ApiToken.java

  1. /*
  2.  * Copyright 2023 Global Crop Diversity Trust
  3.  *
  4.  * Licensed under the Apache License, Version 2.0 (the "License");
  5.  * you may not use this file except in compliance with the License.
  6.  * You may obtain a copy of the License at
  7.  *
  8.  *   http://www.apache.org/licenses/LICENSE-2.0
  9.  *
  10.  * Unless required by applicable law or agreed to in writing, software
  11.  * distributed under the License is distributed on an "AS IS" BASIS,
  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13.  * See the License for the specific language governing permissions and
  14.  * limitations under the License.
  15.  */
  16. package org.genesys.blocks.tokenauth.model;

  18. import java.time.Instant;

  20. import javax.persistence.Column;
  21. import javax.persistence.Entity;
  22. import javax.persistence.FetchType;
  23. import javax.persistence.Index;
  24. import javax.persistence.JoinColumn;
  25. import javax.persistence.ManyToOne;
  26. import javax.persistence.Table;

  28. import com.fasterxml.jackson.annotation.JsonView;
  29. import org.genesys.blocks.annotations.NotCopyable;
  30. import org.genesys.blocks.model.AuditedVersionedModel;
  31. import org.genesys.blocks.model.Copyable;
  32. import org.genesys.blocks.model.JsonViews;
  33. import org.genesys.blocks.security.model.AclSid;

  35. import lombok.Getter;
  36. import lombok.Setter;

  38. /**
  39.  * {@code ApiToken} supports token-based authentication. Each token is unique in the system and
  40.  * links to one and only one {@link AclSid}.
  41.  */
  42. @Entity
  43. @Table(name = "api_token", indexes = {
  44.     @Index(name = "apitoken_token", columnList = "token", unique = true), // Unique index on token
  45.     @Index(name = "apitoken_sid", columnList = "sid"), // Index on sid
  46.     @Index(name = "apitoken_expires", columnList = "expires DESC"), // Index on expires
  47.     @Index(name = "apitoken_sid_label", columnList = "sid, label", unique = true), // Index on sid and label
  48. })
  49. @Getter
  50. @Setter
  51. public class ApiToken extends AuditedVersionedModel implements Copyable<ApiToken> {

  53.     /** The token */
  54.     @Column(length = 128, unique = true, nullable = false, updatable = false)
  55.     @JsonView({ JsonViews.Internal.class })
  56.     @NotCopyable
  57.     private String token;

  59.     /** Token label helps users identify the purpose of the token */
  60.     @Column(length = 64)
  61.     private String label;

  63.     /** Token expiration date */
  64.     @Column(nullable = true, updatable = true)
  65.     private Instant expires;

  67.     /** Token owner */
  68.     @ManyToOne(fetch = FetchType.EAGER, cascade = {})
  69.     @JoinColumn(name = "sid", updatable = false, nullable = false)
  70.     @NotCopyable
  71.     private AclSid sid;

  73.     @Override
  74.     public boolean canEqual(Object other) {
  75.         return other instanceof ApiToken;
  76.     }

  78.     /**
  79.      * Check if token <b>is not</b> expired.
  80.      * API Token is non-expired when {@code expires} is null or is in the future.
  81.      * Token is expired if {@code expires} if non-null and it is in the past.
  82.      *
  83.      * @return {@code true} if expired.
  84.      */
  85.     public boolean isCredentialsNonExpired() {
  86.         return expires == null || Instant.now().isBefore(expires);
  87.     }
  88. }
Created with JaCoCo 0.8.12.202403310830