Package net.officefloor.web.jwt.authority

Class JwtAuthorityManagedObjectSource

java.lang.Object

net.officefloor.frame.api.managedobject.source.impl.AbstractAsyncManagedObjectSource<O,F>

net.officefloor.frame.api.managedobject.source.impl.AbstractManagedObjectSource<None,JwtAuthorityManagedObjectSource.Flows>

net.officefloor.web.jwt.authority.JwtAuthorityManagedObjectSource

All Implemented Interfaces:

ManagedObjectSource<None,JwtAuthorityManagedObjectSource.Flows>

public class JwtAuthorityManagedObjectSource
extends AbstractManagedObjectSource<None,JwtAuthorityManagedObjectSource.Flows>

JwtAuthority ManagedObjectSource.

Key activation period is as follows:

1. Access/Refresh token - expire period
2. Encode access/refresh token keys - refreshed every expire period and key must be active for minimum number of expire periods

Author:

Daniel Sagenschneider

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	JwtAuthorityManagedObjectSource.Flows	Flow keys.
protected static class	JwtAuthorityManagedObjectSource.TimeWindow	Time window to determine appropriate token.

Nested classes/interfaces inherited from class net.officefloor.frame.api.managedobject.source.impl.AbstractAsyncManagedObjectSource

AbstractAsyncManagedObjectSource.DependencyLabeller<K extends java.lang.Enum<K>>, AbstractAsyncManagedObjectSource.ExecutionLabeller, AbstractAsyncManagedObjectSource.Labeller<K extends java.lang.Enum<K>>, AbstractAsyncManagedObjectSource.MetaDataContext<O extends java.lang.Enum<O>,F extends java.lang.Enum<F>>, AbstractAsyncManagedObjectSource.SpecificationContext

Field Summary

Fields

Modifier and Type	Field	Description
static long	DEFAULT_ACCESS_KEY_EXPIRATION_PERIOD	Default expiration period for JwtAccessKey.
static long	DEFAULT_ACCESS_TOKEN_EXPIRATION_PERIOD	Default expiration period for access tokens.
static java.lang.String	DEFAULT_ACCESS_TOKEN_KEY_FACTORY	Default JwtAccessKey AsynchronousKeyFactory.
static int	DEFAULT_KEY_LOAD_WAIT_TIME	Default wait time for the JwtRefreshKey and JwtAccessKey instances to be available.
static long	DEFAULT_REFRESH_KEY_EXPIRATION_PERIOD	Default expiration period for JwtRefreshKey.
static java.lang.String	DEFAULT_REFRESH_TOKEN_CIPHER_FACTORY	Default JwtRefreshKey CipherFactory.
static long	DEFAULT_REFRESH_TOKEN_EXPIRATION_PERIOD	Default expiration period for refresh tokens.
static java.lang.String	DEFAULT_REFRESH_TOKEN_KEY_FACTORY	Default JwtRefreshKey SynchronousKeyFactory.
static int	MINIMUM_ACCESS_KEY_OVERLAP_PERIODS	Minimum number of overlap access token periods for he JwtAccessKey instances.
static int	MINIMUM_REFRESH_KEY_OVERLAP_PERIODS	Minimum number of overlap refresh token periods for he JwtRefreshKey instances.
static java.lang.String	PROPERTY_ACCESS_KEY_EXPIRATION_PERIOD	Property name for the expiration period for the JwtAccessKey.
static java.lang.String	PROPERTY_ACCESS_KEY_OVERLAP_PERIODS	Property name for number of overlap access token periods for the JwtAccessKey instances.
static java.lang.String	PROPERTY_ACCESS_TOKEN_EXPIRATION_PERIOD	Property name for the expiration period for access token.
static java.lang.String	PROPERTY_ACCESS_TOKEN_KEY_FACTORY	Property for the AsynchronousKeyFactory Class for the JwtAccessKey.
static java.lang.String	PROPERTY_IDENTITY_CLASS	Property name for the identity Class.
static java.lang.String	PROPERTY_KEY_LOAD_WAIT_TIME	Property for the wait time for loading JwtRefreshKey and JwtAccessKey instances.
static java.lang.String	PROPERTY_REFRESH_KEY_EXPIRATION_PERIOD	Property name for the expiration period for the JwtRefreshKey.
static java.lang.String	PROPERTY_REFRESH_KEY_OVERLAP_PERIODS	Property name for number of overlap refresh token periods for the JwtRefreshKey instances.
static java.lang.String	PROPERTY_REFRESH_TOKEN_CIPHER_FACTORY	Property for the JwtRefreshKey CipherFactory.
static java.lang.String	PROPERTY_REFRESH_TOKEN_EXPIRATION_PERIOD	Property name for the expiration period for refresh token.
static java.lang.String	PROPERTY_REFRESH_TOKEN_KEY_FACTORY	Property for the SynchronousKeyFactory Class for the JwtRefreshKey.

