Nov 2020 19:46:32 -0500 Subject: [PATCH] Extract OAuth2Token from AbstractOAuth2Token Closes gh-5502 --- ...entialsOAuth2AuthorizedClientProvider.java | 4 +- ...eactiveOAuth2AuthorizedClientProvider.java | 4 +- ...asswordOAuth2AuthorizedClientProvider.java | 4 +- ...eactiveOAuth2AuthorizedClientProvider.java | 4 +- ...shTokenOAuth2AuthorizedClientProvider.java | 4 +- ...eactiveOAuth2AuthorizedClientProvider.java | 4 +- .../oauth2/core/AbstractOAuth2Token.java | 20 ++++--- .../security/oauth2/core/OAuth2Token.java | 56 +++++++++++++++++++ 8 files changed, 80 insertions(+), 20 deletions(-) create mode 100644 oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Token.java diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsOAuth2AuthorizedClientProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsOAuth2AuthorizedClientProvider.java index 527b7bfd9f..0a5a88ba04 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsOAuth2AuthorizedClientProvider.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsOAuth2AuthorizedClientProvider.java @@ -25,9 +25,9 @@ import org.springframework.security.oauth2.client.endpoint.DefaultClientCredenti import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient; import org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest; import org.springframework.security.oauth2.client.registration.ClientRegistration; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.OAuth2AuthorizationException; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse; import org.springframework.util.Assert; @@ -97,7 +97,7 @@ public final class ClientCredentialsOAuth2AuthorizedClientProvider implements OA } } - private boolean hasTokenExpired(AbstractOAuth2Token token) { + private boolean hasTokenExpired(OAuth2Token token) { return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew)); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsReactiveOAuth2AuthorizedClientProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsReactiveOAuth2AuthorizedClientProvider.java index e8ec38f7cd..4646dc1370 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsReactiveOAuth2AuthorizedClientProvider.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsReactiveOAuth2AuthorizedClientProvider.java @@ -26,9 +26,9 @@ import org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentia import org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient; import org.springframework.security.oauth2.client.endpoint.WebClientReactiveClientCredentialsTokenResponseClient; import org.springframework.security.oauth2.client.registration.ClientRegistration; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.OAuth2AuthorizationException; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.util.Assert; /** @@ -89,7 +89,7 @@ public final class ClientCredentialsReactiveOAuth2AuthorizedClientProvider tokenResponse.getAccessToken())); } - private boolean hasTokenExpired(AbstractOAuth2Token token) { + private boolean hasTokenExpired(OAuth2Token token) { return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew)); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordOAuth2AuthorizedClientProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordOAuth2AuthorizedClientProvider.java index 931e862b79..d7c5f188c6 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordOAuth2AuthorizedClientProvider.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordOAuth2AuthorizedClientProvider.java @@ -25,9 +25,9 @@ import org.springframework.security.oauth2.client.endpoint.DefaultPasswordTokenR import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient; import org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest; import org.springframework.security.oauth2.client.registration.ClientRegistration; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.OAuth2AuthorizationException; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse; import org.springframework.util.Assert; import org.springframework.util.StringUtils; @@ -116,7 +116,7 @@ public final class PasswordOAuth2AuthorizedClientProvider implements OAuth2Autho } } - private boolean hasTokenExpired(AbstractOAuth2Token token) { + private boolean hasTokenExpired(OAuth2Token token) { return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew)); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordReactiveOAuth2AuthorizedClientProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordReactiveOAuth2AuthorizedClientProvider.java index 7240fef0cc..a353041617 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordReactiveOAuth2AuthorizedClientProvider.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordReactiveOAuth2AuthorizedClientProvider.java @@ -26,9 +26,9 @@ import org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRe import org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient; import org.springframework.security.oauth2.client.endpoint.WebClientReactivePasswordTokenResponseClient; import org.springframework.security.oauth2.client.registration.ClientRegistration; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.OAuth2AuthorizationException; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.util.Assert; import org.springframework.util.StringUtils; @@ -110,7 +110,7 @@ public final class PasswordReactiveOAuth2AuthorizedClientProvider implements Rea tokenResponse.getAccessToken(), tokenResponse.getRefreshToken())); } - private boolean hasTokenExpired(AbstractOAuth2Token token) { + private boolean hasTokenExpired(OAuth2Token token) { return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew)); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenOAuth2AuthorizedClientProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenOAuth2AuthorizedClientProvider.java index 04962922d9..410a33fda1 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenOAuth2AuthorizedClientProvider.