Extract OAuth2Token from AbstractOAuth2Token

Closes gh-5502

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsOAuth2AuthorizedClientProvider.java

@@ -25,9 +25,9 @@ import org.springframework.security.oauth2.client.endpoint.DefaultClientCredenti
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.core.AbstractOAuth2Token;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
+import org.springframework.security.oauth2.core.OAuth2Token;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
 import org.springframework.util.Assert;
 
@@ -97,7 +97,7 @@ public final class ClientCredentialsOAuth2AuthorizedClientProvider implements OA
 		}
 	}
 
-	private boolean hasTokenExpired(AbstractOAuth2Token token) {
+	private boolean hasTokenExpired(OAuth2Token token) {
 		return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew));
 	}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ClientCredentialsReactiveOAuth2AuthorizedClientProvider.java

@@ -26,9 +26,9 @@ import org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentia
 import org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.WebClientReactiveClientCredentialsTokenResponseClient;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.core.AbstractOAuth2Token;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
+import org.springframework.security.oauth2.core.OAuth2Token;
 import org.springframework.util.Assert;
 
 /**
@@ -89,7 +89,7 @@ public final class ClientCredentialsReactiveOAuth2AuthorizedClientProvider
 						tokenResponse.getAccessToken()));
 	}
 
-	private boolean hasTokenExpired(AbstractOAuth2Token token) {
+	private boolean hasTokenExpired(OAuth2Token token) {
 		return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew));
 	}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordOAuth2AuthorizedClientProvider.java

@@ -25,9 +25,9 @@ import org.springframework.security.oauth2.client.endpoint.DefaultPasswordTokenR
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRequest;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.core.AbstractOAuth2Token;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
+import org.springframework.security.oauth2.core.OAuth2Token;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
@@ -116,7 +116,7 @@ public final class PasswordOAuth2AuthorizedClientProvider implements OAuth2Autho
 		}
 	}
 
-	private boolean hasTokenExpired(AbstractOAuth2Token token) {
+	private boolean hasTokenExpired(OAuth2Token token) {
 		return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew));
 	}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/PasswordReactiveOAuth2AuthorizedClientProvider.java

@@ -26,9 +26,9 @@ import org.springframework.security.oauth2.client.endpoint.OAuth2PasswordGrantRe
 import org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.WebClientReactivePasswordTokenResponseClient;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.core.AbstractOAuth2Token;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
+import org.springframework.security.oauth2.core.OAuth2Token;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
 
@@ -110,7 +110,7 @@ public final class PasswordReactiveOAuth2AuthorizedClientProvider implements Rea
 						tokenResponse.getAccessToken(), tokenResponse.getRefreshToken()));
 	}
 
-	private boolean hasTokenExpired(AbstractOAuth2Token token) {
+	private boolean hasTokenExpired(OAuth2Token token) {
 		return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew));
 	}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenOAuth2AuthorizedClientProvider.java

@@ -28,9 +28,9 @@ import org.springframework.lang.Nullable;
 import org.springframework.security.oauth2.client.endpoint.DefaultRefreshTokenTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGrantRequest;
-import org.springframework.security.oauth2.core.AbstractOAuth2Token;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
+import org.springframework.security.oauth2.core.OAuth2Token;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
 import org.springframework.util.Assert;
 
@@ -106,7 +106,7 @@ public final class RefreshTokenOAuth2AuthorizedClientProvider implements OAuth2A
 		}
 	}
 
-	private boolean hasTokenExpired(AbstractOAuth2Token token) {
+	private boolean hasTokenExpired(OAuth2Token token) {
 		return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew));
 	}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshTokenReactiveOAuth2AuthorizedClientProvider.java

@@ -30,9 +30,9 @@ import org.springframework.security.oauth2.client.endpoint.OAuth2RefreshTokenGra
 import org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.WebClientReactiveRefreshTokenTokenResponseClient;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.core.AbstractOAuth2Token;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
+import org.springframework.security.oauth2.core.OAuth2Token;
 import org.springframework.util.Assert;
 
 /**
@@ -100,7 +100,7 @@ public final class RefreshTokenReactiveOAuth2AuthorizedClientProvider
 						tokenResponse.getAccessToken(), tokenResponse.getRefreshToken()));
 	}
 
-	private boolean hasTokenExpired(AbstractOAuth2Token token) {
+	private boolean hasTokenExpired(OAuth2Token token) {
 		return this.clock.instant().isAfter(token.getExpiresAt().minus(this.clockSkew));
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -28,9 +28,11 @@ import org.springframework.util.Assert;
  *
  * @author Joe Grandja
  * @since 5.0
+ * @see OAuth2Token
  * @see OAuth2AccessToken
+ * @see OAuth2RefreshToken
  */
-public abstract class AbstractOAuth2Token implements Serializable {
+public abstract class AbstractOAuth2Token implements OAuth2Token, Serializable {
 
 	private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
 
@@ -51,9 +53,9 @@ public abstract class AbstractOAuth2Token implements Serializable {
 	/**
 	 * Sub-class constructor.
 	 * @param tokenValue the token value
-	 * @param issuedAt the time at which the token was issued, may be null
+	 * @param issuedAt the time at which the token was issued, may be {@code null}
 	 * @param expiresAt the expiration time on or after which the token MUST NOT be
-	 * accepted, may be null
+	 * accepted, may be {@code null}
 	 */
 	protected AbstractOAuth2Token(String tokenValue, @Nullable Instant issuedAt, @Nullable Instant expiresAt) {
 		Assert.hasText(tokenValue, "tokenValue cannot be empty");
@@ -75,17 +77,19 @@ public abstract class AbstractOAuth2Token implements Serializable {
 
 	/**
 	 * Returns the time at which the token was issued.
-	 * @return the time the token was issued or null
+	 * @return the time the token was issued or {@code null}
 	 */
-	public @Nullable Instant getIssuedAt() {
+	@Nullable
+	public Instant getIssuedAt() {
 		return this.issuedAt;
 	}
 
 	/**
 	 * Returns the expiration time on or after which the token MUST NOT be accepted.
-	 * @return the expiration time of the token or null
+	 * @return the token expiration time or {@code null}
 	 */
-	public @Nullable Instant getExpiresAt() {
+	@Nullable
+	public Instant getExpiresAt() {
 		return this.expiresAt;
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Token.java

@@ -0,0 +1,56 @@
+/*
+ * Copyright 2002-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.oauth2.core;
+
+import java.time.Instant;
+
+import org.springframework.lang.Nullable;
+
+/**
+ * Core interface representing an OAuth 2.0 Token.
+ *
+ * @author Joe Grandja
+ * @since 5.5
+ * @see AbstractOAuth2Token
+ */
+public interface OAuth2Token {
+
+	/**
+	 * Returns the token value.
+	 * @return the token value
+	 */
+	String getTokenValue();
+
+	/**
+	 * Returns the time at which the token was issued.
+	 * @return the time the token was issued or {@code null}
+	 */
+	@Nullable
+	default Instant getIssuedAt() {
+		return null;
+	}
+
+	/**
+	 * Returns the expiration time on or after which the token MUST NOT be accepted.
+	 * @return the token expiration time or {@code null}
+	 */
+	@Nullable
+	default Instant getExpiresAt() {
+		return null;
+	}
+
+}