Constructor Summary

Constructors

Constructor	Description
JwtAuthorityManagedObjectSource()

Method Summary

Modifier and Type	Method	Description
static java.lang.String	decrypt(java.security.Key key, byte[] initVector, byte[] startSalt, byte[] laceBytes, byte[] endSalt, java.lang.String cipherText, CipherFactory cipherFactory)	Decrypts the value.
static java.lang.String	encrypt(java.security.Key key, byte[] initVector, byte[] startSalt, byte[] laceBytes, byte[] endSalt, java.lang.String value, CipherFactory cipherFactory)	Encrypts the value.
protected ManagedObject	getManagedObject()	Synchronously obtains the ManagedObject.
protected void	loadMetaData(AbstractAsyncManagedObjectSource.MetaDataContext<None,JwtAuthorityManagedObjectSource.Flows> context)	Overridden to load meta-data.
protected void	loadSpecification(AbstractAsyncManagedObjectSource.SpecificationContext context)	Overridden to load specifications.
static java.lang.String	randomString(int minLength, int maxLength)	Generates a random string.
void	start(ManagedObjectExecuteContext<JwtAuthorityManagedObjectSource.Flows> context)	Called once after ManagedObjectSource.init(ManagedObjectSourceContext) to indicate this ManagedObjectSource should start execution.

Methods inherited from class net.officefloor.frame.api.managedobject.source.impl.AbstractManagedObjectSource

sourceManagedObject

Methods inherited from class net.officefloor.frame.api.managedobject.source.impl.AbstractAsyncManagedObjectSource

getSpecification, init, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PROPERTY_IDENTITY_CLASS

public static final java.lang.String PROPERTY_IDENTITY_CLASS

Property name for the identity Class.

See Also:

Constant Field Values

PROPERTY_ACCESS_TOKEN_EXPIRATION_PERIOD

public static final java.lang.String PROPERTY_ACCESS_TOKEN_EXPIRATION_PERIOD

Property name for the expiration period for access token. Period measured in seconds.

See Also:

Constant Field Values

DEFAULT_ACCESS_TOKEN_EXPIRATION_PERIOD

public static final long DEFAULT_ACCESS_TOKEN_EXPIRATION_PERIOD

Default expiration period for access tokens.

PROPERTY_ACCESS_KEY_OVERLAP_PERIODS

public static final java.lang.String PROPERTY_ACCESS_KEY_OVERLAP_PERIODS

Property name for number of overlap access token periods for the JwtAccessKey instances.

See Also:

Constant Field Values

MINIMUM_ACCESS_KEY_OVERLAP_PERIODS

public static final int MINIMUM_ACCESS_KEY_OVERLAP_PERIODS

Minimum number of overlap access token periods for he JwtAccessKey instances.

