JwtTokenEnhancer (OAuth2 for Spring Security 2.0.0.M2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.oauth2.provider.token
Class JwtTokenEnhancer

java.lang.Object
  org.springframework.security.oauth2.provider.token.JwtTokenEnhancer

All Implemented Interfaces:: org.springframework.beans.factory.InitializingBean, TokenEnhancer

public class JwtTokenEnhancer
extends Object
implements TokenEnhancer, org.springframework.beans.factory.InitializingBean
extends Object
implements TokenEnhancer, org.springframework.beans.factory.InitializingBean

OAuth2 token services that produces JWT encoded token values.

Author:: Dave Syer, Luke Taylor

Field Summary
`static String`	`TOKEN_ID` Field name for token id.

Constructor Summary
`JwtTokenEnhancer()`

Method Summary
`void`	`afterPropertiesSet()`
`protected Map<String,Object>`	`decode(String token)`
`protected String`	`encode(OAuth2AccessToken accessToken, OAuth2Authentication authentication)`
`OAuth2AccessToken`	`enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication)` Provides an opportunity for customization of an access token (e.g.
`Map<String,String>`	`getKey(Principal principal)` Get the verification key for the token signatures.
`void`	`setSigningKey(String key)` Sets the JWT signing key.
`void`	`setVerifierKey(String key)` The key used for verifying signatures produced by this class.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

TOKEN_ID

public static final String TOKEN_ID

Field name for token id.

See Also:: Constant Field Values

Constructor Detail

JwtTokenEnhancer

public JwtTokenEnhancer()

Method Detail

getKey

public Map<String,String> getKey(Principal principal)

Get the verification key for the token signatures.

Returns:: the key used to verify tokens

setSigningKey

public void setSigningKey(String key)

Sets the JWT signing key. It can be either a simple MAC key or an RSA key. RSA keys should be in OpenSSH format, as produced by ssh-keygen.

Parameters:: key - the key to be used for signing JWTs.

setVerifierKey

public void setVerifierKey(String key)

The key used for verifying signatures produced by this class. This is not used but is returned from the endpoint to allow resource servers to obtain the key. For an HMAC key it will be the same value as the signing key and does not need to be set. For and RSA key, it should be set to the String representation of the public key, in a standard format (e.g. OpenSSH keys)

Parameters:: key - the signature verification key (typically an RSA public key)

enhance

public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,
                                 OAuth2Authentication authentication)

Description copied from interface: TokenEnhancer

Provides an opportunity for customization of an access token (e.g. through its additional information map) during the process of creating a new token for use by a client.

Specified by:: enhance in interface TokenEnhancer

Parameters:: accessToken - the current access token with its expiration and refresh token; authentication - the current authentication including client and user details
Returns:: a new token enhanced with additional information

encode

protected String encode(OAuth2AccessToken accessToken,
                        OAuth2Authentication authentication)

decode

protected Map<String,Object> decode(String token)

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception

Specified by:: afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

Throws:: Exception