7 年之前 · 9b670882b7
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/token/SecurityTokenRepository.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/token/SecurityTokenRepository.java
@@ -16,18 +16,18 @@
 
				 package org.springframework.security.oauth2.client.token;
			
 
				 
			
 
				 import org.springframework.security.oauth2.client.registration.ClientRegistration;
			
 
				-import org.springframework.security.oauth2.core.SecurityToken;
			
 
				+import org.springframework.security.oauth2.core.AbstractOAuth2Token;
			
 
				 
			
 
				 /**
			
 
				  * Implementations of this interface are responsible for the persistence
			
 
				- * and association of a {@link SecurityToken} to a {@link ClientRegistration Client}.
			
 
				+ * and association of an {@link AbstractOAuth2Token} to a {@link ClientRegistration Client}.
			
 
				  *
			
 
				  * @author Joe Grandja
			
 
				  * @since 5.0
			
 
				- * @see SecurityToken
			
 
				+ * @see AbstractOAuth2Token
			
 
				  * @see ClientRegistration
			
 
				  */
			
 
				-public interface SecurityTokenRepository<T extends SecurityToken> {
			
 
				+public interface SecurityTokenRepository<T extends AbstractOAuth2Token> {
			
 
				 
			
 
				 	T loadSecurityToken(ClientRegistration registration);
			
 
				 
			
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java
@@ -22,18 +22,18 @@ import java.io.Serializable;
 
				 import java.time.Instant;
			
 
				 
			
 
				 /**
			
 
				- * Base class for <i>Security Token</i> implementations.
			
 
				+ * Base class for <i>OAuth 2.0 Token</i> implementations.
			
 
				  *
			
 
				  * @author Joe Grandja
			
 
				  * @since 5.0
			
 
				  */
			
 
				-public abstract class SecurityToken implements Serializable {
			
 
				+public abstract class AbstractOAuth2Token implements Serializable {
			
 
				 	private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
			
 
				 	private final String tokenValue;
			
 
				 	private final Instant issuedAt;
			
 
				 	private final Instant expiresAt;
			
 
				 
			
 
				-	protected SecurityToken(String tokenValue, Instant issuedAt, Instant expiresAt) {
			
 
				+	protected AbstractOAuth2Token(String tokenValue, Instant issuedAt, Instant expiresAt) {
			
 
				 		Assert.hasText(tokenValue, "tokenValue cannot be empty");
			
 
				 		Assert.notNull(issuedAt, "issuedAt cannot be null");
			
 
				 		Assert.notNull(expiresAt, "expiresAt cannot be null");
			
@@ -63,7 +63,7 @@ public abstract class SecurityToken implements Serializable {
 
				 			return false;
			
 
				 		}
			
 
				 
			
 
				-		SecurityToken that = (SecurityToken) obj;
			
 
				+		AbstractOAuth2Token that = (AbstractOAuth2Token) obj;
			
 
				 
			
 
				 		if (!this.getTokenValue().equals(that.getTokenValue())) {
			
 
				 			return false;
			
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AccessToken.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AccessToken.java
@@ -22,7 +22,7 @@ import java.util.Collections;
 
				 import java.util.Set;
			
 
				 
			
 
				 /**
			
 
				- * An implementation of a {@link SecurityToken} representing an <i>OAuth 2.0 Access Token</i>.
			
 
				+ * An implementation of an {@link AbstractOAuth2Token} representing an <i>OAuth 2.0 Access Token</i>.
			
 
				  *
			
 
				  * <p>
			
 
				  * An access token is a credential that represents an authorization
			
@@ -34,7 +34,7 @@ import java.util.Set;
 
				  * @since 5.0
			
 
				  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.4">Section 1.4 Access Token</a>
			
 
				  */
			
 
				-public class AccessToken extends SecurityToken {
			
 
				+public class AccessToken extends AbstractOAuth2Token {
			
 
				 	private final TokenType tokenType;
			
 
				 	private final Set<String> scopes;
			
 
				 
			
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/oidc/core/IdToken.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/oidc/core/IdToken.java
@@ -15,7 +15,7 @@
 
				  */
			
 
				 package org.springframework.security.oauth2.oidc.core;
			
 
				 
			
 
				-import org.springframework.security.oauth2.core.SecurityToken;
			
 
				+import org.springframework.security.oauth2.core.AbstractOAuth2Token;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 import java.time.Instant;
			
@@ -24,7 +24,7 @@ import java.util.LinkedHashMap;
 
				 import java.util.Map;
			
 
				 
			
 
				 /**
			
 
				- * An implementation of a {@link SecurityToken} representing an <i>OpenID Connect Core 1.0 ID Token</i>.
			
