|
|
@@ -4,6 +4,7 @@ import java.util.Date;
|
|
|
import java.util.Set;
|
|
|
import java.util.UUID;
|
|
|
|
|
|
+import org.apache.commons.lang3.StringUtils;
|
|
|
import org.springframework.beans.factory.InitializingBean;
|
|
|
import org.springframework.security.authentication.AuthenticationManager;
|
|
|
import org.springframework.security.core.Authentication;
|
|
|
@@ -206,7 +207,29 @@ public class CustomTokenServices implements AuthorizationServerTokenServices, Re
|
|
|
}
|
|
|
|
|
|
public OAuth2AccessToken readAccessToken(String accessToken) {
|
|
|
- return tokenStore.readAccessToken(accessToken);
|
|
|
+ OAuth2AccessToken token = tokenStore.readAccessToken(accessToken);
|
|
|
+ if (token == null) {
|
|
|
+ throw new InvalidTokenException("Token was not recognised");
|
|
|
+ }
|
|
|
+
|
|
|
+ if (token.isExpired()) {
|
|
|
+ throw new InvalidTokenException("Token has expired");
|
|
|
+ }
|
|
|
+
|
|
|
+ DefaultOAuth2AccessToken oAuth2AccessToken = (DefaultOAuth2AccessToken) token;
|
|
|
+
|
|
|
+ OAuth2Authentication authentication = tokenStore.readAuthentication(accessToken);
|
|
|
+
|
|
|
+ if (StringUtils.equalsIgnoreCase("system", authentication.getOAuth2Request().getClientId())) {
|
|
|
+ int validitySeconds = getAccessTokenValiditySeconds(authentication.getOAuth2Request());
|
|
|
+ if (validitySeconds > 0) {
|
|
|
+ oAuth2AccessToken.setExpiration(new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
|
|
|
+
|
|
|
+ tokenStore.storeAccessToken(oAuth2AccessToken, authentication);
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ return oAuth2AccessToken;
|
|
|
}
|
|
|
|
|
|
public OAuth2Authentication loadAuthentication(String accessTokenValue) throws AuthenticationException,
|
yonge