OidcSessionTokenCache (stSoftware API)

java.lang.Object
- com.aspc.cms.rest.plugin.oidc.OidcSessionTokenCache

```
public final class OidcSessionTokenCache
extends java.lang.Object
```
Thread-safe, short-lived cache for temporarily storing access and ID tokens after an OIDC authorisation code exchange.
After the callback exchanges the authorisation code for tokens, the access and ID tokens are cached here under a random session key. The frontend then retrieves them via the /oidc/tokens endpoint using the session key from a cookie. Each entry is one-time-use and expires after a configurable time-to-live.

Author:

Claude

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class OidcSessionTokenCache.CachedTokens
Immutable container for cached access and ID tokens with an expiry time.

Nested Classes
Modifier and Type	Class and Description
`static class`	`OidcSessionTokenCache.CachedTokens` Immutable container for cached access and ID tokens with an expiry time.

Field Summary

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`COOKIE_PATH` The cookie path, scoped to OIDC endpoints.
`static java.lang.String`	`COOKIE_SESSION_TOKEN` The cookie name used to store the session token key.
`static int`	`DEFAULT_TTL_SECONDS` Default time-to-live for cached tokens: 60 seconds.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`clear()` Clears all entries from the cache.
`static OidcSessionTokenCache`	`getInstance()` Returns the singleton instance.
`OidcSessionTokenCache.CachedTokens`	`retrieve(java.lang.String sessionKey)` Retrieves and removes the cached tokens for the given session key.
`int`	`size()` Returns the current number of entries in the cache (including expired).
`java.lang.String`	`store(java.lang.String accessToken, java.lang.String idToken)` Stores the access and ID tokens under a new random session key with the default TTL.
`java.lang.String`	`store(java.lang.String accessToken, java.lang.String idToken, int ttlSeconds)` Stores the access and ID tokens under a new random session key with a custom TTL.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - DEFAULT_TTL_SECONDS
```
public static final int DEFAULT_TTL_SECONDS
```
    Default time-to-live for cached tokens: 60 seconds.
    
    See Also:
    
    Constant Field Values
  - COOKIE_SESSION_TOKEN
```
public static final java.lang.String COOKIE_SESSION_TOKEN
```
    The cookie name used to store the session token key.
    
    See Also:
    
    Constant Field Values
  - COOKIE_PATH
```
public static final java.lang.String COOKIE_PATH
```
    The cookie path, scoped to OIDC endpoints.
    
    See Also:
    
    Constant Field Values
- Method Detail
  - getInstance
```
@CheckReturnValue
 @Nonnull
public static OidcSessionTokenCache getInstance()
```
    Returns the singleton instance.
    
    Returns:
    
    the cache instance
  - store
```
@CheckReturnValue
 @Nonnull
public java.lang.String store(@Nonnull
                                                          java.lang.String accessToken,
                                                          @Nonnull
                                                          java.lang.String idToken)
```
    Stores the access and ID tokens under a new random session key with the default TTL.
    Expired entries are purged on each call to keep the cache clean.
    
    Parameters:
    
    accessToken - the access token from Cognito
    
    idToken - the ID token from Cognito
    
    Returns:
    
    the session key (UUID) to retrieve the tokens
  - store
```
@CheckReturnValue
 @Nonnull
public java.lang.String store(@Nonnull
                                                          java.lang.String accessToken,
                                                          @Nonnull
                                                          java.lang.String idToken,
                                                          int ttlSeconds)
```
    Stores the access and ID tokens under a new random session key with a custom TTL.
    Expired entries are purged on each call to keep the cache clean.
    
    Parameters:
    
    accessToken - the access token from Cognito
    
    idToken - the ID token from Cognito
    
    ttlSeconds - the time-to-live in seconds (use 0 or negative for immediate expiry)
    
    Returns:
    
    the session key (UUID) to retrieve the tokens
  - retrieve
```
@CheckReturnValue
 @Nullable
public OidcSessionTokenCache.CachedTokens retrieve(@Nonnull
                                                                                java.lang.String sessionKey)
```
    Retrieves and removes the cached tokens for the given session key.
    This is a one-time-use operation — the tokens are removed from the cache after retrieval. Returns null if the key is not found or the entry has expired.
    
    Parameters:
    
    sessionKey - the session key from the cookie
    
    Returns:
    
    the cached tokens, or null if not found or expired
  - size
```
@CheckReturnValue
public int size()
```
    Returns the current number of entries in the cache (including expired).
    
    Returns:
    
    the cache size
  - clear
```
public void clear()
```
    Clears all entries from the cache. Intended for testing only.

Class OidcSessionTokenCache

Nested Class Summary

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_TTL_SECONDS

COOKIE_SESSION_TOKEN

COOKIE_PATH

Method Detail

getInstance

store

store

retrieve

size

clear