Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Support GenerateOneTimeTokenRequestResolver

Browse Source 
Closes gh-16291

Signed-off-by: Max Batischev <mblancer@mail.ru>
This commit is contained in:
Max Batischev
2025-01-22 15:20:06 +03:00
committed by Rob Winch
parent 68c8a5ad99
commit 474b5e151a
13 changed files with 398 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/src/main/java/org/springframework/security/authentication/ott/GenerateOneTimeTokenRequest.java
+17 -1
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
package org.springframework.security.authentication.ott;
import java.time.Duration;
import org.springframework.util.Assert;
/**
@@ -26,15 +28,29 @@ import org.springframework.util.Assert;
*/
public class GenerateOneTimeTokenRequest {
private static final Duration DEFAULT_EXPIRES_IN = Duration.ofMinutes(5);
private final String username;
private final Duration expiresIn;
public GenerateOneTimeTokenRequest(String username) {
this(username, DEFAULT_EXPIRES_IN);
}
public GenerateOneTimeTokenRequest(String username, Duration expiresIn) {
Assert.hasText(username, "username cannot be empty");
Assert.notNull(expiresIn, "expiresIn cannot be null");
this.username = username;
this.expiresIn = expiresIn;
}
public String getUsername() {
return this.username;
}
public Duration getExpiresIn() {
return this.expiresIn;
}
}
core/src/main/java/org/springframework/security/authentication/ott/InMemoryOneTimeTokenService.java
+3 -3
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -44,8 +44,8 @@ public final class InMemoryOneTimeTokenService implements OneTimeTokenService {
@NonNull
public OneTimeToken generate(GenerateOneTimeTokenRequest request) {
String token = UUID.randomUUID().toString();
Instant fiveMinutesFromNow = this.clock.instant().plusSeconds(300);
OneTimeToken ott = new DefaultOneTimeToken(token, request.getUsername(), fiveMinutesFromNow);
Instant expiresAt = this.clock.instant().plus(request.getExpiresIn());
OneTimeToken ott = new DefaultOneTimeToken(token, request.getUsername(), expiresAt);
this.oneTimeTokenByToken.put(token, ott);
cleanExpiredTokensIfNeeded();
return ott;
core/src/main/java/org/springframework/security/authentication/ott/JdbcOneTimeTokenService.java
+3 -4
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -21,7 +21,6 @@ import java.sql.SQLException;
import java.sql.Timestamp;
import java.sql.Types;
import java.time.Clock;
import java.time.Duration;
import java.time.Instant;
import java.util.ArrayList;
import java.util.List;
@@ -132,8 +131,8 @@ public final class JdbcOneTimeTokenService implements OneTimeTokenService, Dispo
public OneTimeToken generate(GenerateOneTimeTokenRequest request) {
Assert.notNull(request, "generateOneTimeTokenRequest cannot be null");
String token = UUID.randomUUID().toString();
Instant fiveMinutesFromNow = this.clock.instant().plus(Duration.ofMinutes(5));
OneTimeToken oneTimeToken = new DefaultOneTimeToken(token, request.getUsername(), fiveMinutesFromNow);
Instant expiresAt = this.clock.instant().plus(request.getExpiresIn());
OneTimeToken oneTimeToken = new DefaultOneTimeToken(token, request.getUsername(), expiresAt);
insertOneTimeToken(oneTimeToken);
return oneTimeToken;
}