Navigation Menu

Skip to content
This repository has been archived by the owner on May 31, 2022. It is now read-only.

Expose reuseRefreshTokens feature #318

Closed
Glamdring opened this issue Nov 17, 2014 · 4 comments
Closed

Expose reuseRefreshTokens feature #318

Glamdring opened this issue Nov 17, 2014 · 4 comments
Labels
type: enhancement
Milestone
2.0.5

Comments

@Glamdring
Copy link

Currently only the validity of the refresh token is exposed for configuration (via ClientDetailsServiceConfigurer), but you can't specify whether to reuse refresh tokens.

Well, you can, with ugly reflection, but it should be prettier:

    endpoints.clientDetailsService(detailsService); //autowired detailsService instance

    // we need this in order to reuse the private createTokenServices() method to properly populate the default values
    Method method = endpoints.getClass().getDeclaredMethod("createTokenServices");
    method.setAccessible(true);
    DefaultTokenServices defaultService = (DefaultTokenServices) ReflectionUtils.invokeMethod(method, endpoints);
    defaultService.setReuseRefreshToken(false);
    endpoints.tokenServices(defaultService);
@dsyer
Copy link
Contributor

dsyer commented Nov 18, 2014

You can create your own instanceof DefaultTokenServices and set it up however you want (no need for reflection since it has public constructor and methods). It might be useful to expose that boolean property, but I'm not sure the right way to do it is directly on the AuthorizationServerEndpointsConfigurer. It feels like a builder for the token services might be a better abstraction (if you feel like making a contribution).

@Glamdring
Copy link
Author

Reflection is needed because the fields that are set by default in the createTokenServices method require too much extra logic.

when I have time, I may make a PR.

@dsyer
Copy link
Contributor

dsyer commented Nov 18, 2014

I guess that's a different definition of "not needed" than I used. Fair enough. A PR would be excellent in any case (please do the contributor's agreement - link in README - if you haven't already).

@jonas-grgt
Copy link

I feel like making this contribution if it's ok for @Glamdring

The ideas for the builder I currently have look like this

        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
            endpoints
                    .tokenServices(
                            endpoints.tokenServiceConfigurer()
                                .tokenStore(tokenStore)
                                .tokenEnhancer(tokenEnhancer)
                                .reuseRefreshToken(true))
                    .authenticationManager(authenticationManager);

// or separate the builder in a different configurer method (I prefer this approch)

       @Override
        public void configure(TokenServicesConfigurer tokenServices) throws Exception {
                    tokenServices.tokenStore(tokenStore)
                           .tokenEnhancer(tokenEnhancer)
                           .reuseRefreshToken(true)

@jonas-grgt jonas-grgt mentioned this issue Dec 13, 2014
Closed
@dsyer dsyer added this to the 2.0.5 milestone Dec 16, 2014
@dsyer dsyer closed this as completed in 793ebe0 Dec 16, 2014
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type: enhancement
Milestone
2.0.5
Development

No branches or pull requests
4 participants
@dsyer @jonas-grgt @Glamdring @jgrandja