Token Storage
You can enable token storage in cbsecurity via the tokenStorage setting. By default it is enabled and leverages CacheBox's default cache using a key prefix of cbjwt_ + the token's unique identifier claim of jti.
We recommend that you create a separate provider for the cache.

Why use a storage?

The storage of keys are great in order to visualize in your application all the registered keys in the system. You can also invalidate keys, as by default if the token does not exist in the storage, it is considered invalid.
You can retrieve the token storage by injection or the helper method:
1
property name="tokenStorage" inject="[email protected]";
2
property name="tokenStorage" inject="[email protected]";
3
4
jwtAuth().getTokenStorage()
Copied!

Storage Drivers

We ship with two drivers:
  • cachebox : Leverages any cache registered in CacheBox
  • db : Leverages a database table to store the keys

CacheBox Driver Properties

  • cacheName : The cache to use

DB Driver Properties

  • table : The table to use for storage
  • schema : A schema to use if the database supports it, else empty
  • dns : The datasource to use, defaults to the one set in Application.cfc
  • autoCreate:true : Autocreate the table if not found
  • rotationDays:7 : How many days should the expiration be before removal
  • rotationFrequency:60 : How many minutes should pass before issuing a rotation check
The columns it will create are:
  • id - identifier
  • cacheKey - The unique cacke key, indexed
  • token - The encrypted token
  • expiration - The expiration
  • issued - The issue date
  • subject - The subject identifier

Custom Token Storage

If you would like to create your own token storage, just add your own WireBox ID to the driver, properties and implement the following interface: cbsecurity.interfaces.jwt.IJwtStorage
cbsecurity.interfaces.jwt.IJwtStorage.cfc
1
interface{
2
3
/**
4
* Configure the storage by passing in the properties
5
*
6
* @return JWTStorage
7
*/
8
any function configure( required properties );
9
10
/**
11
* Set a token in the storage
12
*
13
* @key The cache key
14
* @token The token to store
15
* @expiration The token expiration
16
*
17
* @return JWTStorage
18
*/
19
any function set( required key, required token, required expiration );
20
21
/**
22
* Verify if the passed in token key exists
23
*
24
* @key The cache key
25
*/
26
boolean function exists( required key );
27
28
/**
29
* Retrieve the token via the cache key, if the key doesn't exist a TokenNotFoundException will be thrown
30
*
31
* @key The cache key
32
* @defaultValue If not found, return a default value
33
*
34
* @throws TokenNotFoundException
35
*/
36
any function get( required key, defaultValue );
37
38
/**
39
* Invalidate/delete one or more keys from the storage
40
*
41
* @key A cache key or an array of keys to clear
42
*
43
* @return JWTStorage
44
*/
45
any function clear( required any key );
46
47
/**
48
* Clear all the keys in the storage
49
*
50
* @async Run in a separate thread
51
*
52
* @return JWTStorage
53
*/
54
any function clearAll( boolean async=false );
55
56
/**
57
* Retrieve all the jwt keys stored in the storage
58
*/
59
array function keys();
60
61
/**
62
* The size of the storage
63
*/
64
numeric function size();
65
66
}
Copied!