Class RevocationCache
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent
-
- net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent
-
- net.shibboleth.idp.plugin.oidc.op.storage.RevocationCache
-
- All Implemented Interfaces:
Component,DestructableComponent,IdentifiableComponent,IdentifiedComponent,InitializableComponent
@ThreadSafeAfterInit public class RevocationCache extends AbstractIdentifiableInitializableComponent
Stores and checks for revocation entries.This class is thread-safe and uses a synchronized method to prevent race conditions within the underlying store (lacking an atomic "check and insert" operation).
-
-
Constructor Summary
Constructors Constructor Description RevocationCache()Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voiddoInitialize()StorageServicegetStorage()Get the backing store for the cache.booleanisRevoked(String context, String s)Returns false if the value has successfully been confirmed as not revoked.booleanisStrict()Get the strictness flag.booleanrevoke(String context, String s)Returns true if the value is successfully revoked.voidsetEntryExpiration(Duration entryExpiration)Set the revocation entry expiration.voidsetStorage(StorageService storageService)Set the backing store for the cache.voidsetStrict(boolean flag)Set the strictness flag.-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent
setId
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent
getId
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.IdentifiedComponent
getId
-
-
-
-
Field Detail
-
log
private final org.slf4j.Logger log
Logger.
-
storage
private StorageService storage
Backing storage for the replay cache.
-
strict
private boolean strict
Flag controlling behavior on storage failure.
-
-
Method Detail
-
setEntryExpiration
public void setEntryExpiration(@Positive Duration entryExpiration)
Set the revocation entry expiration.- Parameters:
entryExpiration- lifetime of an revocation entry in milliseconds
-
getStorage
@NonnullAfterInit public StorageService getStorage()
Get the backing store for the cache.- Returns:
- the backing store.
-
setStorage
public void setStorage(@Nonnull StorageService storageService)Set the backing store for the cache.- Parameters:
storageService- backing store to use
-
isStrict
public boolean isStrict()
Get the strictness flag.- Returns:
- true iff we should treat storage failures as a replay
-
setStrict
public void setStrict(boolean flag)
Set the strictness flag.- Parameters:
flag- true iff we should treat storage failures as a replay
-
doInitialize
public void doInitialize() throws ComponentInitializationException- Overrides:
doInitializein classAbstractIdentifiedInitializableComponent- Throws:
ComponentInitializationException
-
revoke
public boolean revoke(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String s)
Returns true if the value is successfully revoked. If value has already been revoked, expiration is updated.- Parameters:
context- a context label to subdivide the caches- value to revoke- Returns:
- true if value has successfully been listed as revoked in the cache.
-
isRevoked
public boolean isRevoked(@Nonnull @NotEmpty String context, @Nonnull @NotEmpty String s)
Returns false if the value has successfully been confirmed as not revoked.- Parameters:
context- a context label to subdivide the caches- value to revoke- Returns:
- false if the check value is not found in the cache
-
-