public final class SampleRefreshTokenUsage extends Object
Sample code to get a token aggregate using the AuthorizationClientHelper.
Use AuthorizationClientHelper.getTokenAggregate() to obtain a TokenAggregate for a client. (maps to OAuth2.0 Client Credentials grant type)
Use AuthorizationClientHelper.getTokenAggregateForUser(httpServletRequest) to obtain a TokenAggregate for a user. (maps to OAuth2.0 Authorization Code grant type)
Use AuthorizationClientHelper.getTokenAggregateForUser(userName, userPass) to obtain a TokenAggregate for a user. (maps to OAuth2.0 ROPC grant type)
TokenAggregate.getAccessToken().toString() returns the access token.
AccessToken.getExpiresIn() returns the token's expiry in seconds. This can be used to cache the token for a specific lease time.
AccessToken.getScopes() returns a list of scopes associated with the token.
TokenAggregate.getRefreshToken().toString() returns the refresh token.
RefreshToken.getExpiresIn() returns the refresh token's expiry in seconds.
import java.io.IOException;
import org.apache.http.HttpEntity;
import org.apache.http.HttpStatus;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import com.avaya.collaboration.authorization.AuthorizationHelperException;
import com.avaya.collaboration.authorization.client.AccessToken;
import com.avaya.collaboration.authorization.client.RefreshToken;
import com.avaya.collaboration.authorization.client.TokenAggregate;
import com.avaya.collaboration.authorization.client.AuthorizationClientHelper;
import com.avaya.collaboration.authorization.client.HttpResponseException;
import com.avaya.collaboration.util.logger.Logger;
public class SampleRefreshTokenUsage
{
private static final Logger logger = Logger.getLogger(SampleRefreshTokenUsage.class);
// Calls AuthorizationClientHelper to get a token aggregate for a user.
public void getTokenAggregateForUser(String userName, String userPass)
{
TokenAggregate tokenAggregate = null;
try
{
response = AuthorizationClientHelper.getTokenAggregateForUser(userName, userPass);
if (response != null)
{
AccessToken accessToken = tokenAggregate.getAccessToken();
RefreshToken refreshToken = tokenAggregate.getRefreshToken();
// Use the access token when making authorized resource requests to external services.
getResource(accessToken);
// When the access token expires, use the refresh token to get a fresh set of tokens
tokenAggregate = AuthorizationClientHelper.getTokenAggregate(refreshToken);
}
}
catch (HttpResponseException e)
{
// use this to notify users as to what exactly was the error code
// and the reason associated
// return
// Response.status(e.getStatusCode()).entity(e.getStatusMessage()).build();
}
catch (AuthorizationHelperException e)
{
logger.warn("Caught AuthorizationHelperException: " + e);
}
}
// Calls AuthorizationClientHelper to get a token aggregate for a client
public void getTokenAggregate() throws IOException
{
TokenAggregate tokenAggregate = null;
try
{
tokenAggregate = AuthorizationClientHelper.getTokenAggregate();
if (tokenAggregate != null)
{
AccessToken accessToken = tokenAggregate.getAccessToken();
RefreshToken refreshToken = tokenAggregate.getRefreshToken();
// Pass the token to getResource() to make a resource request
getResource(accessToken);
// When the access token expires, use the refresh token to get a fresh set of tokens
tokenAggregate = AuthorizationClientHelper.getTokenAggregate(refreshToken);
}
}
catch (HttpResponseException e)
{
logger.warn("Caught HTTP Response exception: " + e);
}
catch (AuthorizationHelperException e)
{
logger.warn("Caught AuthorizationHelperException: " + e);
}
}
// Populates AccessToken in the Authorization header to make a resource
// request.
private final void getResource(AccessToken accessToken) throws IOException
{
try (CloseableHttpClient httpclient = HttpClients.createDefault())
{
HttpGet httpGet = new HttpGet("https://targethost/resource");
// Add the Authorization header with value as the Bearer token got from
// Authorization Service
httpGet.setHeader("Authorization", "Bearer " + accessToken);
try (CloseableHttpResponse response = httpclient.execute(httpGet))
{
if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK)
{
HttpEntity entity = response.getEntity();
// perform logic with the resource retrieved
EntityUtils.consume(entity);
}
}
}
}
}
Copyright © 2023 Avaya. All rights reserved.