Class HandleTokenFactory

  • public class HandleTokenFactory
    extends java.lang.Object
    Handle (or artifact) a reference to some internal data structure within the authorization server, the internal data structure contains the attributes of the token, such as user id, scope, etc. Handles typically require a communication between resource server and token server in order to validate the token and obtain token- bound data. Handles enable simple revocation and do not require cryptographic mechanisms to protected token content from being modified. As a disadvantage, they require additional resource/ token server communication impacting on performance and scalability. An authorization code is an example of a 'handle' token. An access token may also be implemented as a handle token. A 'handle' token is often referred to as an 'opaque' token because the resource server does not need to be able to interpret the token directly, it simply uses the token.
    Javier Rojas Date: 10.31.2011
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.lang.String generateDeviceSecret()  
      static java.lang.String generateHandleToken()
      When creating token handles, the authorization server MUST include a reasonable level of entropy in order to mitigate the risk of guessing attacks.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • HandleTokenFactory

        public HandleTokenFactory()
    • Method Detail

      • generateHandleToken

        public static java.lang.String generateHandleToken()
        When creating token handles, the authorization server MUST include a reasonable level of entropy in order to mitigate the risk of guessing attacks. The token value MUST be constructed from a cryptographically strong random or pseudo-random number sequence [RFC1750] generated by the Authorization Server. The probability of any two Authorization Code values being identical MUST be less than or equal to 2^(-128) and SHOULD be less than or equal to 2^(-160).
        The generated handle token.
      • generateDeviceSecret

        public static java.lang.String generateDeviceSecret()