Class TokenServiceImpl

java.lang.Object
com.app.security.service.impl.TokenServiceImpl
All Implemented Interfaces:
TokenService
@Service public class TokenServiceImpl extends Object implements TokenService
Service implementation for handling JWT token creation, parsing, and refreshing.

This service is responsible for generating access and refresh tokens, validating existing tokens, and refreshing tokens when necessary. It uses JWT (JSON Web Token) to create signed tokens for user authentication and authorization. The service uses user details from the database to generate tokens.

  • Constructor Details

    • TokenServiceImpl

      public TokenServiceImpl()

  • Method Details

    • generateToken

      public TokensDto generateToken(org.springframework.security.core.Authentication authentication)
      Generates access and refresh tokens for the authenticated user.

      This method creates an access token and a refresh token for the user based on the provided authentication object. It uses the user's ID, the current time, and expiration times for the tokens to generate JWT tokens.

      Specified by:
      generateToken in interface TokenService
      Parameters:
      authentication - the authentication object containing the user's credentials
      Returns:
      the generated TokensDto containing the access and refresh tokens

    • parseAccessToken

      public org.springframework.security.authentication.UsernamePasswordAuthenticationToken parseAccessToken(String header)
      Parses the access token from the authorization header and retrieves the associated authentication.

      This method extracts the token from the authorization header, verifies its validity, and retrieves the user details associated with the token. It then creates and returns a UsernamePasswordAuthenticationToken.

      Specified by:
      parseAccessToken in interface TokenService
      Parameters:
      header - the authorization header containing the access token
      Returns:
      the UsernamePasswordAuthenticationToken representing the authenticated user
      Throws:
      IllegalArgumentException - if the authorization header is incorrect or the token is invalid

    • refreshToken

      public TokensDto refreshToken(RefreshTokenDto refreshTokenDto)
      Refreshes the access token using the provided refresh token.

      This method validates the refresh token, checks if the associated access token is still valid, and generates a new set of tokens if possible.

      Specified by:
      refreshToken in interface TokenService
      Parameters:
      refreshTokenDto - the DTO containing the refresh token
      Returns:
      the new TokensDto containing the new access and refresh tokens
      Throws:
      IllegalArgumentException - if the refresh token is invalid or null
      IllegalStateException - if the old access token has expired

    • id

      public Long id(String token)
      Extracts the user ID from the token.
      Specified by:
      id in interface TokenService
      Parameters:
      token - the JWT token
      Returns:
      the user ID contained in the token

    • setCookie

      public void setCookie(TokensDto tokens, jakarta.servlet.http.HttpServletResponse response)
      Specified by:
      setCookie in interface TokenService