Class UserSession


@NonNullByDefault public class UserSession extends Object
A persistent session for a ManagedUser, which holds a refresh token used by a client to get short-lived access tokens for API requests authorization.
Yannick Schaus - initial contribution
  • Constructor Details

    • UserSession

      public UserSession(String sessionId, String refreshToken, String clientId, String redirectUri, String scope)
      Constructs a new session.
      sessionId - a unique ID for the session
      refreshToken - the refresh token associated to the session
      clientId - the client ID associated to the session
      redirectUri - the callback URI provided when the client was authorized by the user
      scope - the granted scope provided when the client was authorized by the user
  • Method Details

    • getSessionId

      public String getSessionId()
      Gets the ID of the session.
      the session ID
    • getRefreshToken

      public String getRefreshToken()
      Gets the refresh token for the session.
      the refresh token
    • getCreatedTime

      public Date getCreatedTime()
      Gets the creation time of the session.
      the creation time
    • getLastRefreshTime

      public Date getLastRefreshTime()
      Gets the time when the refresh token was last used to get a new access token.
      the last refresh time
    • setLastRefreshTime

      public void setLastRefreshTime(Date lastRefreshTime)
      Sets the time when the refresh token was last used to get a new access token.
      lastRefreshTime - the last refresh time
    • getScope

      public String getScope()
      Gets the scope requested when authorizing this session.
      the session scope
    • getClientId

      public String getClientId()
      Gets the ID of the client this session was created for
      the client ID
    • getRedirectUri

      public String getRedirectUri()
      Gets the redirect URI which was used to perform the authorization flow.
      the redirect URI
    • hasSessionCookie

      public boolean hasSessionCookie()
      Specifies whether this session is supported by a session cookie, to mitigate the impact of refresh token leakage.
      whether or not a cookie has been set
    • setSessionCookie

      public void setSessionCookie(boolean sessionCookie)
      Sets the session cookie flag for this session.
      sessionCookie - the cookie flag