public void storeAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication) { String refreshToken = null; if (token.getRefreshToken() != null) { refreshToken = token.getRefreshToken().getValue(); } // the JdbcTokenStore removes the existing token for this token_id [if it exists] // We'll avoid doing so for now, unless a compelling reason to do otherwise presents itself // if (readAccessToken(token.getValue()) != null) { // removeAccessToken(token.getValue()); // } Map<String, AttributeValueUpdate> updates = new HashMap<String, AttributeValueUpdate>(); updates.put( schema.getAccessColumnToken(), new AttributeValueUpdate( new AttributeValue().withB(serializeAccessToken(token)), AttributeAction.PUT)); DynamoDBUtils.nullSafeUpdateS( updates, schema.getAccessColumnAuthenticationId(), authenticationKeyGenerator.extractKey(authentication)); if (authentication.isClientOnly() || authentication.getName() == null || authentication.getName().length() == 0) { DynamoDBUtils.nullSafeUpdateS( updates, schema.getAccessColumnUserName(), schema.getAccessNullUserToken()); updates.put( schema.getAccessColumnIsNullUser(), new AttributeValueUpdate( new AttributeValue().withN(schema.getAccessIsNullUserTrueToken()), AttributeAction.PUT)); } else { DynamoDBUtils.nullSafeUpdateS( updates, schema.getAccessColumnUserName(), authentication.getName()); DynamoDBUtils.nullSafeUpdateS(updates, schema.getAccessColumnIsNullUser(), null); } DynamoDBUtils.nullSafeUpdateS( updates, schema.getAccessColumnClientId(), authentication.getOAuth2Request().getClientId()); updates.put( schema.getAccessColumnAuthentication(), new AttributeValueUpdate( new AttributeValue().withB(serializeAuthentication(authentication)), AttributeAction.PUT)); DynamoDBUtils.nullSafeUpdateS( updates, schema.getAccessColumnRefreshToken(), extractTokenKey(refreshToken)); dynamoDBTemplate.update( schema.getAccessTableName(), // Collections.singletonMap( schema.getAccessColumnTokenId(), new AttributeValue(extractTokenKey(token.getValue()))), // updates); }
public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication) { OAuth2AccessToken accessToken = null; String key = authenticationKeyGenerator.extractKey(authentication); try { String accessTokenId = dynamoDBTemplate.queryUnique( schema.getAccessTableName(), schema.getAccessIndexAuthenticationId(), // Collections.singletonMap( schema.getAccessColumnAuthenticationId(), new Condition() .withComparisonOperator(ComparisonOperator.EQ) .withAttributeValueList(new AttributeValue(key))), // new ObjectExtractor<String>() { public String extract(Map<String, AttributeValue> values) { return values.get(schema.getAccessColumnTokenId()).getS(); } }); accessToken = dynamoDBTemplate.get( schema.getAccessTableName(), Collections.singletonMap( schema.getAccessColumnTokenId(), new AttributeValue(accessTokenId)), new ObjectExtractor<OAuth2AccessToken>() { public OAuth2AccessToken extract(Map<String, AttributeValue> values) { return deserializeAccessToken(values.get(schema.getAccessColumnToken()).getB()); } }); } catch (EmptyResultDataAccessException | IncorrectResultSizeDataAccessException e) { if (LOG.isDebugEnabled()) { LOG.debug("Failed to find access token for authentication " + authentication); } } catch (IllegalArgumentException e) { LOG.error("Could not extract access token for authentication " + authentication, e); } if (accessToken != null && !key.equals( authenticationKeyGenerator.extractKey(readAuthentication(accessToken.getValue())))) { // Keep the store consistent (maybe the same user is represented by this authentication but // the details have // changed) storeAccessToken(accessToken, authentication); } return accessToken; }