<html><head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head><body bgcolor="#FFFFFF" text="#000000">Hi Dominik,<br>
<br>
It was more of a theoretical solution rather than a branch on GitHub. We
have implemented our own OAuth2TokenRepository and this seems to be one
level higher up the code calling stack<br>
<br>
<span>Dominik Schmich wrote:</span><br>
<blockquote
cite="mid:BC07D7EA39C6184BA034EA776CB2C46D013767C6@UCDEDC1PWXMR007.de.db.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"Arial Unicode MS";
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@Arial Unicode MS";
panose-1:2 11 6 4 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p><span style="font-size:10.0pt;font-family:"Arial Unicode
MS",sans-serif;color:black">Classification:
<b>For internal use only</b></span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">Hi
Chris,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">can you point me to „your proposed solution“? I didn’t
find it
</span><span
style="font-size:11.0pt;font-family:Wingdings;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US">J</span><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"
lang="EN-US"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt;text-autospace:none"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif">Beste
Grüße / Kind regards,<br>
Dominik Schmich</span><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p></o:p></span></p>
</div>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm
0cm 0cm">
<p class="MsoNormal"><a moz-do-not-send="true"
name="_____replyseparator"></a><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"
lang="EN-US">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"
lang="EN-US">
Chris Hutton [<a class="moz-txt-link-freetext" href="mailto:chris.hutton@callsign.com">mailto:chris.hutton@callsign.com</a>] <br>
<b>Sent:</b> Dienstag, 13. Dezember 2016 12:04<br>
<b>To:</b> Dominik Schmich <a class="moz-txt-link-rfc2396E" href="mailto:dominik.schmich@db.com"><dominik.schmich@db.com></a><br>
<b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:jricher@mit.edu">jricher@mit.edu</a>; <a class="moz-txt-link-abbreviated" href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a><br>
<b>Subject:</b> Re: [mitreid-connect] Storage of Tokens in DB [I]<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt">It seems that you
could can pass a JTI or hashed value into the
DefaultOAuth2ProviderTokenService (OAuth2TokenEntityService) before it
calls the JpaOAuth2TokenRepository (OAuth2TokenRepository).
<br>
<br>
There are a couple of methods to watch out for:<br>
- OAuth2TokenRepository#getAccessTokenByValue<br>
- OAuth2TokenRepository#getRefreshTokenByValue<br>
With both these methods in my proposed solution, the parameter would
become the hashed value or JTI.<br>
<br>
There are a number of methods in the /tokens api that expose the token
object for example TokenAPI#getAccessTokenById using
m.put(JsonEntityView.ENTITY, token); however I don't think external API
clients use the token value.<o:p></o:p></p>
<div>
<p class="MsoNormal">-- <br>
Chris Hutton <o:p></o:p></p>
<div>
<p class="MsoNormal">Head of Development<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Callsign Inc.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">[C] <a moz-do-not-send="true"
href="https://get.callsign.com/chris">chris</a><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><br>
<br>
--------------------------------------------------------------- This
message<br>
was pgp signed but couldn't be verified successfully. Typically this is
caused<br>
because Deutsche Bank hasn't yet trusted the PGP key of the sender.<o:p></o:p></p>
</div>
<br>
<font color="Black" face="Arial" size="3"><br>
---<br>
Die Europäische Kommission hat unter <a class="moz-txt-link-freetext" href="http://ec.europa.eu/consumers/odr/">http://ec.europa.eu/consumers/odr/</a>
eine Europäische Online-Streitbeilegungsplattform (OS-Plattform)
errichtet. Die OS-Plattform kann ein Verbraucher für die
außergerichtliche Beilegung einer Streitigkeit aus Online-Verträgen
mit einem in der EU niedergelassenen Unternehmen nutzen.<br>
<br>
Informationen (einschließlich Pflichtangaben) zu einzelnen, innerhalb
der EU tätigen Gesellschaften und Zweigniederlassungen des Konzerns
Deutsche Bank finden Sie unter
<a class="moz-txt-link-freetext" href="https://www.deutsche-bank.de/Pflichtangaben">https://www.deutsche-bank.de/Pflichtangaben</a>. Diese E-Mail enthält
vertrauliche und/ oder
rechtlich geschützte Informationen. Wenn Sie nicht der richtige
Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren
Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das
unerlaubte Kopieren sowie die unbefugte Weitergabe dieser
E-Mail ist nicht gestattet.<br>
<br>
The European Commission has established a European online dispute
resolution platform (OS platform) under
<a class="moz-txt-link-freetext" href="http://ec.europa.eu/consumers/odr/">http://ec.europa.eu/consumers/odr/</a>. The OS platform can be used by a
consumer for the extra-judicial settlement of a dispute of online
contracts with a
provider established in the EU companies.<br>
<br>
Please refer to <a class="moz-txt-link-freetext" href="https://www.db.com/disclosures">https://www.db.com/disclosures</a> for information
(including mandatory corporate particulars) on selected Deutsche Bank
branches and group companies registered or incorporated in the European
Union. This e-mail may contain confidential and/or privileged
information. If you are not the intended recipient (or have received
this e-mail in error) please notify the sender immediately and delete
this e-mail. Any unauthorized copying, disclosure or distribution of the
material in this e-mail is strictly forbidden.<br>
</font></blockquote>
<br>
<div class="moz-signature">-- <br>Chris Hutton
<div>Head of Development</div>
<div>Callsign Inc.</div>
<div>[C] <a href="https://get.callsign.com/chris">chris</a><br>
</div>
</div>
</body></html>