Merge pull request #6876 from ORCID/RemoveTokensFromCacheOnRevoke

Remove token from cache when it is revoked

orcid-api-common/src/main/java/org/orcid/api/common/oauth/OrcidClientCredentialEndPointDelegatorImpl.java

@@ -16,7 +16,6 @@
 import org.orcid.core.constants.OrcidOauth2Constants;
 import org.orcid.core.exception.OrcidInvalidScopeException;
 import org.orcid.core.locale.LocaleManager;
-import org.orcid.core.manager.EncryptionManager;
 import org.orcid.core.oauth.OAuthError;
 import org.orcid.core.oauth.OAuthErrorUtils;
 import org.orcid.core.utils.JsonUtils;
@@ -62,10 +61,7 @@ public class OrcidClientCredentialEndPointDelegatorImpl extends AbstractEndpoint
     private ProfileLastModifiedDao profileLastModifiedDao;
 
     @Resource
-    private RedisClient redisClient;
-
-    @Resource
-    private EncryptionManager encryptionManager;
+    private RedisClient redisClient;    
 
     @Value("${org.orcid.core.utils.cache.redis.enabled:true}") 
     private boolean isTokenCacheEnabled;

orcid-core/src/main/java/org/orcid/core/oauth/service/OrcidOauth2TokenDetailServiceImpl.java

@@ -10,12 +10,14 @@
 
 import org.orcid.core.constants.RevokeReason;
 import org.orcid.core.oauth.OrcidOauth2TokenDetailService;
+import org.orcid.core.utils.cache.redis.RedisClient;
 import org.orcid.jaxb.model.message.ScopePathType;
 import org.orcid.persistence.dao.OrcidOauth2TokenDetailDao;
 import org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail;
 import org.orcid.pojo.ajaxForm.PojoUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cache.annotation.Cacheable;
 import org.springframework.security.oauth2.common.util.OAuth2Utils;
 import org.springframework.stereotype.Service;
@@ -34,6 +36,12 @@ public class OrcidOauth2TokenDetailServiceImpl implements OrcidOauth2TokenDetail
 
     @Resource(name="orcidOauth2TokenDetailDaoReadOnly")
     private OrcidOauth2TokenDetailDao orcidOauth2TokenDetailDaoReadOnly;
+
+    @Resource
+    private RedisClient redisClient;
+
+    @Value("${org.orcid.core.utils.cache.redis.enabled:true}") 
+    private boolean isTokenCacheEnabled;
 
     @Override
     public void setOrcidOauth2TokenDetailDao(OrcidOauth2TokenDetailDao orcidOauth2TokenDetailDao) {
@@ -128,6 +136,11 @@ public void disableAccessToken(String accessToken) {
     @Override
     @Transactional
     public void revokeAccessToken(String accessToken) {
+        // Remove the token from the cache
+        if(isTokenCacheEnabled) {
+            redisClient.remove(accessToken);
+        }
+        // Revoke the token
         orcidOauth2TokenDetailDao.revokeAccessToken(accessToken);
     }
 

orcid-core/src/main/java/org/orcid/core/utils/cache/redis/RedisClient.java

@@ -115,7 +115,21 @@ public String get(String key) {
                 LOG.debug("Reading Key: {}" , key);
                 return jedis.get(key);
             }
-        }
+        }        
         return null;
-    }       
+    }
+
+    public boolean remove(String key) {
+        if (enabled && pool != null) {
+            try (Jedis jedis = pool.getResource()) {
+                LOG.debug("Removing Key: {}", key);
+                if (jedis.exists(key)) {
+                    return jedis.del(key) > 0;
+                } else {
+                    return true;
+                }
+            }
+        }
+        return true;
+    }
 }