 
				+ * An implementation of an {@link AbstractOAuth2Token} representing an <i>OpenID Connect Core 1.0 ID Token</i>.
			
 
				  *
			
 
				  * <p>
			
 
				  * The <code>IdToken</code> is a security token that contains &quot;Claims&quot;
			
@@ -32,13 +32,13 @@ import java.util.Map;
 
				  *
			
 
				  * @author Joe Grandja
			
 
				  * @since 5.0
			
 
				- * @see SecurityToken
			
 
				+ * @see AbstractOAuth2Token
			
 
				  * @see IdTokenClaimAccessor
			
 
				  * @see StandardClaimAccessor
			
 
				  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#IDToken">ID Token</a>
			
 
				  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims">Standard Claims</a>
			
 
				  */
			
 
				-public class IdToken extends SecurityToken implements IdTokenClaimAccessor {
			
 
				+public class IdToken extends AbstractOAuth2Token implements IdTokenClaimAccessor {
			
 
				 	private final Map<String, Object> claims;
			
 
				 
			
 
				 	public IdToken(String tokenValue, Instant issuedAt, Instant expiresAt, Map<String, Object> claims) {
			
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/Jwt.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/Jwt.java
@@ -15,7 +15,7 @@
 
				  */
			
 
				 package org.springframework.security.oauth2.jwt;
			
 
				 
			
 
				-import org.springframework.security.oauth2.core.SecurityToken;
			
 
				+import org.springframework.security.oauth2.core.AbstractOAuth2Token;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 import java.time.Instant;
			
@@ -24,7 +24,7 @@ import java.util.LinkedHashMap;
 
				 import java.util.Map;
			
 
				 
			
 
				 /**
			
 
				- * An implementation of a {@link SecurityToken} representing a <i>JSON Web Token (JWT)</i>.
			
 
				+ * An implementation of an {@link AbstractOAuth2Token} representing a <i>JSON Web Token (JWT)</i>.
			
 
				  *
			
 
				  * <p>
			
 
				  * JWTs represent a set of &quot;Claims&quot; as a JSON object that may be encoded in a
			
@@ -34,13 +34,13 @@ import java.util.Map;
 
				  *
			
 
				  * @author Joe Grandja
			
 
				  * @since 5.0
			
 
				- * @see SecurityToken
			
 
				+ * @see AbstractOAuth2Token
			
 
				  * @see JwtClaimAccessor
			
 
				  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc7519">JSON Web Token (JWT)</a>
			
 
				  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc7515">JSON Web Signature (JWS)</a>
			
 
				  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc7516">JSON Web Encryption (JWE)</a>
			
 
				  */
			
 
				-public class Jwt extends SecurityToken implements JwtClaimAccessor {
			
 
				+public class Jwt extends AbstractOAuth2Token implements JwtClaimAccessor {
			
 
				 	private final Map<String, Object> headers;
			
 
				 	private final Map<String, Object> claims;
			
 
				 
			
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderJwkSupport.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderJwkSupport.java
@@ -97,7 +97,7 @@ public class NimbusJwtDecoderJwkSupport implements JwtDecoder {
 
				 			if (jwtClaimsSet.getIssueTime() != null) {
			
 
				 				issuedAt = jwtClaimsSet.getIssueTime().toInstant();
			
 
				 			} else {
			
 
				-				// issuedAt is required in SecurityToken so let's default to expiresAt - 1 second
			
 
				+				// issuedAt is required in AbstractOAuth2Token so let's default to expiresAt - 1 second
			
 
				 				issuedAt = Instant.from(expiresAt).minusSeconds(1);
			
 
				 			}