@Override
public void updateRefreshToken(RefreshToken refreshToken) {
try {
deleteRefreshToken(refreshToken.getTokenId());
tokenStore.create(refreshToken);
} catch (CoreTokenException e) {
logger.error(
"DefaultOAuthTokenStoreImpl::Unable to create refresh token " + refreshToken.getTokenId(),
e);
throw new OAuthProblemException(
Status.SERVER_ERROR_INTERNAL.getCode(),
"Internal error",
"Could not create token in CTS",
null);
} catch (InvalidRequestException e) {
logger.error(
"DefaultOAuthTokenStoreImpl::Unable to delete refresh token " + refreshToken.getTokenId(),
e);
throw new OAuthProblemException(
Status.SERVER_ERROR_INTERNAL.getCode(),
"Internal error",
"Could not delete token in CTS",
null);
}
}
/** {@inheritDoc} */
public AccessToken createAccessToken(
String grantType,
String accessTokenType,
String authorizationCode,
String resourceOwnerId,
String clientId,
String redirectUri,
Set<String> scope,
RefreshToken refreshToken,
String nonce,
String claims,
OAuth2Request request)
throws ServerException, NotFoundException {
OpenIdConnectClientRegistration clientRegistration = getClientRegistration(clientId, request);
final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
final String id = UUID.randomUUID().toString();
final String auditId = UUID.randomUUID().toString();
String realm = realmNormaliser.normalise(request.<String>getParameter(REALM));
long expiryTime = 0;
if (clientRegistration == null) {
expiryTime = providerSettings.getAccessTokenLifetime() + System.currentTimeMillis();
} else {
expiryTime =
clientRegistration.getAccessTokenLifeTime(providerSettings) + System.currentTimeMillis();
}
final AccessToken accessToken;
if (refreshToken == null) {
accessToken =
new OpenAMAccessToken(
id,
authorizationCode,
resourceOwnerId,
clientId,
redirectUri,
scope,
expiryTime,
null,
OAuth2Constants.Token.OAUTH_ACCESS_TOKEN,
grantType,
nonce,
realm,
claims,
auditId);
} else {
accessToken =
new OpenAMAccessToken(
id,
authorizationCode,
resourceOwnerId,
clientId,
redirectUri,
scope,
expiryTime,
refreshToken.getTokenId(),
OAuth2Constants.Token.OAUTH_ACCESS_TOKEN,
grantType,
nonce,
realm,
claims,
auditId);
}
try {
tokenStore.create(accessToken);
if (auditLogger.isAuditLogEnabled()) {
String[] obs = {"CREATED_TOKEN", accessToken.toString()};
auditLogger.logAccessMessage("CREATED_TOKEN", obs, null);
}
} catch (CoreTokenException e) {
logger.error("Could not create token in CTS: " + e.getMessage());
if (auditLogger.isAuditLogEnabled()) {
String[] obs = {"FAILED_CREATE_TOKEN", accessToken.toString()};
auditLogger.logErrorMessage("FAILED_CREATE_TOKEN", obs, null);
}
throw new ServerException("Could not create token in CTS: " + e.getMessage());
}
request.setToken(AccessToken.class, accessToken);
return accessToken;
}