Package org.openhab.core.auth

Class UserSession

java.lang.Object

org.openhab.core.auth.UserSession

@NonNullByDefault
public class UserSession
extends Object

A persistent session for a ManagedUser, which holds a refresh token used by a client to get short-lived access tokens for API requests authorization.

Author:

Yannick Schaus - initial contribution

Constructor Summary

Constructors

Constructor	Description
UserSession(String sessionId, String refreshToken, String clientId, String redirectUri, String scope)	Constructs a new session.

Method Summary

Modifier and Type	Method	Description
String	getClientId()	Gets the ID of the client this session was created for
Date	getCreatedTime()	Gets the creation time of the session.
Date	getLastRefreshTime()	Gets the time when the refresh token was last used to get a new access token.
String	getRedirectUri()	Gets the redirect URI which was used to perform the authorization flow.
String	getRefreshToken()	Gets the refresh token for the session.
String	getScope()	Gets the scope requested when authorizing this session.
String	getSessionId()	Gets the ID of the session.
boolean	hasSessionCookie()	Specifies whether this session is supported by a session cookie, to mitigate the impact of refresh token leakage.
void	setLastRefreshTime(Date lastRefreshTime)	Sets the time when the refresh token was last used to get a new access token.
void	setSessionCookie(boolean sessionCookie)	Sets the session cookie flag for this session.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

UserSession

public UserSession(String sessionId,
 String refreshToken,
 String clientId,
 String redirectUri,
 String scope)

Constructs a new session.

Parameters:

sessionId - a unique ID for the session

refreshToken - the refresh token associated to the session

clientId - the client ID associated to the session

redirectUri - the callback URI provided when the client was authorized by the user

scope - the granted scope provided when the client was authorized by the user

Method Details

getSessionId

public String getSessionId()

Gets the ID of the session.

Returns:

the session ID

getRefreshToken

public String getRefreshToken()

Gets the refresh token for the session.

Returns:

the refresh token

getCreatedTime

public Date getCreatedTime()

Gets the creation time of the session.

Returns:

the creation time

getLastRefreshTime

public Date getLastRefreshTime()

Gets the time when the refresh token was last used to get a new access token.

Returns:

the last refresh time

setLastRefreshTime

public void setLastRefreshTime(Date lastRefreshTime)

Sets the time when the refresh token was last used to get a new access token.

Parameters:

lastRefreshTime - the last refresh time

getScope

public String getScope()

Gets the scope requested when authorizing this session.

Returns:

the session scope

getClientId

public String getClientId()

Gets the ID of the client this session was created for

Returns:

the client ID

getRedirectUri

public String getRedirectUri()

Gets the redirect URI which was used to perform the authorization flow.

Returns:

the redirect URI

hasSessionCookie

public boolean hasSessionCookie()

Specifies whether this session is supported by a session cookie, to mitigate the impact of refresh token leakage.

Returns:

whether or not a cookie has been set

setSessionCookie

public void setSessionCookie(boolean sessionCookie)

Sets the session cookie flag for this session.

Parameters:

sessionCookie - the cookie flag