Announcement Announcement Module
Collapse
No announcement yet.
Revoked/expired access token in oauth1 Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Revoked/expired access token in oauth1

    Hi.

    I have made an integration with Google Mail IMAP, and everything works as a charm until i revoke the access token from Google. I can't seem to find a way to make the application work again after that (except from clearing the token database and restarting the application).

    As I am using IMAP, I have a javax.mail.AuthenticationFailedException propagating up the filter.

    Does anyone have any idea if there exists a means to clear an access token from the OAuth context?

    I have tried removing it from the database in my implementation of OAuthConsumerTokenServices combined with clearing it from the HttpSessionOAuthRememberMeServices in a not protected request, but I cant get it to work.

    Anyone?

  • #2
    Ok, I found a solution.

    For those that run into the same issue, I implemented my own failure handler which I injected using <oauth:consumer failure-handler-ref="oAuthFailureHandler" ... />.

    When I received the AuthenticationFailedException from IMAP, I wrapped it in a OAuthRequestFailedException.

    In the failure handler i did the following:


    Code:
    public class OAuthFailureHandler implements AccessDeniedHandler {
        private static final Logger LOGGER = LoggerFactory.getLogger(OAuthFailureHandler.class);
    
        @Autowired
        private OAuthConsumerTokenServices tokenServices;
    
        @Override
        public void handle(final HttpServletRequest request, final HttpServletResponse response, final AccessDeniedException e) throws IOException, ServletException {
            final OAuthSecurityContext context = OAuthSecurityContextHolder.getContext();
    
            final Map<String, OAuthConsumerToken> accessTokens = context.getAccessTokens();
    
            if (e.getCause() instanceof javax.mail.AuthenticationFailedException) {
                LOGGER.info("Removing access tokens for google mail");
                accessTokens.remove("googleMail");
                tokenServices.removeToken("googleMail");
            }
        }
    }

    It works, but if anyone has a better idea, please post it here

    Comment

    Working...
    X