See Also:

Constant Field Values

PROPERTY_ACCESS_KEY_EXPIRATION_PERIOD

public static final java.lang.String PROPERTY_ACCESS_KEY_EXPIRATION_PERIOD

Property name for the expiration period for the JwtAccessKey. Period measured in seconds.

See Also:

Constant Field Values

DEFAULT_ACCESS_KEY_EXPIRATION_PERIOD

public static final long DEFAULT_ACCESS_KEY_EXPIRATION_PERIOD

Default expiration period for JwtAccessKey.

PROPERTY_ACCESS_TOKEN_KEY_FACTORY

public static final java.lang.String PROPERTY_ACCESS_TOKEN_KEY_FACTORY

Property for the AsynchronousKeyFactory Class for the JwtAccessKey.

See Also:

Constant Field Values

DEFAULT_ACCESS_TOKEN_KEY_FACTORY

public static final java.lang.String DEFAULT_ACCESS_TOKEN_KEY_FACTORY

Default JwtAccessKey AsynchronousKeyFactory.

PROPERTY_REFRESH_TOKEN_EXPIRATION_PERIOD

public static final java.lang.String PROPERTY_REFRESH_TOKEN_EXPIRATION_PERIOD

Property name for the expiration period for refresh token. Period measured in seconds.

See Also:

Constant Field Values

DEFAULT_REFRESH_TOKEN_EXPIRATION_PERIOD

public static final long DEFAULT_REFRESH_TOKEN_EXPIRATION_PERIOD

Default expiration period for refresh tokens.

PROPERTY_REFRESH_KEY_OVERLAP_PERIODS

public static final java.lang.String PROPERTY_REFRESH_KEY_OVERLAP_PERIODS

Property name for number of overlap refresh token periods for the JwtRefreshKey instances.

See Also:

Constant Field Values

MINIMUM_REFRESH_KEY_OVERLAP_PERIODS

public static final int MINIMUM_REFRESH_KEY_OVERLAP_PERIODS

Minimum number of overlap refresh token periods for he JwtRefreshKey instances.

See Also:

Constant Field Values

PROPERTY_REFRESH_KEY_EXPIRATION_PERIOD

public static final java.lang.String PROPERTY_REFRESH_KEY_EXPIRATION_PERIOD

Property name for the expiration period for the JwtRefreshKey. Period measured in seconds.

See Also:

Constant Field Values

DEFAULT_REFRESH_KEY_EXPIRATION_PERIOD

public static final long DEFAULT_REFRESH_KEY_EXPIRATION_PERIOD

Default expiration period for JwtRefreshKey.

PROPERTY_REFRESH_TOKEN_CIPHER_FACTORY

public static final java.lang.String PROPERTY_REFRESH_TOKEN_CIPHER_FACTORY

Property for the JwtRefreshKey CipherFactory.

See Also:

Constant Field Values

DEFAULT_REFRESH_TOKEN_CIPHER_FACTORY

public static final java.lang.String DEFAULT_REFRESH_TOKEN_CIPHER_FACTORY

Default JwtRefreshKey CipherFactory.

PROPERTY_REFRESH_TOKEN_KEY_FACTORY

public static final java.lang.String PROPERTY_REFRESH_TOKEN_KEY_FACTORY

Property for the SynchronousKeyFactory Class for the JwtRefreshKey.

See Also:

Constant Field Values

DEFAULT_REFRESH_TOKEN_KEY_FACTORY

public static final java.lang.String DEFAULT_REFRESH_TOKEN_KEY_FACTORY

Default JwtRefreshKey SynchronousKeyFactory.

PROPERTY_KEY_LOAD_WAIT_TIME

public static final java.lang.String PROPERTY_KEY_LOAD_WAIT_TIME

Property for the wait time for loading JwtRefreshKey and JwtAccessKey instances. Time measured in seconds.

See Also:

Constant Field Values

DEFAULT_KEY_LOAD_WAIT_TIME

public static final int DEFAULT_KEY_LOAD_WAIT_TIME

Default wait time for the JwtRefreshKey and JwtAccessKey instances to be available.