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenOAuth2AuthorizedClientProvider.java @@ -28,9 +28,9 @@ import org.springframework.lang.Nullable; import org.springframework.security.oauth2.client.endpoint.DefaultRefreshTokenTokenResponseClient; import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient; import org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.OAuth2AuthorizationException; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse; import org.springframework.util.Assert; @@ -106,7 +106,7 @@ public final class RefreshTokenOAuth2AuthorizedClientProvider implements OAuth2A } } - private boolean hasTokenExpired(AbstractOAuth2Token token) { + private boolean hasTokenExpired(OAuth2Token token) { return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew)); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenReactiveOAuth2AuthorizedClientProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenReactiveOAuth2AuthorizedClientProvider.java index 5f6e16369d..1e9587de35 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenReactiveOAuth2AuthorizedClientProvider.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenReactiveOAuth2AuthorizedClientProvider.java @@ -30,9 +30,9 @@ import org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGra import org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient; import org.springframework.security.oauth2.client.endpoint.WebClientReactiveRefreshTokenTokenResponseClient; import org.springframework.security.oauth2.client.registration.ClientRegistration; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.OAuth2AuthorizationException; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.util.Assert; /** @@ -100,7 +100,7 @@ public final class RefreshTokenReactiveOAuth2AuthorizedClientProvider tokenResponse.getAccessToken(), tokenResponse.getRefreshToken())); } - private boolean hasTokenExpired(AbstractOAuth2Token token) { + private boolean hasTokenExpired(OAuth2Token token) { return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew)); } diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java index 036347bd8e..530f24f344 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2020 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,9 +28,11 @@ import org.springframework.util.Assert; * * @author Joe Grandja * @since 5.0 + * @see OAuth2Token * @see OAuth2AccessToken + * @see OAuth2RefreshToken */ -public abstract class AbstractOAuth2Token implements Serializable { +public abstract class AbstractOAuth2Token implements OAuth2Token, Serializable { private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; @@ -51,9 +53,9 @@ public abstract class AbstractOAuth2Token implements Serializable { /** * Sub-class constructor. * @param tokenValue the token value - * @param issuedAt the time at which the token was issued, may be null + * @param issuedAt the time at which the token was issued, may be {@code null} * @param expiresAt the expiration time on or after which the token MUST NOT be - * accepted, may be null + * accepted, may be {@code null} */ protected AbstractOAuth2Token(String tokenValue, @Nullable Instant issuedAt, @Nullable Instant expiresAt) { Assert.hasText(tokenValue, "tokenValue cannot be empty"); @@ -75,17 +77,19 @@ public abstract class AbstractOAuth2Token implements Serializable { /** * Returns the time at which the token was issued. - * @return the time the token was issued or null + * @return the time the token was issued or {@code null} */ - public @Nullable Instant getIssuedAt() { + @Nullable + public Instant getIssuedAt() { return this.issuedAt; } /** * Returns the expiration time on or after which the token MUST NOT be accepted. - * @return the expiration time of the token or null + * @return the token expiration time or {@code null} */ - public @Nullable Instant getExpiresAt() { + @Nullable + public Instant getExpiresAt() { return this.expiresAt; } diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Token.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Token.java new file mode 100644 index 0000000000..2692b0787d --- /dev/null +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Token.java @@ -0,0 +1,56 @@ +/* + * Copyright 2002-2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.oauth2.core; + +import java.time.Instant; + +import org.springframework.lang.Nullable; + +/** + * Core interface representing an OAuth 2.0 Token. + * + * @author Joe Grandja + * @since 5.5 + * @see AbstractOAuth2Token + */ +public interface OAuth2Token { + + /** + * Returns the token value. + * @return the token value + */ + String getTokenValue(); + + /** + * Returns the time at which the token was issued. + * @return the time the token was issued or {@code null} + */ + @Nullable + default Instant getIssuedAt() { + return null; + } + + /** + * Returns the expiration time on or after which the token MUST NOT be accepted. + * @return the token expiration time or {@code null} + */ + @Nullable + default Instant getExpiresAt() { + return null; + } + +}