See Also:

Constant Field Values

Constructor Detail

JwtAuthorityManagedObjectSource

public JwtAuthorityManagedObjectSource()

Method Detail

randomString

public static java.lang.String randomString(int minLength,
                                            int maxLength)

Generates a random string.

Parameters:

minLength - Minimum length of the string.

maxLength - Maximum length of the string.

Returns:

Random string.

encrypt

public static java.lang.String encrypt(java.security.Key key,
                                       byte[] initVector,
                                       byte[] startSalt,
                                       byte[] laceBytes,
                                       byte[] endSalt,
                                       java.lang.String value,
                                       CipherFactory cipherFactory)
                                throws java.lang.Exception

Encrypts the value.

Parameters:

key - Key.

initVector - Initialise vector.

startSalt - Start salt.

laceBytes - Lace.

endSalt - End salt.

value - Value.

cipherFactory - CipherFactory.

Returns:

Encrypted value.

Throws:

java.lang.Exception - If fails to encrypt value.

decrypt

public static java.lang.String decrypt(java.security.Key key,
                                       byte[] initVector,
                                       byte[] startSalt,
                                       byte[] laceBytes,
                                       byte[] endSalt,
                                       java.lang.String cipherText,
                                       CipherFactory cipherFactory)
                                throws java.lang.Exception

Decrypts the value.

Parameters:

key - Key.

initVector - Initialise vector.

startSalt - Start salt.

laceBytes - Lace.

endSalt - End salt.

cipherText - Encrypted value.

cipherFactory - CipherFactory.

Returns:

Plaintext value.

Throws:

java.lang.Exception - If fails to decrypt value.

loadSpecification

protected void loadSpecification(AbstractAsyncManagedObjectSource.SpecificationContext context)

Description copied from class: AbstractAsyncManagedObjectSource

Overridden to load specifications.

Specified by:

loadSpecification in class AbstractAsyncManagedObjectSource<None,JwtAuthorityManagedObjectSource.Flows>

Parameters:

context - Specifications.

loadMetaData

protected void loadMetaData(AbstractAsyncManagedObjectSource.MetaDataContext<None,JwtAuthorityManagedObjectSource.Flows> context)
                     throws java.lang.Exception

Description copied from class: AbstractAsyncManagedObjectSource

Overridden to load meta-data.

Specified by:

loadMetaData in class AbstractAsyncManagedObjectSource<None,JwtAuthorityManagedObjectSource.Flows>

Parameters:

context - Meta-data.

Throws:

java.lang.Exception - If fails to load the meta-data.

start

public void start(ManagedObjectExecuteContext<JwtAuthorityManagedObjectSource.Flows> context)
           throws java.lang.Exception

Description copied from interface: ManagedObjectSource

Called once after ManagedObjectSource.init(ManagedObjectSourceContext) to indicate this ManagedObjectSource should start execution.

On invocation of this method, ProcessState instances may be invoked via the ManagedObjectExecuteContext.

Specified by:

start in interface ManagedObjectSource<None,JwtAuthorityManagedObjectSource.Flows>

Overrides:

start in class AbstractAsyncManagedObjectSource<None,JwtAuthorityManagedObjectSource.Flows>

Parameters:

context - ManagedObjectExecuteContext to use in starting this ManagedObjectSource.

Throws:

java.lang.Exception - Should the ManagedObjectSource fail to start execution.

getManagedObject

protected ManagedObject getManagedObject()
                                  throws java.lang.Throwable

Description copied from class: AbstractManagedObjectSource

Synchronously obtains the ManagedObject.

Specified by:

getManagedObject in class AbstractManagedObjectSource<None,JwtAuthorityManagedObjectSource.Flows>

Returns:

ManagedObject.

Throws:

java.lang.Throwable - If fails to obtain the ManagedObject.